Vulnerabilities (CVE)

Filtered by vendor Obdasystems Subscribe
Filtered by product Mastro
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-40510 1 Obdasystems 1 Mastro 2024-02-28 5.0 MEDIUM 7.5 HIGH
XML eXternal Entity (XXE) in OBDA systems’ Mastro 1.0 allows remote attackers to read system files via custom DTDs.
CVE-2021-40511 1 Obdasystems 1 Mastro 2024-02-28 5.0 MEDIUM 7.5 HIGH
OBDA systems’ Mastro 1.0 is vulnerable to XML Entity Expansion (aka “billion laughs”) attack allowing denial of service.