Vulnerabilities (CVE)

Filtered by vendor Apache Subscribe
Filtered by product Xmlbeans
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-23926 4 Apache, Debian, Netapp and 1 more 7 Xmlbeans, Debian Linux, Oncommand Unified Manager Core Package and 4 more 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include possibilities for XML Entity Expansion attacks. Affects XMLBeans up to and including v2.6.0.