CyberSec.Space Logo
返回 CVE 浏览器

CVE-2020-10990

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0990%
EPSS Percentile7.61th
Published2020年3月27日
Last Modified2024年11月21日

Vulnerability Description

An XXE issue exists in Accenture Mercury before 1.12.28 because of the platformlambda/core/serializers/SimpleXmlParser.java component.

Affected Platforms (CPE)

📦
Accenture

Mercury

< 1.12.28

References & Advisories

🔗 https://github.com/Accenture/mercury/commit/f647a01347485d2afe3a0b735eab3d0121d61f46
🔗 https://github.com/Accenture/mercury/issues/13
🔗 https://github.com/Accenture/mercury/commit/f647a01347485d2afe3a0b735eab3d0121d61f46
🔗 https://github.com/Accenture/mercury/issues/13

相关漏洞威胁

CVE-2007-137310.0

Stack-based buffer overflow in Mercury/32 (aka Mercury Mail Transport System) 4.01b and earlier allows remote attackers to execute...

CVE-2007-044610.0

Stack-based buffer overflow in magentproc.exe for Hewlett-Packard Mercury LoadRunner Agent 8.0 and 8.1, Performance Center Agent 8...

CVE-2004-251310.0

Buffer overflow in the IMAP service of Mercury (Pegasus) Mail 4.01 allows remote attackers to execute arbitrary code via a long SE...

CVE-2020-227249.8

A remote command execution vulnerability exists in add_server_service of PPTP_SERVER in Mercury Router MER1200 v1.0.1 and Mercury ...