ObeoNetwork/UML-Designer

Releases31

Frequency3 months 3 days

Last Release over 7 years ago

Stars328

OpenSource (EPL licensed) UML2 Graphical Modelers (Class, Composite, State, Activity, Sequence ...)

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2018-1000837 ↗	Dec 20, 2018Thursday, 20 December 2018, 15:29	10 CRITICAL	7.5 HIGH
UML Designer version <= 8.0.0 contains a XML External Entity (XXE) vulnerability in XML parser for plugins that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via malicious plugins.xml file.