Description:
A Remote Code Execution (RCE) vulnerability was discovered in the
Any23 YAMLExtractor.java file and is known to affect Any23 versions <
2.5. RCE vulnerabilities allow a malicious actor to execute any code
of their choice on a remote machine over LAN, WAN, or internet. RCE
belongs to
*What?*
The Apache Any23 Team is pleased to announce the release of Apache Any23 2.5.
Apache Anything To Triples (Any23) is a library, a web service and a
command line tool that
extracts structured data in RDF format from a variety of Web documents.
*Where?*
Download:
Severity: critical
Description:
An XML external entity (XXE) injection vulnerability was discovered in
the Any23 StreamUtils.java file and is known to affect Any23 versions
< 2.5. XML external entity injection (also known as XXE) is a web
security vulnerability that allows an attacker to
