MidnightBSD

Advisories for nablarch_project

CVE-2019-5918 HIGH

Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to conduct XML External Entity (XXE) attacks via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-611,

Products Affected

Vendor Product Version
nablarch_project nablarch 5u1
nablarch_project nablarch 5u13
nablarch_project nablarch 5
CVE-2019-5919 MEDIUM

An incomplete cryptography of the data store function by using hidden tag in Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to obtain information of the stored data, to register invalid value, or alter the value via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-327,

Products Affected

Vendor Product Version
nablarch_project nablarch 5u1
nablarch_project nablarch 5u13
nablarch_project nablarch 5