CVEID  CVE-2018-1307

VERSION:  3.2 through 3.3.4

PROBLEMTYPE: XML Entity Expansion


DISCRIPTION: If using the WADL2Java or WSDL2Java classes, which parse a
local or remote XML document and then mediates the data structures into
UDDI data structures, there are little protections present against entity
expansion and DTD type of attacks. This was fixed with

Severity: Moderate


Update your juddi-client dependencies to 3.3.5 or newer and/or discontinue
use of the effected classes.

Reply via email to