Vulnerabilities > Apache > Uimafit

DATE CVE VULNERABILITY TITLE RISK
2018-04-26 CVE-2017-15691 XXE vulnerability in Apache products
In Apache uimaj prior to 2.10.2, Apache uimaj 3.0.0-xxx prior to 3.0.0-beta, Apache uima-as prior to 2.10.2, Apache uimaFIT prior to 2.4.0, Apache uimaDUCC prior to 2.2.2, this vulnerability relates to an XML external entity expansion (XXE) capability of various XML parsers.
network
low complexity
apache CWE-611
6.5