CVE-2021-44556

National Library of the Netherlands digger < 6697d1269d981e35e11f240725b16401b5ce3db5 is affected by a XML External Entity (XXE) vulnerability. Since XML parsing resolves external entities, a malicious XML stream could leak internal files and/or cause a DoS.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 60%
VendorProductVersion
kbdigger
𝑥
< 08-25-2021
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/KBNLresearch/digger
https://github.com/KBNLresearch/digger/pull/1
https://github.com/KBNLresearch/digger
https://github.com/KBNLresearch/digger/pull/1