cvedb.io
CVE-2018-12544
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2018-10-10T20:29:00.710 · Last modified 2026-06-17T01:37:56.893

Summary

In version from 3.5.Beta1 to 3.5.3 of Eclipse Vert.x, the OpenAPI XML type validator creates XML parsers without taking appropriate defense against XML attacks. This mechanism is exclusively when the developer uses the Eclipse Vert.x OpenAPI XML type validator to validate a provided schema.

Affected products

eclipse — vert.x

Does this affect you?

Add your gear to cvedb and we'll alert you only when eclipse ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.