VDB
DEBIAN-CVE-2014-3529
DEBIAN-CVE-2014-3529
PUBLISHED
CVSS 8.699999809265137 HIGH
The OPC SAX setup in Apache POI before 3.10.1 allows remote attackers to read arbitrary files via an OpenXML file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Risk Scores
CVSS v4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | libapache-poi-java | 0, 0, 0 |
| Debian:13 | libapache-poi-java | 0, 0, 0 |
| Debian:12 | libapache-poi-java | 0, 0, 0 |
| Debian:14 | libapache-poi-java | 0, 0, 0 |
Timeline
- Sep 4, 2014 CVE Published
- Apr 28, 2026 CVE Updated