Apache POI in versions prior to release 3.15 allows remote attackers to cause a denial of service (CPU consumption) via a specially crafted OOXML file, aka an XML Entity Expansion (XEE) attack.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published: 2017-03-24T14:00:00

Updated: 2024-08-05T15:11:47.262Z

Reserved: 2017-01-29T00:00:00

Link: CVE-2017-5644

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2017-03-24T14:59:00.273

Modified: 2024-11-21T03:28:05.180

Link: CVE-2017-5644

cve-icon Redhat

No data.