CVE-2022-2414
- Source
- https://cve.org/CVERecord?id=CVE-2022-2414
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-2414.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-2414
- Downstream
- Related
- Published
- 2022-07-29T19:15:08.477Z
- Modified
- 2026-04-12T02:51:00.597058Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Access to external entities when parsing XML documents can lead to XML external entity (XXE) attacks. This flaw allows a remote attacker to potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests.
- References
Affected packages
Git / github.com/dogtagpki/pki
Affected ranges
- Type
- GIT
- Repo
- https://github.com/dogtagpki/pki
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affected
- Database specific
{ "cpe": [ "cpe:2.3:a:dogtagpki:dogtagpki:10.5.18:*:*:*:*:*:*:*", "cpe:2.3:a:dogtagpki:dogtagpki:10.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:dogtagpki:dogtagpki:10.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:dogtagpki:dogtagpki:10.11.2:*:*:*:*:*:*:*", "cpe:2.3:a:dogtagpki:dogtagpki:10.12.4:*:*:*:*:*:*:*", "cpe:2.3:a:dogtagpki:dogtagpki:11.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:dogtagpki:dogtagpki:11.1.0:*:*:*:*:*:*:*" ], "extracted_events": [ { "introduced": "0" }, { "last_affected": "10.5.18" }, { "last_affected": "10.7.4" }, { "last_affected": "10.8.3" }, { "last_affected": "10.11.2" }, { "last_affected": "10.12.4" }, { "last_affected": "11.0.5" }, { "last_affected": "11.1.0" } ], "source": "CPE_FIELD" }
Affected versions
Other
DOGTAG_10_0_0_ALPHA_FEDORA_16_17_20120314
DOGTAG_10_0_2_FEDORA_18_19_20130507
DOGTAG_10_1_0_BETA_20131111
DOGTAG_10_1_0_BETA_FEDORA_20_20131111
DOGTAG_10_1_0_GA_FEDORA_20_20131121
DOGTAG_10_2_0_ALPHA_FEDORA_21_20140909
DOGTAG_10_2_1_FEDORA_22_20150108
DOGTAG_10_2_20150808
DOGTAG_10_2_2_FEDORA_22_20150318
DOGTAG_10_2_3_FEDORA_22_20150423
DOGTAG_10_2_4_FEDORA_22_20150526
DOGTAG_10_2_5_FEDORA_22_20150619
DOGTAG_10_2_6_FEDORA_22_23_20150718
DOGTAG_10_3_0_FEDORA_24_20160516
DOGTAG_10_3_0_a1_FEDORA_24_ALPHA_20160307
DOGTAG_10_3_0_a2_FEDORA_24_ALPHA_20160407
DOGTAG_10_3_0_b1_FEDORA_24_BETA_20160418
DOGTAG_10_3_1_FEDORA_24_20160517
DOGTAG_10_3_2_FEDORA_24_20160607
DOGTAG_10_3_3_FEDORA_24_20160620
DOGTAG_10_3_4_FEDORA_24_20160705
DOGTAG_10_3_5_FEDORA_24_20160808
DOGTAG_10_4_8_FEDORA_27
DOGTAG_10_4_FEDORA_27_20170331
DOGTAG_10_4_FEDORA_27_20170413
DOGTAG_10_4_FEDORA_27_20170501
DOGTAG_10_4_FEDORA_27_20170509
DOGTAG_10_4_FEDORA_27_20170522
DOGTAG_10_4_FEDORA_27_20170530
DOGTAG_10_4_FEDORA_27_20170605
DOGTAG_10_4_FEDORA_27_20170612
DOGTAG_10_5_0_FEDORA_27
DOGTAG_10_5_1_FEDORA_27
pki-core-10.*
pki-core-10.2.0-3
pki-core-10.2.1-0.1
v10.*
v10.0.2
v10.1.0
v10.10.0
v10.10.0-b1
v10.10.1
v10.11.0
v10.11.0-alpha1
v10.11.0-alpha2
v10.11.0-alpha3
v10.11.1
v10.11.2
v10.12.0
v10.12.4
v10.2.0
v10.2.1
v10.2.2
v10.2.3
v10.2.4
v10.2.5
v10.2.6
v10.3.0
v10.3.1
v10.3.2
v10.3.3
v10.3.4
v10.3.5
v10.4.1
v10.4.2
v10.4.3
v10.4.4
v10.4.5
v10.4.6
v10.4.7
v10.4.8
v10.5.0
v10.5.1
v10.5.10
v10.5.11
v10.5.12
v10.5.16
v10.5.17
v10.5.18
v10.5.2
v10.5.3
v10.5.4
v10.5.5
v10.5.6
v10.5.7
v10.5.8
v10.5.9
v10.6.0
v10.6.0-beta
v10.6.0-beta2
v10.6.0-rc
v10.6.1
v10.6.2
v10.6.3
v10.6.4
v10.6.5
v10.6.6
v10.6.7
v10.6.8
v10.6.9
v10.7.0
v10.7.1
v10.7.2
v10.7.3
v10.7.4
v10.8.0
v10.8.0-a1
v10.8.0-a2
v10.8.0-b1
v10.8.0-b2
v10.8.0-b3
v10.8.1
v10.8.2
v10.8.3
v10.9.0
v10.9.0-a1
v10.9.0-a2
v10.9.0-b1
v10.9.0-b2
v10.9.0-b3
v10.9.0-b4
v11.*
v11.0.0
v11.0.0-alpha1
v11.0.0-beta1
v11.0.2
v11.0.3
v11.0.5
v11.1.0
v11.1.0-alpha1
v11.1.0-alpha2