Eclipse Sphinx
Approved changes feed: RSS · Atom
cpe:2.3:a:the_eclipse_foundation:eclipse_sphinx:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | The Eclipse Foundation (bb2d55d2-5306-5bc8-beb2-981f5d5392e4) |
|---|---|
| Product | Eclipse Sphinx (cdc320d3-3a6f-526d-9583-d52b0df66bc5) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-2838 |
vulnerable | 2026-06-03 14:47:07.445126 |
Details available
In Eclipse Sphinx™ before version 0.13.1, Apache Xerces XML Parser was used without disabling processing of referenced external entities allowing the injection of arbitrary definitions which is able to access local files and expose their contents via HTTP requests.
Published: 2022-08-16T10:10:08.000Z
Updated: 2024-08-03T00:52:59.807Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.