CVE-2014-0225
CVSS v3.0
8.8 (High)
CVSS v2.0
6.8 (Medium)
EPSS
0.18 % (56th)
Affected Products
2
Advisories
3
When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack.
Weaknesses
- CWE-611
- Improper Restriction of XML External Entity Reference
- CVE Status
- PUBLISHED
- CNA
- Dell
- Published Date
-
2017-05-25 17:29:00
(7 years ago) - Updated Date
-
2022-04-11 17:16:26
(2 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...