GHSA-c8m9-mh38-97p9 – org.jpmml:pmml-model

Package

Manager: maven
Name: org.jpmml:pmml-model
Vulnerable Version: <0

Severity

Level: High

CVSS v3.1: N/A

CVSS v4.0: N/A

EPSS: N/A pctlN/A

Details

XML external entity (XXE) vulnerability An XML eXternal Entity (XXE) Injection was discovered in pmml-model before version 1.4.3. A remote attacker can exploit this vulnerability by sending a request to submit malicious External Entity references within the embedded XML metadata to the target system.

Metadata

Created: 2021-02-24T19:40:41Z
Modified: 2021-02-24T19:40:41Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/02/GHSA-c8m9-mh38-97p9/GHSA-c8m9-mh38-97p9.json
CWE IDs: []
Alternative ID: N/A
Finding: N/A
Auto approve: 0