CVE-2014-1868

Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when using XMLRepresentation or XML serializers, allows attackers to cause a…

mitre·NVD-CWE-Other·Published 2014-10-06

CVSS

—

EPSS

0.01

KEV

Exploits

cve.orgen

199 chars

Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when using XMLRepresentation or XML serializers, allows attackers to cause a denial of service via an XML Entity Expansion (XEE) attack.

NVDen

199 chars

Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when using XMLRepresentation or XML serializers, allows attackers to cause a denial of service via an XML Entity Expansion (XEE) attack.

OSV.deven

199 chars

Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when using XMLRepresentation or XML serializers, allows attackers to cause a denial of service via an XML Entity Expansion (XEE) attack.

GHSAen

199 chars

Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when using XMLRepresentation or XML serializers, allows attackers to cause a denial of service via an XML Entity Expansion (XEE) attack.

NVDes

244 chars

Restlet Framework 2.1.x anterior a 2.1.7 y 2.x.x anterior a 2.2 RC1, cuando utiliza los serializadores XMLRepresentation o XML, permite a atacantes causar una denegación de servicio a través de un ataque de la expansión de la entidad XML (XEE).

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P