CVE-2025-4949 | Eclipse JGit up to 7.2.0.202503040940-r XML File Parser ManifestParser xml external entity reference

Inserito da Angelo Barbosa | Mag 21, 2025 | CVE

A vulnerability was found in Eclipse JGit up to 7.2.0.202503040940-r. It has been declared as problematic. Affected by this vulnerability is the function ManifestParser of the component XML File Parser. The manipulation leads to xml external entity reference.

This vulnerability is known as CVE-2025-4949. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-4949 | Eclipse JGit up to 7.2.0.202503040940-r XML File Parser ManifestParser xml external entity reference

Post correlati

CVE-2024-26145 | Discourse discourse-calendar Private Event authorization

CVE-2025-0796 | kevin-brent Mortgage Lead Capture System Plugin up to 8.2.10 on WordPress Setting wprequal_reset_defaults cross-site request forgery

CVE-2024-7525 | Mozilla Firefox up to 128 Response Body permission

CVE-2023-52755 | Linux Kernel up to 5.15.139/6.1.63/6.5.12/6.6.2 ksmbd smb_inherit_dacl out-of-bounds write