CVE-2018-1000825
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-1000825
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1000825.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-1000825
- Related
- Published
- 2018-12-20T15:29:01Z
- Modified
- 2025-01-14T07:21:11.049232Z
- Severity
-
- 10.0 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
FreeCol version <= nightly-2018-08-22 contains a XML External Entity (XXE) vulnerability in FreeColXMLReader parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via Freecol file.
- References
Affected packages
Debian:11 / freecol
Package
- Name
- freecol
- Purl
- pkg:deb/debian/freecol?arch=source
Debian:12 / freecol
Package
- Name
- freecol
- Purl
- pkg:deb/debian/freecol?arch=source
Debian:13 / freecol
Package
- Name
- freecol
- Purl
- pkg:deb/debian/freecol?arch=source