|Number of vulnerabilities||1|
|CVE ID|| CVE-2018-1000632
|Public exploit||Public exploit code for vulnerability #1 is available.|
|Vulnerable software versions||
The vulnerability allows a remote attacker to conduct XXE attack on the target system.
The vulnerability exists due to improper sanitization of elements and attribute names in XML documents. A remote attacker can trick the victim into opening a specially crafted XML document that submits malicious input, perform XXE attack and bypass security restrictions to access and modify sensitive information on the system.Remediation
Update the affected packages.