CVE-2021-43090

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-43090

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-43090.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-43090

Aliases

GHSA-pv39-qp28-4mgh

Published

2022-03-25T16:15:09Z

Modified

2024-05-14T10:57:28.073901Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

An XML External Entity (XXE) vulnerability exists in soa-model before 1.6.4 in the WSDLParser function.

References

Affected packages

Git / github.com/membrane/soa-model

Affected ranges

Type: GIT
Repo: https://github.com/membrane/soa-model
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

19de16902468e7963cc4dc6b544574bc1ea3f251

Fixed

3aa295f155f621d5ea661cb9a0604013fc8fd8ff

Affected versions

1.*

1.3.2

1.4.0

1.4.0.8

1.4.0.9

1.4.1

1.4.1.1

1.4.1.10

1.4.1.11

1.4.1.12

1.4.1.2

1.4.1.3

1.4.1.4

1.4.1.5

1.4.1.6

1.4.1.7

1.4.1.8

1.4.1.9

1.4.2.0

1.4.2.1

1.4.2.2

1.4.2.3

1.4.2.4

1.4.2.5

1.5.0

1.5.1

1.5.2

1.5.3

v1.*

v1.5.4

v1.6.0

v1.6.1

v1.6.2

v1.6.3