CNNVD-202510-2472 Information

CNNVD ID

CNNVD-202510-2472

Related CVE

CVE-2024-31573

• CNNVD Published: 2025-10-17

Description (Chinese)

XMLUnit是XMLUnit开源的一个XML输出库。 XMLUnit 2.10.0之前版本存在安全漏洞，该漏洞源于默认配置中启用了XSLT扩展功能，可能导致代码执行。

Description (English)

XMLUT is an XML output library for XMLUT open source. There is a security loophole in the previous version of XMLUT 2.10.0, resulting from the use of the XSLT extension in the default configuration, which may lead to code execution.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

XMLUnit

Published

2025-10-17

Last Modified

2026-02-24

References

https://github.com/advisories/GHSA-chfm-68vv-pvw5 https://github.com/xmlunit/xmlunit/commit/b81d48b71dfd2868bdfc30a3e17ff973f32bc15b https://github.com/xmlunit/xmlunit/issues/264

Patch

https://github.com/xmlunit/xmlunit/releases