Lucene search
Veracode Vulnerability DatabaseVERACODE:37309HistorySep 28, 2022 - 2:42 a.m.
Information Disclosure
2022-09-2802:42:55
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
soap
vulnerability
arbitrary files
http
xml
library
information disclosure
EPSS
0.001
Percentile
38.6%
soap is vulnerable to information disclosure. The vulnerability exists due to the lack of restrictions in the XML external entity reference of the library, allowing an attacker to read arbitrary files over HTTP
Related
vulnrichment
vulnrichment
cnvd
cnvd
Apache SOAP XML External Entity Injection Vulnerability
2022-09-26 00:00:00
cve
cve
CVE-2022-40705
2022-09-22 09:15:09
ibm
ibm
prion
prion
Xxe
2022-09-22 09:15:00
cvelist
cvelist
github
github
Apache SOAP's RPCRouterServlet allows reading of arbitrary files over HTTP
2022-09-23 00:00:46
nvd
nvd
CVE-2022-40705
2022-09-22 09:15:09
osv
osv
Apache SOAP's RPCRouterServlet allows reading of arbitrary files over HTTP
2022-09-23 00:00:46
oracle
oracle
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00