CVE-2021-43090

An XML External Entity (XXE) vulnerability exists in soa-model before 1.6.4 in the WSDLParser function.
Configurations

Configuration 1 (hide)

cpe:2.3:a:predic8:soa_model:*:*:*:*:*:*:*:*

History

21 Nov 2024, 06:28

Type Values Removed Values Added
References () https://github.com/membrane/soa-model/commit/19de16902468e7963cc4dc6b544574bc1ea3f251 - Patch, Third Party Advisory () https://github.com/membrane/soa-model/commit/19de16902468e7963cc4dc6b544574bc1ea3f251 - Patch, Third Party Advisory
References () https://github.com/membrane/soa-model/commit/3aa295f155f621d5ea661cb9a0604013fc8fd8ff - Patch, Third Party Advisory () https://github.com/membrane/soa-model/commit/3aa295f155f621d5ea661cb9a0604013fc8fd8ff - Patch, Third Party Advisory
References () https://github.com/membrane/soa-model/issues/281 - Exploit, Issue Tracking, Third Party Advisory () https://github.com/membrane/soa-model/issues/281 - Exploit, Issue Tracking, Third Party Advisory
References () https://github.com/membrane/soa-model/releases/tag/v1.6.4 - Release Notes, Third Party Advisory () https://github.com/membrane/soa-model/releases/tag/v1.6.4 - Release Notes, Third Party Advisory

28 Jul 2022, 17:56

Type Values Removed Values Added
References (MISC) https://github.com/membrane/soa-model/commit/3aa295f155f621d5ea661cb9a0604013fc8fd8ff - (MISC) https://github.com/membrane/soa-model/commit/3aa295f155f621d5ea661cb9a0604013fc8fd8ff - Patch, Third Party Advisory
References (MISC) https://github.com/membrane/soa-model/releases/tag/v1.6.4 - (MISC) https://github.com/membrane/soa-model/releases/tag/v1.6.4 - Release Notes, Third Party Advisory
References (MISC) https://github.com/membrane/soa-model/commit/19de16902468e7963cc4dc6b544574bc1ea3f251 - (MISC) https://github.com/membrane/soa-model/commit/19de16902468e7963cc4dc6b544574bc1ea3f251 - Patch, Third Party Advisory

08 Apr 2022, 21:15

Type Values Removed Values Added
Summary An XML External Entity (XXE) vulnerability exists in all versions of soa-model (as of 11.01/2021) in the WSDLParser function. An XML External Entity (XXE) vulnerability exists in soa-model before 1.6.4 in the WSDLParser function.
References
  • (MISC) https://github.com/membrane/soa-model/commit/3aa295f155f621d5ea661cb9a0604013fc8fd8ff -
  • (MISC) https://github.com/membrane/soa-model/releases/tag/v1.6.4 -
  • (MISC) https://github.com/membrane/soa-model/commit/19de16902468e7963cc4dc6b544574bc1ea3f251 -

31 Mar 2022, 12:51

Type Values Removed Values Added
CPE cpe:2.3:a:predic8:soa_model:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : 7.5
v3 : 9.8
References (MISC) https://github.com/membrane/soa-model/issues/281 - (MISC) https://github.com/membrane/soa-model/issues/281 - Exploit, Issue Tracking, Third Party Advisory
CWE CWE-611

25 Mar 2022, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-03-25 16:15

Updated : 2024-11-21 06:28


NVD link : CVE-2021-43090

Mitre link : CVE-2021-43090

CVE.ORG link : CVE-2021-43090


JSON object : View

Products Affected

predic8

  • soa_model
CWE
CWE-611

Improper Restriction of XML External Entity Reference