CWE-611

GPTKB entity

Statements (19)
Predicate Object
gptkbp:instanceOf gptkb:Common_Weakness_Enumeration
gptkbp:affects XML parsers
gptkbp:category Software weakness
gptkbp:cause gptkb:Information_disclosure
Denial of service
Server-side request forgery
gptkbp:citation https://cwe.mitre.org/data/definitions/611.html
gptkbp:describes The software processes an XML document that can contain XML entities with URIs that resolve to external resources, without properly restricting the types of URIs that are allowed.
gptkbp:hasCWE 611
https://www.w3.org/2000/01/rdf-schema#label CWE-611
gptkbp:introducedIn XML processing software
gptkbp:maintainedBy gptkb:MITRE_Corporation
gptkbp:mitigatedBy Disable external entity processing in XML parsers
Use secure XML libraries
gptkbp:name Improper Restriction of XML External Entity Reference
gptkbp:partOf gptkb:CWE_Top_25_Most_Dangerous_Software_Weaknesses
gptkbp:relatedTo XML External Entity (XXE) vulnerability
gptkbp:bfsParent gptkb:CWE
gptkbp:bfsLayer 7