Description
The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.
CVE vulnerabilities with CWE-611 (1,522)
10.0
CVSS
CRITICAL
CVE-2022-22486
pub. 2023-02-03
10.0
CVSS
CRITICAL
CVE-2019-14678
pub. 2019-11-14
10.0
CVSS
CRITICAL
CVE-2015-9280
pub. 2019-01-16
10.0
CVSS
CRITICAL
CVE-2018-1000820
pub. 2018-12-20
10.0
CVSS
CRITICAL
CVE-2018-1000821
pub. 2018-12-20
10.0
CVSS
CRITICAL
CVE-2018-1000822
pub. 2018-12-20
10.0
CVSS
CRITICAL
CVE-2018-1000823
pub. 2018-12-20
10.0
CVSS
CRITICAL
CVE-2018-1000825
pub. 2018-12-20
10.0
CVSS
CRITICAL
CVE-2018-1000830
pub. 2018-12-20
10.0
CVSS
CRITICAL
CVE-2018-1000831
pub. 2018-12-20
10.0
CVSS
CRITICAL
CVE-2018-1000835
pub. 2018-12-20
10.0
CVSS
CRITICAL
CVE-2018-1000837
pub. 2018-12-20
10.0
CVSS
CRITICAL
CVE-2018-1000838
pub. 2018-12-20
10.0
CVSS
CRITICAL
CVE-2018-1000644
pub. 2018-08-20
10.0
CVSS
CRITICAL
CVE-2018-1000651
pub. 2018-08-20
10.0
CVSS
CRITICAL
CVE-2018-1000652
pub. 2018-08-20
10.0
CVSS
CRITICAL
CVE-2018-1000124
pub. 2018-03-13
10.0
CVSS
CRITICAL
CVE-2017-7664
pub. 2017-07-17
10.0
CVSS
CRITICAL
CVE-2017-8110
pub. 2017-04-25
9.9
CVSS
CRITICAL
CVE-2025-30220
pub. 2025-06-10
Showing 20 of 1,522 vulnerabilities