CVE-2025-23195 | Apache Ambari up to 2.7.8 DocumentBuilderFactory xml external entity reference

Posted by Angelo Barbosa | Jan 21, 2025 | CVE

A vulnerability was found in Apache Ambari up to 2.7.8 and classified as problematic. Affected by this issue is the function DocumentBuilderFactory. The manipulation leads to xml external entity reference.

This vulnerability is handled as CVE-2025-23195. The attack can only be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-23195 | Apache Ambari up to 2.7.8 DocumentBuilderFactory xml external entity reference

Related Posts

CVE-2023-6503 | WP Plugin Lister Plugin up to 2.1.0 on WordPress Setting cross-site request forgery

CVE-2024-45256 | BYOB 2.0 Parameter api/files/routes.py file_add access control

CVE-2024-33326 | Lumisxp 15.0.x/16.1.x XsltResultControllerHtml.jsp lumPageID cross site scripting

CVE-2024-47656 | Shilpi Computers Client Dashboard prior 9.7.0 API Login excessive authentication (CIVN-2024-0313)