Community
Participate
Working Groups
I am requesting a CVE, the details will be provided later as a comment.
Let's use CVE-2018-12544
here are the CVE info: - description: The OpenAPI XML type validator creates XML parsers without taking appropriate defense against XML attacks. This mechanism is exclusively when the developer uses the Vert.x OpenAPI XML type validator to validate a provided schema. - versions: 3.5.0.Beta1, 3.5.0, 3.5.1, 3.5.2.CR1, 3.5.2.CR2, 3.5.2.CR3, 3.5.2, 3.5.3 - CWE category: https://cwe.mitre.org/data/definitions/611.html - https://bugs.eclipse.org/bugs/show_bug.cgi?id=539568 This has been fixed in 3.5.4, here is the corresponding project issue https://github.com/vert-x3/vertx-web/issues/1021