{ "affected": [ { "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "last_affected": "1.9.9-build246" }, { "introduced": "0" }, { "last_affected": "1.9.9-build247" }, { "introduced": "0" }, { "last_affected": "2.0.7-build263" }, { "introduced": "0" }, { "last_affected": "6.1.6-build166" }, { "introduced": "0" }, { "last_affected": "6.1.6-build167" }, { "introduced": "0" }, { "last_affected": "6.1.7-build168" }, { "introduced": "0" }, { "last_affected": "6.1.8-build169" }, { "introduced": "0" }, { "last_affected": "6.1.9-build172" }, { "introduced": "0" }, { "last_affected": "6.2.0-build173" }, { "introduced": "0" }, { "last_affected": "6.2.0-build174" }, { "introduced": "0" }, { "last_affected": "6.2.1-build175" }, { "introduced": "0" }, { "last_affected": "6.2.2-build176" }, { "introduced": "0" }, { "last_affected": "6.2.3-build177" }, { "introduced": "0" }, { "last_affected": "6.2.3-build178" }, { "introduced": "0" }, { "last_affected": "6.2.4-build179" }, { "introduced": "0" }, { "last_affected": "6.3.0-build180" }, { "introduced": "0" }, { "last_affected": "6.3.0-build181" }, { "introduced": "0" }, { "last_affected": "6.3.0-build182" }, { "introduced": "0" }, { "last_affected": "6.3.0-build183" }, { "introduced": "0" }, { "last_affected": "6.3.0-build184" }, { "introduced": "0" }, { "last_affected": "6.3.0-build185" }, { "introduced": "0" }, { "last_affected": "6.3.1-build186" }, { "introduced": "0" }, { "last_affected": "6.3.2-build187" }, { "introduced": "0" }, { "last_affected": "6.3.2-build188" }, { "introduced": "0" }, { "last_affected": "6.3.3-build189" }, { "introduced": "0" }, { "last_affected": "6.3.3-build190" }, { "introduced": "0" }, { "last_affected": "6.3.3-build193" }, { "introduced": "0" }, { "last_affected": "6.3.3-build255" }, { "introduced": "0" }, { "last_affected": "6.3.4-build193" }, { "introduced": "0" }, { "last_affected": "6.3.4-build194" }, { "introduced": "0" }, { "last_affected": "6.3.5-build195" }, { "introduced": "0" }, { "last_affected": "6.3.5-build197" }, { "introduced": "0" }, { "last_affected": "6.3.5-build198" }, { "introduced": "0" }, { "last_affected": "6.3.6-build201" }, { "introduced": "0" }, { "last_affected": "6.3.6-build202" }, { "introduced": "0" }, { "last_affected": "6.3.7-build203" }, { "introduced": "0" }, { "last_affected": "6.3.7-build204" }, { "introduced": "0" }, { "last_affected": "6.3.7-build205" }, { "introduced": "0" }, { "last_affected": "6.3.7-build206" }, { "introduced": "0" }, { "last_affected": "6.4.0-build207" }, { "introduced": "0" }, { "last_affected": "6.4.0-build208" }, { "introduced": "0" }, { "last_affected": "6.4.1-build209" }, { "introduced": "0" }, { "last_affected": "6.4.1-build210" }, { "introduced": "0" }, { "last_affected": "6.4.2-build212" }, { "introduced": "0" }, { "last_affected": "6.4.3-build214" }, { "introduced": "0" }, { "last_affected": "6.4.4-build215" }, { "introduced": "0" }, { "last_affected": "6.4.5-build218" }, { "introduced": "0" }, { "last_affected": "6.4.5-build219" }, { "introduced": "0" }, { "last_affected": "6.4.5-build220" }, { "introduced": "0" }, { "last_affected": "6.4.5-build221" }, { "introduced": "0" }, { "last_affected": "6.4.5-build222" }, { "introduced": "0" }, { "last_affected": "6.4.6-build223" }, { "introduced": "0" }, { "last_affected": "6.4.6-build227" }, { "introduced": "0" }, { "last_affected": "6.4.7-build228" }, { "introduced": "0" }, { "last_affected": "6.4.7-build229" }, { "introduced": "0" }, { "last_affected": "6.4.8-build230" }, { "introduced": "0" }, { "last_affected": "6.4.8-build232" }, { "introduced": "0" }, { "last_affected": "6.4.8-build233" }, { "introduced": "0" }, { "last_affected": "6.4.8-build234" }, { "introduced": "0" }, { "last_affected": "6.4.9-build235" }, { "introduced": "0" }, { "last_affected": "6.5.0-build236" }, { "introduced": "0" }, { "last_affected": "6.5.1-build238" }, { "introduced": "0" }, { "last_affected": "6.5.2-build239" }, { "introduced": "0" }, { "last_affected": "6.5.3-build240" }, { "introduced": "0" }, { "last_affected": "6.5.4-build241" }, { "introduced": "0" }, { "last_affected": "6.5.5-build242" }, { "introduced": "0" }, { "last_affected": "6.5.5-build243" }, { "introduced": "0" }, { "last_affected": "6.5.8-build244" }, { "introduced": "0" }, { "last_affected": "6.5.8-build245" }, { "introduced": "0" }, { "last_affected": "6.5.9-build246" }, { "introduced": "0" }, { "last_affected": "6.6.0-build248" }, { "introduced": "0" }, { "last_affected": "6.6.1-build249" }, { "introduced": "0" }, { "last_affected": "6.6.2-build250" }, { "introduced": "0" }, { "last_affected": "6.6.2-build251" }, { "introduced": "0" }, { "last_affected": "6.6.3-build252" }, { "introduced": "0" }, { "last_affected": "6.6.3-build253" }, { "introduced": "0" }, { "last_affected": "6.6.4-build256" }, { "introduced": "0" }, { "last_affected": "6.6.5-build257" }, { "introduced": "0" }, { "last_affected": "6.6.6-build258" }, { "introduced": "0" }, { "last_affected": "6.6.7-build529" }, { "introduced": "0" }, { "last_affected": "6.6.8-build260" }, { "introduced": "0" }, { "last_affected": "6.7.0-build261" }, { "introduced": "0" }, { "last_affected": "6.7.0-build262" }, { "introduced": "0" }, { "last_affected": "6.7.0-build264" }, { "introduced": "0" }, { "last_affected": "6.7.0-build265hotfix" }, { "introduced": "0" }, { "last_affected": "6.7.1-build266" }, { "introduced": "0" }, { "last_affected": "6.7.1-build267" }, { "introduced": "0" }, { "last_affected": "6.7.1-build268" }, { "introduced": "0" }, { "last_affected": "6.7.2-build269" }, { "introduced": "0" }, { "last_affected": "6.7.2-build270" }, { "introduced": "0" }, { "last_affected": "6.7.3-build271" }, { "introduced": "0" }, { "last_affected": "6.7.4-build272" } ] }, "events": [ { "introduced": "0" }, { "last_affected": "b91f70d227f2434c8eda9325f1f72e69a1273213" }, { "introduced": "0" }, { "last_affected": "e46da731d7aff989dfcae9d47875e908fb8c9edd" }, { "introduced": "0" }, { "last_affected": "ab3b815a794177ca10e222b49ac7229ee43d1c9f" }, { "introduced": "0" }, { "last_affected": "0d605f4c6199ec289fcdcfecfc22b07192038edd" }, { "introduced": "0" }, { "last_affected": "f975d3605049c83c1b60841e32cbddbc5d55aaea" }, { "introduced": "0" }, { "last_affected": "9aee6ebf45c49f4bdd562ac62403becd15ce55b1" }, { "introduced": "0" }, { "last_affected": "6d8130750712d8a2024c74ccbce569b485b42dda" }, { "introduced": "0" }, { "last_affected": "f128cc2ecfc801d8ae2ff1846c2e8bd63b8acfde" }, { "introduced": "0" }, { "last_affected": "abfe6a45fcff966538425ba435f70bfbb3ed12d9" }, { "introduced": "0" }, { "last_affected": "aebbdbe57c08aa37bf2aaad7a69b5ae2997fc569" }, { "introduced": "0" }, { "last_affected": "28e95a195a2cc51c14b4e3b279ec521cdd270da8" }, { "introduced": "0" }, { "last_affected": "4274178a13775f6b33872f298358d1d7818d6421" }, { "introduced": "0" }, { "last_affected": "8c30c0a835d1b727933891e954cfaf293fdba638" }, { "introduced": "0" }, { "last_affected": "8cc4b6156d25b80903c4c80db27405c2d23a3da9" }, { "introduced": "0" }, { "last_affected": "06c89a4cd39ddb84b9fe5c7321cde15448792c68" }, { "introduced": "0" }, { "last_affected": "b1ea11626b893f0d97e718e0543e084e55938f6b" }, { "introduced": "0" }, { "last_affected": "6005d48efec8ced319469ff05d54c8aa8ed2fe23" }, { "introduced": "0" }, { "last_affected": "1122d85364227dc0af824f71fc30c78a8e5e13a1" }, { "introduced": "0" }, { "last_affected": "7937770a2127073f6ea9c117a138aace218b07e5" }, { "introduced": "0" }, { "last_affected": "19bb1d8cb6af3e957008b219c5206e25d720380f" }, { "introduced": "0" }, { "last_affected": "958c3552d8b4a443651af2476c4d92826cc34c2c" }, { "introduced": "0" }, { "last_affected": "7413bc9bb7432a32ab1a626d2b21d990b2bb0d0b" }, { "introduced": "0" }, { "last_affected": "56f11124db8b9d5883e9f1e0aaedb51db2a87e0b" }, { "introduced": "0" }, { "last_affected": "7fd56bb4201d721e9591caa769d3b948a137e2b6" }, { "introduced": "0" }, { "last_affected": "33957b95a4757cd314345307ef4822294061c33d" }, { "introduced": "0" }, { "last_affected": "33957b95a4757cd314345307ef4822294061c33d" }, { "introduced": "0" }, { "last_affected": "0243fe2ff986981d24d153407bfc91f088ac6886" }, { "introduced": "0" }, { "last_affected": "fd7617f7b25af43ef6964918e0c4e8c856897861" }, { "introduced": "0" }, { "last_affected": "6de8080046ae5092862b44efed460a956ce35b14" }, { "introduced": "0" }, { "last_affected": "9d9dced3ac3bf97ce2c2345ca174cc503915454d" }, { "introduced": "0" }, { "last_affected": "ac007012b939704f998bcb7bc6609f77c14a5b0e" }, { "introduced": "0" }, { "last_affected": "f508a4255b79c5cd4b68f684fc8452e012f2ef30" }, { "introduced": "0" }, { "last_affected": "e4dce600d28c3a0aa7834104343a27b7a76099b2" }, { "introduced": "0" }, { "last_affected": "912aaad923a250029b282d191ff60ab450171b18" }, { "introduced": "0" }, { "last_affected": "f0c93b492331d564922827687513f6ddeecad3f3" }, { "introduced": "0" }, { "last_affected": "14b6454d9177bc0256273ba2260f34bf3d404c56" }, { "introduced": "0" }, { "last_affected": "a48beb34ce1c9a9a7e69095f5afe3a4aa8d7b662" }, { "introduced": "0" }, { "last_affected": "f3de076a400ceab844539933a444c74448e68068" }, { "introduced": "0" }, { "last_affected": "255c958650060a2aa4d6e3dd1d8c9a2b15a6a038" }, { "introduced": "0" }, { "last_affected": "ec19df8efb8f3f0e116da872129b86a64d279b22" }, { "introduced": "0" }, { "last_affected": "996eec98c510652ba2ac34963da04d6dc9b4c7cf" }, { "introduced": "0" }, { "last_affected": "8cc8de4c0949e56a1a4c95a4b2043300eead5147" }, { "introduced": "0" }, { "last_affected": "b6c89cb1f79e3ebcd5eab50525d2468154f4fdfe" }, { "introduced": "0" }, { "last_affected": "976b9fcc8dc97ff2e78f25f16aa89f47c3d4dec0" }, { "introduced": "0" }, { "last_affected": "7ee7e2c8c99fbd74d5cf4e0c99788fb527fc5fbf" }, { "introduced": "0" }, { "last_affected": "323f8d0f96bf859f025103e9a7f36f38347eb2d1" }, { "introduced": "0" }, { "last_affected": "2fbd11405412902a1c17bfca45eada689bd0ecc6" }, { "introduced": "0" }, { "last_affected": "c8fe046d77b09c10359e2f463540df795ec416e3" }, { "introduced": "0" }, { "last_affected": "b87bbc4569423c857f4f56545c6801785e36261d" }, { "introduced": "0" }, { "last_affected": "facbf3742c3bd1a87b529cb0b03829215e67131a" }, { "introduced": "0" }, { "last_affected": "a249395dd262d72b49812a3779d89d0a2197ca74" }, { "introduced": "0" }, { "last_affected": "c10c72754b501c723af671c4ae304ed35eef55f1" }, { "introduced": "0" }, { "last_affected": "f18fd1818f1709556828c3f18a7a8c1f31665ca2" }, { "introduced": "0" }, { "last_affected": "11d7dec34c1e354865781d0e31140b1936e74ad5" }, { "introduced": "0" }, { "last_affected": "078697889bceaad3ef9427ff42a3424ced5ccf17" }, { "introduced": "0" }, { "last_affected": "d1e637a32be0c406c1f6a2c06f4f5a67dc1edacc" }, { "introduced": "0" }, { "last_affected": "19095e05266354a4defd172bfd8618195747492c" }, { "introduced": "0" }, { "last_affected": "18bc4ba510d19dfeb110018e7ac3ad1a523cf21e" }, { "introduced": "0" }, { "last_affected": "b3a3a2c03dfaf95586afe00836db0889d660c3be" }, { "introduced": "0" }, { "last_affected": "5a3a0aac194e832609c57dfa1482c2861a1fef47" }, { "introduced": "0" }, { "last_affected": "a7c697d131b21c61ce9b6eab51715b0473f553ae" }, { "introduced": "0" }, { "last_affected": "dfaa2ff194849bf870a90555ed336c1f912fa715" }, { "introduced": "0" }, { "last_affected": "49ca7de8df549c0e82645b03ce99f665f335f1cf" }, { "introduced": "0" }, { "last_affected": "b19f08869eed447ddb0975350aafcb8383b2cf48" }, { "introduced": "0" }, { "last_affected": "c5eeeb2d1cb117f36c7ce13bf2b22e503ce62ff0" }, { "introduced": "0" }, { "last_affected": "581c7ac490363237bab597ce03c5d4a682b053fc" }, { "introduced": "0" }, { "last_affected": "f67e1d8c6b97a5b5d7f82ad037e17af56acf55eb" }, { "introduced": "0" }, { "last_affected": "3322aa05821ebd1bb32d8ce2a304c9d78d358085" }, { "introduced": "0" }, { "last_affected": "962941a7d046cb2ead4e36880cb659e4e3ad93b2" }, { "introduced": "0" }, { "last_affected": "b91f70d227f2434c8eda9325f1f72e69a1273213" }, { "introduced": "0" }, { "last_affected": "999f436f1cbc8b1382438db1ed0873afe4c5a7dd" }, { "introduced": "0" }, { "last_affected": "556ce15e5ae07adb6b83601aad64ed6d751c0a49" }, { "introduced": "0" }, { "last_affected": "d622a40e8fcf42ef7442832f28e9f3f4d4fb9f43" }, { "introduced": "0" }, { "last_affected": "a01d4aa15f0cfbf360c6ec1770ea79373d585752" }, { "introduced": "0" }, { "last_affected": "fd910f47a04b50e3a05952e06af40daad85d3cd4" }, { "introduced": "0" }, { "last_affected": "9f3d244acf5e0753ab0d5ae94f4b4ff4d19e8599" }, { "introduced": "0" }, { "last_affected": "4bbfa50a918de670f019ce79d38fcdc63461a1db" }, { "introduced": "0" }, { "last_affected": "e4812d8ed19db560283e66f4985c7dd3229960b7" }, { "introduced": "0" }, { "last_affected": "b9b97b9487a1e544a95b45e2eeac8bbbcea15546" }, { "introduced": "0" }, { "last_affected": "de3bf7aaf806446bf6a78173682551a79b44d24b" }, { "introduced": "0" }, { "last_affected": "5b7672f8db22ef3b0192d3e0f439666d901912ef" }, { "introduced": "0" }, { "last_affected": "d8ef00cb181682a877aba2ee90ce40310bdd876a" }, { "introduced": "0" }, { "last_affected": "10d599c5327d2672e90bfc99d0222db9b45215ed" }, { "introduced": "0" }, { "last_affected": "595b7a1d7da3c40477efc22df2ba0039726f03b7" }, { "introduced": "0" }, { "last_affected": "e4712cce233d9dd74184cc09b4d8894a5f12cef8" }, { "introduced": "0" }, { "last_affected": "b01a70be0078d456f0968138f3cc5057f7d12e83" }, { "introduced": "0" }, { "last_affected": "4f6955890d6c635dfbd84199e652a86873652522" }, { "introduced": "0" }, { "last_affected": "0046ce6f49a0ddf2e0df7b1031f1a49d21479742" }, { "introduced": "0" }, { "last_affected": "326975d8aca92cc1c9442a5345b2bdbf3536955f" }, { "introduced": "0" }, { "last_affected": "cfbb442f38ce5a701f171d1b2f578c9fb1261fcb" }, { "introduced": "0" }, { "last_affected": "21f13679d475eb46defcef66b64a6f8568c1706d" }, { "introduced": "0" }, { "last_affected": "e4b4505f9e3d9b7296e4d6095dc543d24b0a4286" } ], "repo": "https://github.com/frostwire/frostwire", "type": "GIT" } ] } ], "details": "FrostWire version \u003c= frostwire-desktop-6.7.4-build-272 contains a XML External Entity (XXE) vulnerability in Man in the middle on update that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This attack appear to be exploitable via Man in the middle the call to update the software.", "id": "CVE-2018-1000828", "modified": "2026-03-13T21:51:50.734956263Z", "published": "2018-12-20T15:29:01.190Z", "references": [ { "type": "ADVISORY", "url": "https://0dd.zone/2018/10/28/frostwire-XXE-MitM/" }, { "type": "REPORT", "url": "https://github.com/frostwire/frostwire/issues/829" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "type": "CVSS_V3" } ] }