Skip to main content

Castor

1 CVEs product

Monthly

CVE-2014-3004 Maven MEDIUM POC PATCH This Month

The default configuration for the Xerces SAX Parser in Castor before 1.3.3 allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XML document. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XXE Castor Opensuse
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
3.6%
EPSS 4% CVSS 4.3
MEDIUM POC PATCH This Month

The default configuration for the Xerces SAX Parser in Castor before 1.3.3 allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XML document. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XXE Castor Opensuse
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy