exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2014-0225

около 8 лет назад

When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack.

CVSS3: 8.8

EPSS: Низкий

CVE-2014-0225

около 11 лет назад

When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack.

CVSS2: 5

EPSS: Низкий

CVE-2014-0225

около 8 лет назад

When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack.

CVSS3: 8.8

EPSS: Низкий

CVE-2014-0225

около 8 лет назад

When processing user provided XML documents, the Spring Framework 4.0. ...

CVSS3: 8.8

EPSS: Низкий

GHSA-f93f-g33r-8pcp

около 3 лет назад

Improper Restriction of XML External Entity Reference in Spring Framework

CVSS3: 8.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2014-0225 When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack.	CVSS3: 8.8	0% Низкий	около 8 лет назад
CVE-2014-0225 When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack.	CVSS2: 5	0% Низкий	около 11 лет назад
CVE-2014-0225 When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack.	CVSS3: 8.8	0% Низкий	около 8 лет назад
CVE-2014-0225 When processing user provided XML documents, the Spring Framework 4.0. ...	CVSS3: 8.8	0% Низкий	около 8 лет назад
GHSA-f93f-g33r-8pcp Improper Restriction of XML External Entity Reference in Spring Framework	CVSS3: 8.8	0% Низкий	около 3 лет назад

Уязвимостей на страницу