Pivotal Software : Security Vulnerabilities, CVEs, Published In 2016 (Overflow)
Pivotal Spring Framework before 3.2.14 and 4.x before 4.1.7 do not properly process inline DTD declarations when DTD is not entirely disabled, which allows remote attackers to cause a denial of service (memory consumption and out-of-memory errors) via a crafted XML file.
Max CVSS
5.5
EPSS Score
3.03%
Published
2016-07-12
Updated
2022-04-11
1 vulnerabilities found