VDB

GCVE-110-NCSC-2025-197

GCVE-110-NCSC-2025-197
Advisory PublishedCVSS 9.9/10
Vulnetix · Advisory published June 18, 2025
De kwetsbaarheid bevindt zich in de Eclipse XSD library. De kwetsbaarheid stelt ongeauthenticeerde aanvallers in staat om mogelijke code executie en toegang tot gevoelige bestanden via het injecteren van XML code.

Weaknesses (CWE)

CWE-611Improper Restriction of XML External Entity Reference

Risk Scores

CVSS 3.1
9.9/10
Critical · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L

Affected Products

VendorProductVersionsPlatforms
GeoToolsvers:unknown/*
GeoServervers:unknown/2.26.2
GeoServervers:unknown/<2.25.6

References

advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

73,442 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›