CVE-2025-23195 | Apache Ambari up to 2.7.8 DocumentBuilderFactory xml external entity reference

Inserito da Angelo Barbosa | Gen 21, 2025 | CVE

A vulnerability was found in Apache Ambari up to 2.7.8 and classified as problematic. Affected by this issue is the function DocumentBuilderFactory. The manipulation leads to xml external entity reference.

This vulnerability is handled as CVE-2025-23195. The attack can only be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-23195 | Apache Ambari up to 2.7.8 DocumentBuilderFactory xml external entity reference

Post correlati

CVE-2023-52045 | Studio-42 eLfinder 2.1.62 cross site scripting (Issue 3617)

CVE-2024-47133 | I-O DATA DEVICE UD-LT1/UD-LT1 EX up to 2.1.8 os command injection

CVE-2020-9250 | Huawei Mate 20 Pro 9.1.0.135(C00E133R3P1)/10.0.0.175(C00E69R3P8) Software Package improper authentication (sa-20200729-01)

CVE-2024-6980 | Bitdefender GravityZone Update Server up to 6.38.1-4 Proxy Service server-side request forgery