2 matches found
CVE-2014-3630
Play framework’s Java XML processing (before 2.2.6 and 2.3.x before 2.3.5) is affected by CVE-2014-3630 via an XML External Entity (XXE) vulnerability. Crafted XML data can read arbitrary files, cause denial of service, or have unspecified impacts. The connected records confirm affected versions ...
CVE-2014-3630
XML external entity XXE vulnerability in the Java XML processing functionality in Play before 2.2.6 and 2.3.x before 2.3.5 might allow remote attackers to read arbitrary files, cause a denial of service, or have unspecified other impact via crafted XML data...