7.5
CVE-2014-2054
- EPSS 0.54%
- Veröffentlicht 04.06.2014 14:55:03
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
PHPExcel before 1.8.0, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, does not disable external entity loading in libxml, which allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Owncloud ≫ Owncloud Server Version6.0.0
Owncloud ≫ Owncloud Server Version6.0.1
Phpexcel Project ≫ Phpexcel Version <= 1.7.9
Owncloud ≫ Owncloud Server Updatea Version <= 5.0.14
Owncloud ≫ Owncloud Server Version5.0.0
Owncloud ≫ Owncloud Server Version5.0.1
Owncloud ≫ Owncloud Server Version5.0.2
Owncloud ≫ Owncloud Server Version5.0.3
Owncloud ≫ Owncloud Server Version5.0.4
Owncloud ≫ Owncloud Server Version5.0.5
Owncloud ≫ Owncloud Server Version5.0.6
Owncloud ≫ Owncloud Server Version5.0.7
Owncloud ≫ Owncloud Server Version5.0.8
Owncloud ≫ Owncloud Server Version5.0.9
Owncloud ≫ Owncloud Server Version5.0.10
Owncloud ≫ Owncloud Server Version5.0.11
Owncloud ≫ Owncloud Server Version5.0.12
Owncloud ≫ Owncloud Server Version5.0.13
Owncloud ≫ Owncloud Server Version5.0.14
Phpexcel Project ≫ Phpexcel Version <= 1.7.9
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.54% | 0.648 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|