Vulnerabilities > Lightbend > Play Framework > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-12-29 CVE-2014-3630 XXE vulnerability in multiple products
XML external entity (XXE) vulnerability in the Java XML processing functionality in Play before 2.2.6 and 2.3.x before 2.3.5 might allow remote attackers to read arbitrary files, cause a denial of service, or have unspecified other impact via crafted XML data.
network
low complexity
playframework lightbend CWE-611
critical
9.8