XBRL data create application version 7.0 and earlier improperly restricts XML external entity references (XXE). By processing a specially crafted XBRL file, arbitrary files on the system may be read by an attacker.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: jpcert
Published: 2023-07-19T05:54:29.352Z
Updated: 2024-08-02T15:25:35.706Z
Reserved: 2023-05-11T04:09:45.906Z
Link: CVE-2023-32635
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-07-19T06:15:12.787
Modified: 2023-07-28T13:52:39.963
Link: CVE-2023-32635
Redhat
No data.