5 matches found
CVE-2026-40999
CVE-2026-40999 affects Spring Web Services (versions across 3.1.0–3.1.8, 4.0.0–4.0.18, 4.1.0–4.1.3, 5.0.0–5.0.1). When WS-Addressing is used with non-anonymous ReplyTo or FaultTo addresses, Spring WS can initiate outbound connections via configured WebServiceMessageSender instances to destination...
CVE-2026-40999 Spring WS SSRF via unvalidated WS-Addressing reply destinations
When WS-Addressing is used with non-anonymous ReplyTo or FaultTo addresses, Spring WS may initiate outbound connections through configured WebServiceMessageSender instances to destinations taken directly from request headers without verifying that those destinations are safe to connect to. Affect...
The vulnerability of the WS-Addressing plugin in the gSOAP software development environment allows a attacker to trigger a service failure.
The vulnerability of the WS-Addressing plugin in the gSOAP software development environment is related to errors in pointer manipulation during SOAP request processing. Exploiting this vulnerability allows an attacker to cause service failures by sending specially crafted HTTP requests...
The vulnerability of the WS-Addressing plugin in the gSOAP web service development environment allows a attacker to cause a service failure.
The vulnerability of the WS-Addressing plugin in the gSOAP web service development environment is related to errors in pointer manipulation during SOAP request processing. Exploiting this vulnerability allows an attacker to cause service failures by sending specially crafted HTTP requests...
UBUNTU-CVE-2021-21783
A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...