定价企业版

CVE-2022-0839

9.8CRITICAL

Improper Restriction of XML External Entity Reference in GitHub repository liquibase/liquibase prior to 4.8.0.

发布于: 3/4/2022更新于: 11/3/2025

在NVD查看在MITRE查看

描述

Improper Restriction of XML External Entity Reference in GitHub repository liquibase/liquibase prior to 4.8.0.

AI分析AI驱动

受影响产品

liquibaseliquibase

oraclesqlcl

19c

参考资料

https://github.com/liquibase/liquibase/commit/33d9d925082097fb1a3d2fc8e44423d964cd9381
Patch
https://huntr.dev/bounties/f1ae5779-b406-4594-a8a3-d089c68d6e70
ExploitPatchThird Party Advisory
https://www.oracle.com/security-alerts/cpujul2022.html
PatchThird Party Advisory
http://seclists.org/fulldisclosure/2025/Apr/14
https://github.com/liquibase/liquibase/commit/33d9d925082097fb1a3d2fc8e44423d964cd9381
Patch
https://huntr.dev/bounties/f1ae5779-b406-4594-a8a3-d089c68d6e70
ExploitPatchThird Party Advisory
https://www.oracle.com/security-alerts/cpujul2022.html
PatchThird Party Advisory