BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework Aug 22 2013 03:06PM
Pivotal Security Team (security gopivotal com)
Severity: Important

Vendor: Spring by Pivotal

Versions Affected:
- 3.0.0 to 3.2.3 (Spring OXM & Spring MVC)
- 4.0.0.M1 (Spring OXM)
- 4.0.0.M1-4.0.0.M2 (Spring MVC)
- Earlier unsupported versions may also be affected

Description:
The Spring OXM wrapper did not expose any property for disabling en...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus