CVE-2020-15232: Improper Restriction of XML External Entity Reference

October 2, 2020 (updated October 8, 2020)

In mapfish-print, an attacker can run an XML External Entity (XXE) attack with the provided SDL style.

References

nvd.nist.gov/vuln/detail/CVE-2020-15232

Detect and mitigate CVE-2020-15232 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →