Re: [CVE-2020-11991] Apache Cocoon security vulnerability
Hi, Entities resolution is managed by features of the SAX Parser, before any transformation. Cédric Le 11/09/2020 à 12:12, gelo1234 a écrit : Hello Cedric, Are external entities blocked also in XSLT? Greetings, Greg pt., 11 wrz 2020 o 11:39 Cédric Damioli <mailto:cdami...@apache.org>> napisał(a): [CVE-2020-11991] Apache Cocoon security vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Cocoon up to 2.1.12 Description: When using the StreamGenerator, the code parse a user-provided XML. A specially crafted XML, including external system entities, could be used to access any file on the server system. Mitigation: The StreamGenerator now ignores external entities. 2.1.x users should upgrade to 2.1.13 Example: With the following input : ]> John an attacker got the content of /etc/shadow Credit: This issue was discovered by Nassim Asrir. Regards, -- Cédric Damioli -- Cédric Damioli CMS - Java - Open Source www.ametys.org
Re: [CVE-2020-11991] Apache Cocoon security vulnerability
Hello Cedric, Are external entities blocked also in XSLT? Greetings, Greg pt., 11 wrz 2020 o 11:39 Cédric Damioli napisał(a): > [CVE-2020-11991] Apache Cocoon security vulnerability > > Severity: Important > > Vendor: The Apache Software Foundation > > Versions Affected: Apache Cocoon up to 2.1.12 > > Description: When using the StreamGenerator, the code parse a > user-provided XML. > > A specially crafted XML, including external system entities, could be used > to access any file on the server system. > > Mitigation: > > The StreamGenerator now ignores external entities. 2.1.x users should > upgrade to 2.1.13 > > Example: > > With the following input : > > "file:///etc/shadow"> ]> John > an attacker got the content of > /etc/shadow > > Credit: This issue was discovered by Nassim Asrir. > > Regards, > > -- > Cédric Damioli > >
[CVE-2020-11991] Apache Cocoon security vulnerability
[CVE-2020-11991] Apache Cocoon security vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Cocoon up to 2.1.12 Description: When using the StreamGenerator, the code parse a user-provided XML. A specially crafted XML, including external system entities, could be used to access any file on the server system. Mitigation: The StreamGenerator now ignores external entities. 2.1.x users should upgrade to 2.1.13 Example: With the following input : "file:///etc/shadow"> ]> John an attacker got the content of /etc/shadow Credit: This issue was discovered by Nassim Asrir. Regards, -- Cédric Damioli
