Statements (19)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:Common_Weakness_Enumeration
|
| gptkbp:affects |
XML parsers
|
| gptkbp:category |
Software weakness
|
| gptkbp:cause |
gptkb:Information_disclosure
Denial of service Server-side request forgery |
| gptkbp:citation |
https://cwe.mitre.org/data/definitions/611.html
|
| gptkbp:describes |
The software processes an XML document that can contain XML entities with URIs that resolve to external resources, without properly restricting the types of URIs that are allowed.
|
| gptkbp:hasCWE |
611
|
| https://www.w3.org/2000/01/rdf-schema#label |
CWE-611
|
| gptkbp:introducedIn |
XML processing software
|
| gptkbp:maintainedBy |
gptkb:MITRE_Corporation
|
| gptkbp:mitigatedBy |
Disable external entity processing in XML parsers
Use secure XML libraries |
| gptkbp:name |
Improper Restriction of XML External Entity Reference
|
| gptkbp:partOf |
gptkb:CWE_Top_25_Most_Dangerous_Software_Weaknesses
|
| gptkbp:relatedTo |
XML External Entity (XXE) vulnerability
|
| gptkbp:bfsParent |
gptkb:CWE
|
| gptkbp:bfsLayer |
7
|