The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include possibilities for XML Entity Expansion attacks. Affects XMLBeans up to and including v2.6.0.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: apache
Published:
Updated: 2025-02-13T16:27:47.031Z
Reserved: 2021-01-12T00:00:00.000Z
Link: CVE-2021-23926

No data.

Status : Modified
Published: 2021-01-14T15:15:13.337
Modified: 2024-11-21T05:52:03.560
Link: CVE-2021-23926


No data.