ch.hsr.mas.oms-financialanalyzer:indicators (=1.2.0), ch.hsr.mas.oms-financialanalyzer:oms-api (=1.2.0) +239 more potentially affected by CVE-2013-7315 via org.springframework:spring-oxm (>=3.0.0.RELEASE <=3.2.3.RELEASE)

org.springframework:spring-oxm MAVEN version =3.0.0.RELEASE, =2.6.20, =1.0-RELEASE, =0.9.3, =0.9.3, =0.9.3, =0.9.8, =0.9.3, =0.8.0, =0.8.0, =0.8.0, =1.0.1-RELEASE and more Source cves: CVE-2013-7315 Source advisory: OSV:GHSA-VP63-RRCM-9MPH...

ch.hsr.mas.oms-financialanalyzer:indicators (=1.2.0), ch.hsr.mas.oms-financialanalyzer:oms-api (=1.2.0) +239 more potentially affected by CVE-2013-4152 via org.springframework:spring-oxm (>=3.0.0.RELEASE <=3.2.3.RELEASE)

org.springframework:spring-oxm MAVEN version =3.0.0.RELEASE, =2.6.20, =1.0-RELEASE, =0.9.3, =0.9.3, =0.9.3, =0.9.8, =0.9.3, =0.8.0, =0.8.0, =0.8.0, =1.0.1-RELEASE and more Source cves: CVE-2013-4152 Source advisory: OSV:GHSA-RP4P-G69R-438X...

RHEL 6 : activemq (RHSA-2014:0254)

An updated activemq package that fixes multiple security issues is now available for Red Hat OpenShift Enterprise 1.2.7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Framework: XML External Entity (XXE) injection flaw

The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in...

Moderate: Red Hat Security Advisory: Red Hat JBoss A-MQ 6.1.0 update

Red Hat JBoss A-MQ 6.1.0, which fixes multiple security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS bas...

Moderate: Red Hat Security Advisory: Red Hat JBoss SOA Platform 5.3.1 update

Red Hat JBoss SOA Platform 5.3.1 roll up patch 4, which fixes two security issues and various bugs, is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores,...

CVE-2013-4152

The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in...

CVE-2013-4152

The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in...

DSA-2842-1 libspring-java - several

Bulletin has no description...

XXE Injection in Spring Framework

Hello! I'll give you additional information concerning advisory XML External Entity XXE Injection in Spring Framework http://securityvulns.ru/docs29758.html. ------------------------- Affected products: ------------------------- - 3.0.0 to 3.2.3 Spring OXM & Spring MVC - 4.0.0.M1 Spring OXM -...

CVE-2013-4152 XML External Entity &#40;XXE&#41; injection in Spring Framework

Severity: Important Vendor: Spring by Pivotal Versions Affected: - 3.0.0 to 3.2.3 Spring OXM & Spring MVC - 4.0.0.M1 Spring OXM - 4.0.0.M1-4.0.0.M2 Spring MVC - Earlier unsupported versions may also be affected Description: The Spring OXM wrapper did not expose any property for disabling entity...