.. _vulnerabilityManagement_securityAdvisory_2023_CVE-2023-34411:

CVE-2023-34411
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Data: 2023-06-14

Severity: High

CVSS Score:  7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Riferimenti: `https://nvd.nist.gov/vuln/detail/CVE-2023-34411 <https://nvd.nist.gov/vuln/detail/CVE-2023-34411>`_

Libreria: com.fasterxml.woodstox:woodstox-core <= 6.4.0

**Descrizione**

The xml-rs crate before 0.8.14 for Rust and Crab allows a denial of service (panic) via an invalid <! token (such as <!DOCTYPEs/%<!A nesting) in an XML document. The earliest affected version is 0.8.9.

**GovWay**

Versione affette: <= 3.3.12

Risoluzione: 3.3.13