XML External Entity Vulnerability in Apache Qpid by The Apache Software Foundation
CVE-2014-3629

Currently unrated

Key Information:

Vendor

Apache
Status
Qpid
Vendor
CVE Published:
17 November 2014

What is CVE-2014-3629?

An XML external entity (XXE) vulnerability exists in the XML Exchange module of Apache Qpid 0.30. This flaw allows remote attackers to exploit crafted XML messages to induce the application to initiate outgoing HTTP requests. Successful exploitation could lead to exposure of sensitive information or other adverse effects on system integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/98575
vdb-entryx_refsource_XF
http://www.securityfocus.com/archive/1/533943/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/bid/71004
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.