CWE-611
AllowedImproper Restriction of XML External Entity Reference
Abstraction: Base · Status: Draft
The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.
1694 vulnerabilities reference this CWE, most recent first.
GHSA-4V8G-86X5-3VRC
Vulnerability from github – Published: 2026-05-04 18:30 – Updated: 2026-05-08 17:51XML External Entity (XXE) via Unsanitized Dictionary Parsing in Apache OpenNLP DictionaryEntryPersistor
Versions Affected: before 2.5.9, before 3.0.0-M3
Description: The DictionaryEntryPersistor class initializes a static SAXParserFactory at class-load time without enabling FEATURE_SECURE_PROCESSING or disabling DTD processing. When create(InputStream, EntryInserter) is invoked, the only feature set on the XMLReader is namespace support — external entity resolution and DOCTYPE declarations remain fully enabled. An attacker who can supply a crafted dictionary file (e.g., a stop-word list or domain dictionary) containing a malicious DOCTYPE declaration can trigger local file disclosure via file:// entity references or server-side request forgery via http:// entity references during SAX parsing, before the application processes a single dictionary entry. This is inconsistent with the project's own XmlUtil.createSaxParser() helper, which correctly sets FEATURE_SECURE_PROCESSING and disallow-doctype-decl and is used by all other XML parsing paths in the codebase. The public Dictionary(InputStream) constructor delegates directly to this method and is the documented API for loading user-supplied dictionaries, making untrusted input a realistic scenario.
Mitigation: 2.x users should upgrade to 2.5.9. 3.x users should upgrade to 3.0.0-M3. Users who cannot upgrade immediately should ensure that all dictionary files are sourced from trusted origins and should consider wrapping the Dictionary(InputStream) constructor with input validation that rejects any XML containing a DOCTYPE declaration before it reaches the parser.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.opennlp:opennlp-tools"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.5.9"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.opennlp:opennlp-tools"
},
"ranges": [
{
"events": [
{
"introduced": "3.0.0-M1"
},
{
"fixed": "3.0.0-M3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-40682"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": true,
"github_reviewed_at": "2026-05-08T17:51:59Z",
"nvd_published_at": "2026-05-04T17:16:23Z",
"severity": "CRITICAL"
},
"details": "XML External Entity (XXE) via Unsanitized Dictionary Parsing in Apache OpenNLP DictionaryEntryPersistor\n\n\nVersions Affected: before 2.5.9, before 3.0.0-M3\n\n\nDescription: The DictionaryEntryPersistor class initializes a static SAXParserFactory at class-load time without enabling FEATURE_SECURE_PROCESSING or disabling DTD processing. When create(InputStream, EntryInserter) is invoked, the only feature set on the XMLReader is namespace support \u2014 external entity resolution and DOCTYPE declarations remain fully enabled. An attacker who can supply a crafted dictionary file (e.g., a stop-word list or domain dictionary) containing a malicious DOCTYPE declaration can trigger local file disclosure via file:// entity references or server-side request forgery via http:// entity references during SAX parsing, before the application processes a single dictionary entry. This is inconsistent with the project\u0027s own XmlUtil.createSaxParser() helper, which correctly sets FEATURE_SECURE_PROCESSING and disallow-doctype-decl and is used by all other XML parsing paths in the codebase. The public Dictionary(InputStream) constructor delegates directly to this method and is the documented API for loading user-supplied dictionaries, making untrusted input a realistic scenario.\n\n\nMitigation: 2.x users should upgrade to 2.5.9. 3.x users should upgrade to 3.0.0-M3. Users who cannot upgrade immediately should ensure that all dictionary files are sourced from trusted origins and should consider wrapping the Dictionary(InputStream) constructor with input validation that rejects any XML containing a DOCTYPE declaration before it reaches the parser.",
"id": "GHSA-4v8g-86x5-3vrc",
"modified": "2026-05-08T17:51:59Z",
"published": "2026-05-04T18:30:30Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40682"
},
{
"type": "PACKAGE",
"url": "https://github.com/apache/opennlp"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread/r6jpt0qr9nj67gqhppqg7jxf8vsbo0w6"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2026/05/01/19"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Apache OpenNLP DictionaryEntryPersistor Vulnerable to XML External Entity (XXE) via Unsanitized Dictionary Parsing"
}
GHSA-4VGW-728W-P4H7
Vulnerability from github – Published: 2023-03-25 00:30 – Updated: 2025-05-30 18:30An issue was discovered in Independentsoft JODF before 1.1.110. The API is prone to XML external entity (XXE) injection via a remote DTD in a DOCX file.
{
"affected": [],
"aliases": [
"CVE-2023-28150"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-03-24T22:15:00Z",
"severity": "CRITICAL"
},
"details": "An issue was discovered in Independentsoft JODF before 1.1.110. The API is prone to XML external entity (XXE) injection via a remote DTD in a DOCX file.",
"id": "GHSA-4vgw-728w-p4h7",
"modified": "2025-05-30T18:30:47Z",
"published": "2023-03-25T00:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28150"
},
{
"type": "WEB",
"url": "https://cds.thalesgroup.com/en/tcs-cert/CVE-2023-28150"
},
{
"type": "WEB",
"url": "https://excellium-services.com/cert-xlm-advisory/CVE-2023-28150"
},
{
"type": "WEB",
"url": "https://www.independentsoft.de/jword/index.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-4VHF-2HV7-8MRX
Vulnerability from github – Published: 2022-05-14 01:14 – Updated: 2023-12-20 19:11XML external entity (XXE) vulnerability in Apache ActiveMQ 5.x before 5.10.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.activemq:activemq-client"
},
"ranges": [
{
"events": [
{
"introduced": "5.0.0"
},
{
"fixed": "5.10.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.activemq:activemq-broker"
},
"ranges": [
{
"events": [
{
"introduced": "5.0.0"
},
{
"fixed": "5.10.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2014-3600"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": true,
"github_reviewed_at": "2022-07-07T22:38:48Z",
"nvd_published_at": "2017-10-27T19:29:00Z",
"severity": "CRITICAL"
},
"details": "XML external entity (XXE) vulnerability in Apache ActiveMQ 5.x before 5.10.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages.",
"id": "GHSA-4vhf-2hv7-8mrx",
"modified": "2023-12-20T19:11:17Z",
"published": "2022-05-14T01:14:52Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3600"
},
{
"type": "WEB",
"url": "https://github.com/apache/activemq/commit/3e5ac6326db59f524a0e71f6b717428607d7b67d"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100722"
},
{
"type": "WEB",
"url": "https://github.com/apache/activemq"
},
{
"type": "WEB",
"url": "https://issues.apache.org/jira/browse/AMQ-5333"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/a859563f05fbe7c31916b3178c2697165bd9bbf5a65d1cf62aef27d2@%3Ccommits.activemq.apache.org%3E"
},
{
"type": "WEB",
"url": "http://activemq.apache.org/security-advisories.data/CVE-2014-3600-announcement.txt"
},
{
"type": "WEB",
"url": "http://seclists.org/oss-sec/2015/q1/427"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Improper Restriction of XML External Entity Reference in Apache ActiveMQ"
}
GHSA-4VQR-G4P9-8PVR
Vulnerability from github – Published: 2022-02-11 00:00 – Updated: 2025-05-05 18:31Improper restriction of XML external entity reference in DSP Builder Pro for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an unauthenticated user to potentially enable information disclosure via network access.
{
"affected": [],
"aliases": [
"CVE-2022-21205"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2022-02-09T23:15:00Z",
"severity": "HIGH"
},
"details": "Improper restriction of XML external entity reference in DSP Builder Pro for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an unauthenticated user to potentially enable information disclosure via network access.",
"id": "GHSA-4vqr-g4p9-8pvr",
"modified": "2025-05-05T18:31:36Z",
"published": "2022-02-11T00:00:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-21205"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00632.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4W37-Q3JV-2MWP
Vulnerability from github – Published: 2022-05-24 16:43 – Updated: 2024-04-04 00:01An XML external entity (XXE) vulnerability in Kofax Front Office Server Administration Console version 4.1.1.11.0.5212 allows remote authenticated users to read arbitrary files via crafted XML inside an imported package configuration (.ZIP file) within the Kofax/KFS/Admin/PackageService/package/upload file parameter.
{
"affected": [],
"aliases": [
"CVE-2018-17289"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-04-18T18:29:00Z",
"severity": "MODERATE"
},
"details": "An XML external entity (XXE) vulnerability in Kofax Front Office Server Administration Console version 4.1.1.11.0.5212 allows remote authenticated users to read arbitrary files via crafted XML inside an imported package configuration (.ZIP file) within the Kofax/KFS/Admin/PackageService/package/upload file parameter.",
"id": "GHSA-4w37-q3jv-2mwp",
"modified": "2024-04-04T00:01:35Z",
"published": "2022-05-24T16:43:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17289"
},
{
"type": "WEB",
"url": "https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2018-17289-XXE-Kofax"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4X5C-2C3M-624H
Vulnerability from github – Published: 2022-05-13 01:28 – Updated: 2022-05-13 01:28XML external entity (XXE) vulnerability in the GlobalProtect internal and external gateway interface in Palo Alto Networks PAN-OS before 6.1.18, 7.0.x before 7.0.17, 7.1.x before 7.1.12, and 8.0.x before 8.0.3 allows remote attackers to obtain sensitive information, cause a denial of service, or conduct server-side request forgery (SSRF) attacks via unspecified vectors.
{
"affected": [],
"aliases": [
"CVE-2017-9458"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-09-07T13:29:00Z",
"severity": "CRITICAL"
},
"details": "XML external entity (XXE) vulnerability in the GlobalProtect internal and external gateway interface in Palo Alto Networks PAN-OS before 6.1.18, 7.0.x before 7.0.17, 7.1.x before 7.1.12, and 8.0.x before 8.0.3 allows remote attackers to obtain sensitive information, cause a denial of service, or conduct server-side request forgery (SSRF) attacks via unspecified vectors.",
"id": "GHSA-4x5c-2c3m-624h",
"modified": "2022-05-13T01:28:22Z",
"published": "2022-05-13T01:28:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9458"
},
{
"type": "WEB",
"url": "https://security.paloaltonetworks.com/CVE-2017-9458"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/100614"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1039256"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-4X6F-629H-VV8J
Vulnerability from github – Published: 2023-03-24 21:30 – Updated: 2025-05-30 18:30An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML external entity (XXE) injection via a remote DTD in a DOCX file.
{
"affected": [],
"aliases": [
"CVE-2023-28151"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-03-24T20:15:00Z",
"severity": "CRITICAL"
},
"details": "An issue was discovered in Independentsoft JSpreadsheet before 1.1.110. The API is prone to XML external entity (XXE) injection via a remote DTD in a DOCX file.",
"id": "GHSA-4x6f-629h-vv8j",
"modified": "2025-05-30T18:30:46Z",
"published": "2023-03-24T21:30:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28151"
},
{
"type": "WEB",
"url": "https://cds.thalesgroup.com/en/tcs-cert/CVE-2023-28151"
},
{
"type": "WEB",
"url": "https://excellium-services.com/cert-xlm-advisory/CVE-2023-28151"
},
{
"type": "WEB",
"url": "https://www.independentsoft.de/jword/index.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-4XC3-4V6P-VGGF
Vulnerability from github – Published: 2022-05-24 16:59 – Updated: 2024-04-04 02:32WUSTL XNAT 1.7.5.3 allows XXE attacks via a POST request body.
{
"affected": [],
"aliases": [
"CVE-2019-14276"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-10-23T12:15:00Z",
"severity": "MODERATE"
},
"details": "WUSTL XNAT 1.7.5.3 allows XXE attacks via a POST request body.",
"id": "GHSA-4xc3-4v6p-vggf",
"modified": "2024-04-04T02:32:43Z",
"published": "2022-05-24T16:59:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14276"
},
{
"type": "WEB",
"url": "https://wiki.xnat.org/documentation/getting-started-with-xnat/what-s-new-in-xnat/xnat-1-7-5-4-1-7-5-6-release-notes"
},
{
"type": "WEB",
"url": "https://www.senseofsecurity.com.au/advisories/SOS-19-001"
},
{
"type": "WEB",
"url": "http://www.senseofsecurity.com.au/research/it-security-advisories.php"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-4XR4-4C65-HJ7F
Vulnerability from github – Published: 2018-10-17 15:44 – Updated: 2022-04-26 21:46Apache Tika before 1.13 does not properly initialize the XML parser or choose handlers, which might allow remote attackers to conduct XML External Entity (XXE) attacks via vectors involving (1) spreadsheets in OOXML files and (2) XMP metadata in PDF and other file formats, a related issue to CVE-2016-2175.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.apache.tika:tika-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.13"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2016-4434"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": true,
"github_reviewed_at": "2020-06-16T20:59:46Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "Apache Tika before 1.13 does not properly initialize the XML parser or choose handlers, which might allow remote attackers to conduct XML External Entity (XXE) attacks via vectors involving (1) spreadsheets in OOXML files and (2) XMP metadata in PDF and other file formats, a related issue to CVE-2016-2175.",
"id": "GHSA-4xr4-4c65-hj7f",
"modified": "2022-04-26T21:46:36Z",
"published": "2018-10-17T15:44:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4434"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-4xr4-4c65-hj7f"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
},
{
"type": "WEB",
"url": "https://mail-archives.apache.org/mod_mbox/tika-dev/201605.mbox/%3C1705136517.1175366.1464278135251.JavaMail.yahoo%40mail.yahoo.com%3E"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0248.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0249.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0272.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/538500/100/0/threaded"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Apache Tika does not properly initialize the XML parser or choose handlers"
}
GHSA-526V-FWQ8-9PGV
Vulnerability from github – Published: 2024-10-15 21:30 – Updated: 2024-10-15 21:30Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: XMLPublisher). Supported versions that are affected are 8.59, 8.60 and 8.61. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PeopleTools. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
{
"affected": [],
"aliases": [
"CVE-2024-21255"
],
"database_specific": {
"cwe_ids": [
"CWE-611"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-15T20:15:16Z",
"severity": "HIGH"
},
"details": "Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: XMLPublisher). Supported versions that are affected are 8.59, 8.60 and 8.61. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PeopleTools. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).",
"id": "GHSA-526v-fwq8-9pgv",
"modified": "2024-10-15T21:30:38Z",
"published": "2024-10-15T21:30:38Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21255"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuoct2024.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
Many XML parsers and validators can be configured to disable external entity expansion.
CAPEC-221: Data Serialization External Entities Blowup
This attack takes advantage of the entity replacement property of certain data serialization languages (e.g., XML, YAML, etc.) where the value of the replacement is a URI. A well-crafted file could have the entity refer to a URI that consumes a large amount of resources to create a denial of service condition. This can cause the system to either freeze, crash, or execute arbitrary code depending on the URI.