Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
XXE vulnerability in Eclipse JGit
Vulnerability Description
In Eclipse JGit versions 7.2.0.202503040940-r and older, the ManifestParser class used by the repo command and the AmazonS3 class used to implement the experimental amazons3 git transport protocol allowing to store git pack files in an Amazon S3 bucket, are vulnerable to XML External Entity (XXE) attacks when parsing XML files. This vulnerability can lead to information disclosure, denial of service, and other security issues.
CVSS Information
N/A
Vulnerability Type
XML外部实体引用的不恰当限制(XXE)
Vulnerability Title
Eclipse JGit 安全漏洞
Vulnerability Description
Eclipse JGit是Eclipse基金会的一个开源的 Java 实现,用于处理 Git 版本控制系统。 Eclipse JGit 7.2.0.202503040940-r及之前版本存在安全漏洞,该漏洞源于解析XML文件时存在XML外部实体攻击,可能导致信息泄露或拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A