CVE-2018-12585: Improper Restriction of XML External Entity Reference

September 14, 2018 (updated November 27, 2018)

An XXE vulnerability in the OPC UA Java and .NET Legacy Stack can allow remote attackers to trigger a denial of service.

References

www.securityfocus.com/bid/105538
nvd.nist.gov/vuln/detail/CVE-2018-12585
opcfoundation-onlineapplications.org/faq/SecurityBulletins/OPC_Foundation_Security_Bulletin_CVE-2018-12585.pdf

Detect and mitigate CVE-2018-12585 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →