Restlet Framework 2.1.x before 2.1.7 and 2.x.x before 2.2 RC1, when using XMLRepresentation or XML serializers, allows attackers to cause a denial of service via an XML Entity Expansion (XEE) attack.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Restlet_framework | Restlet | 2.1.1 | 2.1.1 |
Restlet_framework | Restlet | 2.1.2 | 2.1.2 |
Restlet_framework | Restlet | 2.1.0 | 2.1.0 |
Restlet_framework | Restlet | 2.2 | 2.2 |
Restlet_framework | Restlet | 2.1.6 | 2.1.6 |
Restlet_framework | Restlet | 2.2 | 2.2 |
Restlet_framework | Restlet | 2.1.4 | 2.1.4 |
Restlet_framework | Restlet | 2.1.3 | 2.1.3 |
Restlet_framework | Restlet | 2.2 | 2.2 |
Restlet_framework | Restlet | 2.1.5 | 2.1.5 |
Restlet_framework | Restlet | 2.2 | 2.2 |
Restlet_framework | Restlet | 2.2 | 2.2 |
Restlet_framework | Restlet | * | 2.2 |