Bug 1620529 – CVE-2018-1000632 dom4j: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity of XML documents

Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.

Bug 1620529 - (CVE-2018-1000632) CVE-2018-1000632 dom4j: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity of XML documents

Summary:	CVE-2018-1000632 dom4j: XML Injection in Class: Element. Methods: addElement,...

Status:	NEW

Aliases:	CVE-2018-1000632

Product:	Security Response
Classification:	Other
Component:	vulnerability (Show other bugs)
Sub Component:
Version:	unspecified
Hardware:	All Linux

Priority	medium Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	Red Hat Product Security
QA Contact:
Docs Contact:

URL:
Whiteboard:	impact=moderate,public=20180701,repor...
Keywords:	Security

Depends On:	1620535 1626282 1626283 1639569 1639570 1639571 1639572 1643126
Blocks:	1620537
	Show dependency tree / graph

Reported:	2018-08-23 02:48 EDT by Andrej Nemec
Modified:	2018-10-25 10:30 EDT (History)
CC List:	114 users (show)

See Also:
Fixed In Version:	dom4j 2.0.3, dom4j 2.1.1
Doc Type:	If docs needed, set a value
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Andrej Nemec 2018-08-23 02:48:41 EDT

XML Injection vulnerability was found in dom4j in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document.

Upstream issue:

https://github.com/dom4j/dom4j/issues/48

Upstream patch:

https://github.com/dom4j/dom4j/commit/e598eb43d418744c4dbf62f647dd2381c9ce9387

References:

https://ihacktoprotect.com/post/dom4j-xml-injection/

Comment 1 Andrej Nemec 2018-08-23 02:50:18 EDT

Created dom4j tracking bugs for this issue:

Affects: fedora-all [bug 1620535]

Note You need to log in before you can comment on or make changes to this bug.

abergmann
aileenc
alazarot
anstephe
apintea
avibelli
bbuckingham
bcourt
bgeorges
bkearney
bmaxwell
bmcclain
cbillett
cbyrne
cdewolf
chazlett
cmacedo
cmoulliard
csutherl
darran.lofthouse
dbhole
dblechte
dfediuck
dffrench
dimitris
dosoudil
drieden
drusso
eedri
etirelli
fgavrilo
ggainey
gklein
gvarsami
gzaronik
hdegoede
hghasemb
hhorak
ibek
ikanello
java-maint
jawilson
jbalunas
jclere
jcoleman
jmadigan
jondruse
jorton
jpallich
jshepherd
kconner
krathod
kverlaen
ldimaggi
lgao
lgriffin
loleary
lpetrovi
lthon
mbabacek
meissner
mgoldboi
michal.skrivanek
mizdebsk
mmccune
mrike
msimacek
mszynkie
myarboro
ngough
nsantos
nwallace
ohadlevy
paradhya
pdrozd
pgallagh
pgier
pjurak
ppalaga
ppenicka
psakar
pslavice
psotirop
pszubiak
pwright
rchan
rjerrido
rnetuka
rrajasek
rruss
rstancel
rsvoboda
rsynek
rwagner
rzhang
sbonazzo
sdaley
sherold
spinder
sstavrev
sthorger
tcunning
theute
tjay
tkirby
tlestach
tomckay
trepel
trogers
twalsh
vtunka
weli
ylavi
yturgema