Lucene search
K

12 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2014-0225

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by...

8.8CVSS6.9AI score0.01696EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/05/13 1:2 a.m.4 views

at.molindo.social:spring-social-config (=1.1.0.RELEASE), at.molindo.social:spring-social-security (=1.1.0.RELEASE) +232 more potentially affected by CVE-2014-0225 via org.springframework:spring-webmvc (>=4.0.0.RELEASE <=4.0.4.RELEASE)

org.springframework:spring-webmvc MAVEN version =4.0.0.RELEASE, =0.4, =1.4.0, =0.0.2, =0.10.1, =0.10.1, =0.13.3 - com.daikit:daikit4gxt =0.1 - com.ebay:lightning-client =0.9.0 - com.ebay:lightning-core =0.9.0 and more Source cves: CVE-2014-0225 Source advisory: OSV:GHSA-F93F-G33R-8PCP...

8.8CVSS7.2AI score0.01696EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/13 1:2 a.m.4 views

ar.com.jmfsg:api-doc (>=0.0.20 <=0.0.34), be.dnsbelgium:rdap-server (>=0.3.3 <=1.0.3) +1208 more potentially affected by CVE-2014-0225 via org.springframework:spring-webmvc (>=3.0.0.RELEASE <=3.2.7.RELEASE)

org.springframework:spring-webmvc MAVEN version =3.0.0.RELEASE, =0.0.20, =0.3.3, =0.1.0, =1.0.0, =0.2, =3.0.1, =1.0.0-RELEASE, =3.0.10, =3.0.10, =4.2.1, =4.2.1, =4.2.1, =4.2.15 and more Source cves: CVE-2014-0225 Source advisory: OSV:GHSA-F93F-G33R-8PCP...

8.8CVSS7.2AI score0.01696EPSS
Exploits0
NVD
NVD
added 2017/05/25 5:29 p.m.22 views

CVE-2014-0225

When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack...

8.8CVSS9AI score0.01696EPSS
Exploits0References1
OSV
OSV
added 2017/05/25 5:29 p.m.8 views

CVE-2014-0225

When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack...

8.8CVSS8.6AI score0.01696EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/05/25 5:29 p.m.51 views

CVE-2014-0225

When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack...

8.8CVSS7.2AI score0.01696EPSS
Exploits0References2
CVE
CVE
added 2017/05/25 5:0 p.m.114 views

CVE-2014-0225

CVE-2014-0225 affects Spring Framework when processing user-supplied XML: versions 4.0.0–4.0.4 and 3.0.0–3.2.8 (and possibly earlier unsupported revisions) did not disable by default the resolution of URI references in a DTD declaration, enabling an XML External Entity (XXE) attack. The initial d...

8.8CVSS8.4AI score0.01696EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2017/05/25 5:0 p.m.46 views

CVE-2014-0225

When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack...

8.5AI score0.01696EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2017/05/25 5:0 p.m.37 views

CVE-2014-0225

When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack...

8.8CVSS8.7AI score0.01696EPSS
Exploits0
Mageia
Mageia
added 2015/05/11 8:10 p.m.60 views

Updated springframework packages fix CVE-2014-0225

Updated springframework packages fix security vulnerabilities: When processing user provided XML documents, the Spring Framework did not disable by default the resolution of URI references in a DTD declaration. By observing differences in response times, an attacker could then identify valid IP...

8.8CVSS8.4AI score0.01696EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/05/11 12:0 a.m.29 views

Fedora 20 : springframework-3.1.4-3.fc20 (2015-6862)

Security fix for CVE-2014-0225 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

8.8CVSS7.8AI score0.01696EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2015/05/09 12:0 a.m.29 views

Fedora Update for springframework FEDORA-2015-6862

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.7AI score0.01696EPSS
Exploits0References2
Rows per page
Query Builder