CVE-2023-4218
published 2023-11-09CVE-2023-4218: In Eclipse IDE versions < 2023-09 (4.29) some files with xml content are parsed vulnerable against all sorts of XXE attacks. The user just needs to open any…
PriorityP421medium5CVSS 3.1
AVLACLPRLUIRSUCHINAN
EPSS
0.39%
30.5th percentile
In Eclipse IDE versions < 2023-09 (4.29) some files with xml content are parsed vulnerable against all sorts of XXE attacks. The user just needs to open any evil project or update an open project with a vulnerable file (for example for review a foreign repository or patch).
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| eclipse | eclipse_ide | < 4.29 | 4.29 |
| eclipse | org.eclipse.core.runtime | < 3.29.0 | 3.29.0 |
| eclipse | pde | < 3.13.2400 | 3.13.2400 |
| eclipse_foundation | eclipse_ide | < 4.29 | 4.29 |
| eclipse_foundation | eclipse_ide | < 2023-09 | 2023-09 |
| eclipse_foundation | org.eclipse.core.runtime | < 3.29.0 | 3.29.0 |
| eclipse_foundation | org.eclipse.pde | <= 3.13.2400 | — |
CVSS provenance
nvdv3.15.0MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
osv5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Eclipse IDE XXE in eclipse.platform
ghsa·2023-11-30
CVE-2023-4218 [MEDIUM] Eclipse IDE XXE in eclipse.platform
Eclipse IDE XXE in eclipse.platform
### Impact
xml files like ".project" are parsed vulnerable against all sorts of XXE attacks. The user just needs to open any evil project or update an open project with a vulnerable file (for example for review a foreign repository or patch).
Vulnerablility was found by static code analysis (SonarLint).
Example `.project` file:
```
]>
p
&xxe;
```
### Patches
Similar patches including junit test that shows the vulnerability have already applied to PDE (see https://github.com/eclipse-pde/eclipse.pde/pull/667). A solution to platform should be the same: just reject parsing any XML that contains any `DOCTYPE`.
### Workarounds
No known workaround. User can only avoid to get/open any foreign files with eclipse. Firewall rules against loss of data (but
OSV
Eclipse IDE XXE in eclipse.platform
osv·2023-11-30
CVE-2023-4218 [MEDIUM] Eclipse IDE XXE in eclipse.platform
Eclipse IDE XXE in eclipse.platform
### Impact
xml files like ".project" are parsed vulnerable against all sorts of XXE attacks. The user just needs to open any evil project or update an open project with a vulnerable file (for example for review a foreign repository or patch).
Vulnerablility was found by static code analysis (SonarLint).
Example `.project` file:
```
]>
p
&xxe;
```
### Patches
Similar patches including junit test that shows the vulnerability have already applied to PDE (see https://github.com/eclipse-pde/eclipse.pde/pull/667). A solution to platform should be the same: just reject parsing any XML that contains any `DOCTYPE`.
### Workarounds
No known workaround. User can only avoid to get/open any foreign files with eclipse. Firewall rules against loss of data (but
OSV
CVE-2023-4218: In Eclipse IDE versions < 2023-09 (4
osv·2023-11-09·CVSS 5.0
CVE-2023-4218 [MEDIUM] CVE-2023-4218: In Eclipse IDE versions < 2023-09 (4
In Eclipse IDE versions < 2023-09 (4.29) some files with xml content are parsed vulnerable against all sorts of XXE attacks. The user just needs to open any evil project or update an open project with a vulnerable file (for example for review a foreign repository or patch).
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/eclipse-cdt/cdt/commit/c7169b3186d2fef20f97467c3e2ad78e2943ed1bhttps://github.com/eclipse-emf/org.eclipse.emf/issues/10https://github.com/eclipse-jdt/eclipse.jdt.core/commit/38dd2a878f45cdb3d8d52090f1d6d1b532fd4c4dhttps://github.com/eclipse-jdt/eclipse.jdt.ui/commit/13675b1f8a74f47de4da89ed0ded6af7c21dfbechttps://github.com/eclipse-pde/eclipse.pde/pull/632/https://github.com/eclipse-pde/eclipse.pde/pull/667/https://github.com/eclipse-platform/eclipse.platform.releng.buildtools/pull/45https://github.com/eclipse-platform/eclipse.platform.swt/commit/bf71db5ddcb967c0863dad4745367b54f49e06bahttps://github.com/eclipse-platform/eclipse.platform.ui/commit/f243cf0a28785b89b7c50bf4e1cce48a917d89bdhttps://github.com/eclipse-platform/eclipse.platform/pull/761https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/8https://github.com/eclipse-cdt/cdt/commit/c7169b3186d2fef20f97467c3e2ad78e2943ed1bhttps://github.com/eclipse-emf/org.eclipse.emf/issues/10https://github.com/eclipse-jdt/eclipse.jdt.core/commit/38dd2a878f45cdb3d8d52090f1d6d1b532fd4c4dhttps://github.com/eclipse-jdt/eclipse.jdt.ui/commit/13675b1f8a74f47de4da89ed0ded6af7c21dfbechttps://github.com/eclipse-pde/eclipse.pde/pull/632/https://github.com/eclipse-pde/eclipse.pde/pull/667/https://github.com/eclipse-platform/eclipse.platform.releng.buildtools/pull/45https://github.com/eclipse-platform/eclipse.platform.swt/commit/bf71db5ddcb967c0863dad4745367b54f49e06bahttps://github.com/eclipse-platform/eclipse.platform.ui/commit/f243cf0a28785b89b7c50bf4e1cce48a917d89bdhttps://github.com/eclipse-platform/eclipse.platform/pull/761https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/8
2023-11-09
Published