2 matches found
CVE-2014-3630
XML external entity XXE vulnerability in the Java XML processing functionality in Play before 2.2.6 and 2.3.x before 2.3.5 might allow remote attackers to read arbitrary files, cause a denial of service, or have unspecified other impact via crafted XML data...
CVE-2014-3630
Play framework’s Java XML processing (before 2.2.6 and 2.3.x before 2.3.5) is affected by CVE-2014-3630 via an XML External Entity (XXE) vulnerability. Crafted XML data can read arbitrary files, cause denial of service, or have unspecified impacts. The connected records confirm affected versions ...