Skip to main content

Soappy

2 CVEs product

Monthly

CVE-2014-3243 PyPI MEDIUM POC PATCH This Month

SOAPpy 0.12.5 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted SOAP request containing. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Soappy
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2014-3242 PyPI MEDIUM POC This Month

SOAPpy 0.12.5 allows remote attackers to read arbitrary files via a SOAP request containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XXE Information Disclosure Soappy
NVD
CVSS 2.0
5.0
EPSS
0.6%
EPSS 1% CVSS 5.0
MEDIUM POC PATCH This Month

SOAPpy 0.12.5 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted SOAP request containing. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Soappy
NVD
EPSS 1% CVSS 5.0
MEDIUM POC This Month

SOAPpy 0.12.5 allows remote attackers to read arbitrary files via a SOAP request containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XXE Information Disclosure Soappy
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy