gchq/stroom

Releases1.28K

Frequency2 days 17 hours

Last Release 14 days ago

Stars476

Stroom is a highly scalable data storage, processing and analysis platform.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2018-1000651 ↗	Aug 20, 2018Monday, 20 August 2018, 19:31	—	7.5 HIGH
Stroom version <5.4.5 contains a XML External Entity (XXE) vulnerability in XML Parser that can result in disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially crafted XML file.