GHSA-h755-h99p-9ffv
Suggest an improvement- Source
- https://github.com/advisories/GHSA-h755-h99p-9ffv
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-h755-h99p-9ffv/GHSA-h755-h99p-9ffv.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-h755-h99p-9ffv
- Aliases
- Published
- 2022-05-14T01:40:24Z
- Modified
- 2024-01-08T20:26:33.384903Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- XML External Entity Reference in weixin-java-tools
- Details
-
An issue was discovered in weixin-java-tools. There is an XXE vulnerability in the getXmlDoc method of the BaseWxPayResult.java file. NOTE: this issue exists because of an incomplete fix for CVE-2018-20318.
- Database specific
{ "nvd_published_at": "2019-01-04T16:29:00Z", "severity": "CRITICAL", "github_reviewed_at": "2024-01-08T20:11:00Z", "github_reviewed": true, "cwe_ids": [ "CWE-611" ] }- References
Affected packages
Maven / com.github.binarywang:weixin-java-common
Package
- Name
- com.github.binarywang:weixin-java-common
- View open source insights on deps.dev
- Purl
- pkg:maven/com.github.binarywang/weixin-java-common
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.3.2.B
Affected versions
1.*
1.3.4
1.3.5
1.3.5.1
1.3.5.2
1.3.5.3
1.3.5.4
1.3.5.5
1.3.5.6
1.3.5.7
1.3.5.8
1.3.5.9
1.3.5.10
1.3.5.11
2.*
2.0.0
2.0.1
2.0.2
2.0.3
2.0.4
2.0.5
2.1.0
2.1.1
2.1.2
2.1.3
2.1.4
2.1.5
2.1.6
2.1.7
2.1.8
2.1.9
2.2.0
2.2.1
2.2.2
2.2.3
2.2.4
2.2.5
2.2.6
2.2.7
2.3.0
2.3.1
2.4.0
2.4.1
2.4.2
2.4.3
2.4.4.BETA
2.4.4-beta
2.4.5.BETA
2.4.6.BETA
2.4.7.BETA
2.4.8.BETA
2.4.9.BETA
2.5.0
2.5.1.BETA
2.5.2.BETA
2.5.3.BETA
2.5.4.BETA
2.5.5.BETA
2.5.6.BETA
2.5.7.BETA
2.6.0
2.6.1.BETA
2.6.2.BETA
2.6.3.BETA
2.6.4.BETA
2.6.5.BETA
2.7.0
2.7.1.BETA
2.7.2.BETA
2.7.3.BETA
2.7.4.BETA
2.7.5.BETA
2.7.6.BETA
2.7.7.BETA
2.7.7
2.7.8.BETA
2.7.8
2.7.9.BETA
2.8.0
2.8.1.BETA
2.8.2.BETA
2.8.3.BETA
2.8.4.BETA
2.8.5.BETA
2.8.6.BETA
2.8.7.BETA
2.8.8.BETA
2.8.9.BETA
2.9.0
2.9.1.BETA
2.9.2.BETA
2.9.3.BETA
2.9.4.BETA
2.9.5.BETA
2.9.6.BETA
2.9.7.BETA
2.9.8.BETA
2.9.9.BETA
3.*
3.0.0
3.0.1.BETA
3.0.2.BETA
3.0.3.BETA
3.0.4.BETA
3.0.5.BETA
3.0.6.BETA
3.0.7.BETA
3.0.8.BETA
3.0.9.BETA
3.1.0
3.1.1.BETA
3.1.2.BETA
3.1.3.BETA
3.1.4.BETA
3.1.5.BETA
3.1.6.BETA
3.1.7.BETA
3.1.8.B
3.1.9.B
3.2.0
3.2.1.B
3.2.2.B
3.2.3.B
3.2.4.B
3.2.5.B
3.2.6.B
3.2.7.B
3.2.8.B
3.2.9.B
3.2.10.B
3.3.0
3.3.1.B