[cross-project-issues-dev] CVE-2023-4218: XML External Entity issue in E

[Marta Rybczynska <marta.rybczynska@xxxxxxxxxxxxxxxxxxxxxx>]

Dear all,

Today we have published CVE-2023-4218 affecting numerous projects inside the Eclipse IDE. There have been multiple fixes around the XML processing in affected modules and all fixes, according to our knowledge, are in 2023-09.

For more information follow: https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/8

Kind regards,

Marta Rybczynska

Technical Program Manager, Security Team, Eclipse Foundation