CVE-2021-23901: Improper Restriction of XML External Entity Reference

January 25, 2021 (updated November 7, 2023)

An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application’s processing of XML data.

References

nvd.nist.gov/vuln/detail/CVE-2021-23901

Code Behaviors & Features

Detect and mitigate CVE-2021-23901 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →