Miggo Logo
Miggo Vulnerability Database
CVE-2021-23463

CVE-2021-23463:
Improper Restriction of XML External Entity Reference in com.h2database:h2.

8.1

CVSS Score
3.1

Basic Information

CVE ID
CVE-2021-23463
GHSA ID
GHSA-7rpj-hg47-cx62
EPSS Score
0.32596%
CWE
CWE-611
Published
12/16/2021
Updated
8/18/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
com.h2database:h2maven>= 1.4.198, < 2.0.2022.0.202

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis:
In progress

WAF Protection Rules

WAF Rule

** is *n *m******l* R**MS writt*n in J*v*. T** p**k*** *om.****t***s*:** *rom *.*.*** *n* ***or* *.*.*** *r* vuln*r**l* to XML *xt*rn*l *ntity (XX*) Inj**tion vi* t** or*.**.j***.J***SQLXML *l*ss o*j**t, w**n it r***iv*s p*rs** strin* **t* *rom or*.*

Reasoning

No *n*lysis *v*il**l*