漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
XXE vulnerability in Eclipse JGit
Vulnerability Description
In Eclipse JGit versions 7.2.0.202503040940-r and older, the ManifestParser class used by the repo command and the AmazonS3 class used to implement the experimental amazons3 git transport protocol allowing to store git pack files in an Amazon S3 bucket, are vulnerable to XML External Entity (XXE) attacks when parsing XML files. This vulnerability can lead to information disclosure, denial of service, and other security issues.
CVSS Information
N/A
Vulnerability Type
XML外部实体引用的不恰当限制(XXE)
Vulnerability Title
Eclipse JGit 安全漏洞
Vulnerability Description
Eclipse JGit是Eclipse基金会的一个开源的 Java 实现,用于处理 Git 版本控制系统。 Eclipse JGit 7.2.0.202503040940-r及之前版本存在安全漏洞,该漏洞源于解析XML文件时存在XML外部实体攻击,可能导致信息泄露或拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A