Vulnerabilities > Xmlbeam

DATE CVE VULNERABILITY TITLE RISK
2018-05-11 CVE-2018-1259 XXE vulnerability in multiple products
Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 prior to 2.0.7, used in combination with XMLBeam 1.4.14 or earlier versions, contains a property binder vulnerability caused by improper restriction of XML external entity references as underlying library XMLBeam does not restrict external reference expansion.
network
low complexity
pivotal-software xmlbeam CWE-611
7.5