mirror of
https://github.com/0xMarcio/cve.git
synced 2026-02-13 03:02:49 +00:00
798 B
798 B
CVE-2015-3192
Description
Pivotal Spring Framework before 3.2.14 and 4.x before 4.1.7 do not properly process inline DTD declarations when DTD is not entirely disabled, which allows remote attackers to cause a denial of service (memory consumption and out-of-memory errors) via a crafted XML file.