CVE-2025-0617 - Apache HX Exponential Entity Expansion Denial of Service (DoS)
CVE ID : CVE-2025-0617 Published : Jan. 29, 2025, 11:15 a.m. | 2 hours, 45 minutes ago Description : An attacker with access to an HX 10.0.0 and previous versions, may send specially-crafted data to the HX console. The malicious detection would then trigger file parsing containing exponential entity expansions in the consumer process thus causing a Denial of Service. Severity: 5.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-0617
Published : Jan. 29, 2025, 11:15 a.m. | 2 hours, 45 minutes ago
Description : An attacker with access to an HX 10.0.0 and previous versions, may send specially-crafted data to the HX console. The malicious detection would then trigger file parsing containing exponential entity expansions in the consumer process thus causing a Denial of Service.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : Jan. 29, 2025, 11:15 a.m. | 2 hours, 45 minutes ago
Description : An attacker with access to an HX 10.0.0 and previous versions, may send specially-crafted data to the HX console. The malicious detection would then trigger file parsing containing exponential entity expansions in the consumer process thus causing a Denial of Service.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
