Package: freecol Severity: normal Tags: security Please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000825: https://0dd.zone/2018/10/28/freecol-XXE/ https://github.com/FreeCol/freecol/issues/26
This is fairly short of details and could be totally bogus; it's not really stated whether that XML data is actually something which might potentially come from an external source (e.g. someone sending you a save game file, pretty far-fetched to begin with) or whether the XML data is all game data which is shipped via the game data. Cheers, Moritz