CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Eclipse: >> Sphinx >> 0.7.0 Security Vulnerabilities

CVE-2022-2838

In Eclipse Sphinx™ before version 0.13.1, Apache Xerces XML Parser was used without disabling processing of referenced external entities allowing the injection of arbitrary definitions which is able to access local files and expose their contents via HTTP requests.

CVSS Score

5.3

EPSS Score

0.001

Published

2022-08-16

Page 1

Vulnerabilities

Vulnerable Software

Eclipse: >> Sphinx >> 0.7.0 Security Vulnerabilities

Products

Pricing

Contact Us