exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2014-0225

больше 8 лет назад

When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack.

CVSS3: 8.8

EPSS: Низкий

CVE-2014-0225

больше 11 лет назад

When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack.

CVSS2: 5

EPSS: Низкий

CVE-2014-0225

больше 8 лет назад

When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack.

CVSS3: 8.8

EPSS: Низкий

CVE-2014-0225

больше 8 лет назад

When processing user provided XML documents, the Spring Framework 4.0. ...

CVSS3: 8.8

EPSS: Низкий

GHSA-f93f-g33r-8pcp

больше 3 лет назад

Improper Restriction of XML External Entity Reference in Spring Framework

CVSS3: 8.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2014-0225 When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack.	CVSS3: 8.8	0% Низкий	больше 8 лет назад
CVE-2014-0225 When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack.	CVSS2: 5	0% Низкий	больше 11 лет назад
CVE-2014-0225 When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack.	CVSS3: 8.8	0% Низкий	больше 8 лет назад
CVE-2014-0225 When processing user provided XML documents, the Spring Framework 4.0. ...	CVSS3: 8.8	0% Низкий	больше 8 лет назад
GHSA-f93f-g33r-8pcp Improper Restriction of XML External Entity Reference in Spring Framework	CVSS3: 8.8	0% Низкий	больше 3 лет назад

Уязвимостей на страницу