{"id":5931,"date":"2025-05-24T07:23:00","date_gmt":"2025-05-24T07:23:00","guid":{"rendered":"http:\/\/localhost\/?p=5931"},"modified":"2025-05-24T07:23:00","modified_gmt":"2025-05-24T07:23:00","slug":"xxe-vulnerability-in-eclipse-jgit","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=5931","title":{"rendered":"XXE vulnerability in Eclipse JGit"},"content":{"rendered":"

CVE Details<\/h2>\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nXXE vulnerability in Eclipse JGit<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-05-21T06:47:19.777Z<\/td>\n<\/tr>\n
Last Seen<\/th>\n<\/td>\n<\/tr>\n<\/table>\n

CVSS Information<\/h3>\n\n\n\n\n\n\n\n\n\n\n
Base Score<\/th>\n0.0 ()<\/td>\n<\/tr>\n
Attack Vector<\/th>\n<\/td>\n<\/tr>\n
Attack Complexity<\/th>\n<\/td>\n<\/tr>\n
Privileges Required<\/th>\n<\/td>\n<\/tr>\n
User Interaction<\/th>\n<\/td>\n<\/tr>\n
Scope<\/th>\n<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\n<\/td>\n<\/tr>\n
Integrity Impact<\/th>\n<\/td>\n<\/tr>\n
Availability Impact<\/th>\n<\/td>\n<\/tr>\n<\/table>\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nThe vulnerability in Eclipse JGit versions 7.2.0.202503040940-r and older allows XML External Entity (XXE) attacks when parsing XML files, potentially leading to information disclosure, denial of service, and other security issues.<\/td>\n<\/tr>\n
AI Severity<\/th>\nHigh<\/td>\n<\/tr>\n
Vendor<\/th>\nEclipse Foundation<\/td>\n<\/tr>\n
Product<\/th>\nEclipse JGit<\/td>\n<\/tr>\n
Affected Version<\/th>\n7.2.0.202503040940-r and older<\/td>\n<\/tr>\n<\/table>\n

Additional Information<\/h3>\n\n\n\n\n
CVE List<\/th>\n<\/td>\n<\/tr>\n
CWE List<\/th>\nCWE-611, CWE-827<\/td>\n<\/tr>\n
Bulletin Family<\/th>\n<\/td>\n<\/tr>\n<\/table>\n

Description<\/h3>\n
\nIn Eclipse JGit versions 7.2.0.202503040940-r and older, the ManifestParser class used by the repo command and the AmazonS3 class used to implement the experimental amazons3 git transport protocol allowing to store git pack files in an Amazon S3 bucket, are vulnerable to XML External Entity (XXE) attacks when parsing XML files. This vulnerability can lead to information disclosure, denial of service, and other security issues.\n<\/div>\n

CVSS Score Summary<\/h3>\n
\n

Base Score:<\/strong> %!f(string=#) ()<\/span><\/p>\n<\/div>\n

View Full CVE Details<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

CVE Details Basic Information Title XXE vulnerability in Eclipse JGit Type cve Published 2025-05-21T06:47:19.777Z Last Seen CVSS Information Base Score 0.0 () Attack Vector Attack…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[122,6,8,34,12,13,7,11,5],"class_list":["post-5931","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-00","tag-exploit","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\nXXE vulnerability in Eclipse JGit - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=5931\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"XXE vulnerability in Eclipse JGit - zero redgem\" \/>\n<meta property=\"og:description\" content=\"CVE Details Basic Information Title XXE vulnerability in Eclipse JGit Type cve Published 2025-05-21T06:47:19.777Z Last Seen CVSS Information Base Score 0.0 () Attack Vector Attack...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=5931\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-05-24T07:23:00+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5931#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5931\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"XXE vulnerability in Eclipse JGit\",\"datePublished\":\"2025-05-24T07:23:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5931\"},\"wordCount\":179,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"\",\"CVE\",\"CVSS\",\"CVSS-0.0\",\"exploit\",\"news\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_cve\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=5931#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5931\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5931\",\"name\":\"XXE vulnerability in Eclipse JGit - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-05-24T07:23:00+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5931#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=5931\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=5931#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"XXE vulnerability in Eclipse JGit\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"XXE vulnerability in Eclipse JGit - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=5931","og_locale":"en_US","og_type":"article","og_title":"XXE vulnerability in Eclipse JGit - zero redgem","og_description":"CVE Details Basic Information Title XXE vulnerability in Eclipse JGit Type cve Published 2025-05-21T06:47:19.777Z Last Seen CVSS Information Base Score 0.0 () Attack Vector Attack...","og_url":"https:\/\/zero.redgem.net\/?p=5931","og_site_name":"zero redgem","article_published_time":"2025-05-24T07:23:00+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=5931#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=5931"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"XXE vulnerability in Eclipse JGit","datePublished":"2025-05-24T07:23:00+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=5931"},"wordCount":179,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["","CVE","CVSS","CVSS-0.0","exploit","news","Security","tapic","Vulnerability"],"articleSection":["category_cve"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=5931#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=5931","url":"https:\/\/zero.redgem.net\/?p=5931","name":"XXE vulnerability in Eclipse JGit - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-05-24T07:23:00+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=5931#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=5931"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=5931#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"XXE vulnerability in Eclipse JGit"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/5931","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5931"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/5931\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5931"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5931"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5931"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}