CVE-2023-45960

Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

22 Nov 2023, 16:15

Type	Values Removed	Values Added
References	~~{'url': 'https://dom4j.github.io/', 'name': 'https://dom4j.github.io/', 'tags': ['Product'], 'refsource': 'MISC'}~~ ~~{'url': 'https://github.com/joker-xiaoyan/XXE-SAXReader/tree/main', 'name': 'https://github.com/joker-xiaoyan/XXE-SAXReader/tree/main', 'tags': ['Third Party Advisory'], 'refsource': 'MISC'}~~ {'url': 'https://github.com/dom4j/dom4j/issues/171#issuecomment-1781547256', 'name': 'https://github.com/dom4j/dom4j/issues/171#issuecomment-1781547256', 'tags': ['Issue Tracking'], 'refsource': 'MISC'} ~~{'url': 'https://github.com/joker-xiaoyan/XXE-SAXReader/issues/1', 'name': 'https://github.com/joker-xiaoyan/XXE-SAXReader/issues/1', 'tags': ['Issue Tracking'], 'refsource': 'MISC'}~~
CWE	~~CWE-91~~
CPE	cpe:2.3:a:dom4j_project:dom4j::::::::
Summary	An issue in dom4.j org.dom4.io.SAXReader v.2.1.4 and before allows a remote attacker to obtain sensitive information via the setFeature function. NOTE: the vendor and original reporter indicate that this is not a vulnerability because setFeature only sets features, which "can be safe in one case and unsafe in another."	Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVSS	v2 : ~~unknown~~ v3 : ~~7.5~~	v2 : unknown v3 : unknown

Information

Published : 2023-10-25 18:17

Updated : 2023-12-15 15:06

NVD link : CVE-2023-45960

Mitre link : CVE-2023-45960

CVE.ORG link : CVE-2023-45960

JSON object : View

Products Affected

No product.

CWE

No CWE.

JSON object

Attach tags to CVE-2023-45960

Attach tags to `CVE-2023-45960`