PT-2025-7443 · Unknown · Java Sdk For Cloudevents

Name of the Vulnerable Software and Affected Versions: Java SDK for CloudEvents version 4.0.1 Description: The issue is related to an XML External Entity XXE vulnerability in the deserializeArgs method. This allows attackers to access sensitive information by supplying a crafted XML-formatted eve...

CVE-2024-55156

An XML External Entity XXE vulnerability in the deserializeArgs method of Java SDK for CloudEvents v4.0.1 allows attackers to access sensitive information via supplying a crafted XML-formatted event message...