VDB

GCVE-110-MAGEIA-2014-155

GCVE-110-MAGEIA-2014-155
Advisory Published
Vulnetix · Advisory published April 3, 2014
Updated springframework packages fix security vulnerabilities: Jaxb2RootElementHttpMessageConverter in Spring MVC processes external XML entities (CVE-2014-0054). Spring MVC introduces a cross-site scripting vulnerability if the action on a Spring form is not specified (CVE-2014-1904).

Affected Products

VendorProductVersionsPlatforms
Mageiaspringframework0 (affected), 3.1.1-21.3.mga3 (unaffected), 0 (affected), 3.1.1-21.3.mga3 (unaffected)
Mageiagrub20 (affected), 2.00-59.mga4 (unaffected)
Mageiaspringframework0 (affected), 3.1.4-2.2.mga4 (unaffected), 0 (affected), 3.1.4-2.2.mga4 (unaffected)

Browse GCVE Records

71,925 records in the GCVE database · Updated July 13, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›