CVE-2017-20151

CVSS V2 None CVSS V3 None
Description
A vulnerability classified as problematic was found in iText RUPS. This vulnerability affects unknown code of the file src/main/java/com/itextpdf/rups/model/XfaFile.java. The manipulation leads to xml external entity reference. The name of the patch is ac5590925874ef810018a6b60fec216eee54fb32. It is recommended to apply a patch to fix this issue. VDB-217054 is the identifier assigned to this vulnerability.
Overview
  • CVE ID
  • CVE-2017-20151
  • Assigner
  • cna@vuldb.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-12-30T12:15:08
  • Last Modified Date
  • 2023-01-09T17:50:29
Weakness Enumerations
CWE URL
CWE-611 http://cwe.mitre.org/data/definitions/611.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:itextpdf:rups:-:*:*:*:*:*:*:* 1 OR
References
Reference URL Reference Tags
https://github.com/itext/rups/commit/ac5590925874ef810018a6b60fec216eee54fb32
https://vuldb.com/?ctiid.217054
https://vuldb.com/?id.217054
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2017-20151
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-20151
History
Created Old Value New Value Data Type Notes
2022-12-30 13:14:34 Added to TrackCVE
2022-12-30 13:14:35 Weakness Enumeration new
2023-01-05 13:15:26 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2023-01-05 13:15:27 CVSS V3 information new
2023-01-05 13:15:27 CVSS V2 information new
2023-01-09 18:24:13 2023-01-09T17:50:29 CVE Modified Date updated
2023-01-09 18:24:13 Undergoing Analysis Analyzed Vulnerability Status updated
2023-01-09 18:24:16 CPE Information updated
2023-01-09 18:24:16 CVSS V3 information new
2023-01-09 18:24:16 CVSS V2 information new