Filtered by vendor Apache Subscriptions
Filtered by product Xmlbeans Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-23926 5 Apache, Debian, Netapp and 2 more 8 Xmlbeans, Debian Linux, Oncommand Unified Manager Core Package and 5 more 2024-11-21 9.1 Critical
The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include possibilities for XML Entity Expansion attacks. Affects XMLBeans up to and including v2.6.0.