mirror of https://github.com/FreeCol/freecol.git
Add news about fixed XXE vulnerability to website
This commit is contained in:
parent
45dca3e0eb
commit
a07644558f
|
@ -0,0 +1,21 @@
|
|||
---
|
||||
title: FreeCol XXE Vulnerability Fixed
|
||||
author: Mike Pope
|
||||
---
|
||||
FreeCol 0.11.6 and subsequent development versions up to 2019-12-26 are
|
||||
subject to an XML External Entity parsing bug, due to use of a
|
||||
vulnerable Java library, as detailed in
|
||||
[CVE-2018-1000825](https://www.cvedetails.com/cve/CVE-2018-1000825/).
|
||||
Older, unsupported versions since at least 0.10.0 may also be affected.
|
||||
|
||||
According to the CVE the bug can lead to disclosure of confidential
|
||||
data, denial of service, SSRF, or port scanning, albeit with limited
|
||||
attacker control.
|
||||
|
||||
Exploiting the bug requires convincing a player to load a specially
|
||||
crafted FreeCol save game, either directly or by joining a hostile
|
||||
FreeCol server.
|
||||
|
||||
The FreeCol team are unaware of any actual cases of this bug being
|
||||
exploited. It is fixed in the [nightly releases](https://github.com/FreeCol/freecol/releases)
|
||||
from 2019-12-27 onward.
|
Loading…
Reference in New Issue