{"id":"CVE-2022-0272","summary":"Improper Restriction of XML External Entity Reference in detekt/detekt","details":"Improper Restriction of XML External Entity Reference in GitHub repository detekt/detekt prior to 1.20.0.","aliases":["GHSA-2cfc-865j-gm4w"],"modified":"2026-04-10T04:42:41.835491Z","published":"2022-04-21T16:20:10Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/0xxx/CVE-2022-0272.json","cwe_ids":["CWE-611"],"cna_assigner":"@huntrdev"},"references":[{"type":"WEB","url":"https://huntr.dev/bounties/23e37ba7-96d5-4037-a90a-8c8f4a70ce44"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/0xxx/CVE-2022-0272.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0272"},{"type":"FIX","url":"https://github.com/detekt/detekt/commit/c965a8d2a6bbdb9bcfc6acfa7bbffd3da81f5395"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/detekt/detekt","events":[{"introduced":"0"},{"fixed":"8028a0673a9f18fdd91c7eebfae4642941135168"}]}],"versions":["1.0.0","1.0.0-RC11","1.0.0-RC12","1.0.0-RC13","1.0.0-RC14","1.0.0-RC15","1.0.0-RC16","1.0.0.M10","1.0.0.M10.1","1.0.0.M10.3","1.0.0.M7","1.0.0.M7.b1","1.0.0.M8","1.0.0.M8.1","1.0.0.M9","1.0.1","1.1.0","1.1.1","1.2.0","1.2.1","1.3.0","1.3.1","1.4.0","1.5.0","1.5.1","1.6.0","1.7.0","1.7.0-beta2","M1","M11","M12","M12.2","M12.3","M13","M13.1","M13.2","M2","M3","M4","M5","M6","RC1","RC10","RC2","RC4","RC4-3","RC5","RC5-2","RC5-3","RC5-4","RC5-5","RC5-6","RC6","RC6-1","RC6-2","RC6-3","RC6-4","RC7","RC7-2","RC7-3","RC8","RC9","RC9.2","v1.10.0","v1.10.0-RC1","v1.11.0","v1.11.0-RC1","v1.11.0-RC2","v1.11.1","v1.11.2","v1.12.0","v1.12.0-RC1","v1.13.0","v1.13.1","v1.14.0","v1.14.1","v1.14.2","v1.15.0","v1.15.0-RC1","v1.15.0-RC2","v1.16.0","v1.16.0-RC1","v1.16.0-RC2","v1.16.0-RC3","v1.17.0","v1.17.0-RC1","v1.17.0-RC2","v1.17.0-RC3","v1.18.0","v1.18.0-RC1","v1.18.0-RC2","v1.18.0-RC3","v1.19.0","v1.19.0-RC1","v1.19.0-RC2","v1.20.0-RC1","v1.20.0-RC2","v1.7.1","v1.7.2","v1.7.3","v1.7.4","v1.8.0","v1.9.0","v1.9.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-0272.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}]}