CVE-2018-1259

HIGH

Pivotal Software Spring Data Commons < 1.13.11 - XXE

Title source: rule

Description

Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 prior to 2.0.7, used in combination with XMLBeam 1.4.14 or earlier versions, contains a property binder vulnerability caused by improper restriction of XML external entity references as underlying library XMLBeam does not restrict external reference expansion. An unauthenticated remote malicious user can supply specially crafted request parameters against Spring Data's projection-based request payload binding to access arbitrary files on the system.

Exploits (1)

nomisec STUB

by tafamace · poc

https://github.com/tafamace/CVE-2018-1259

View Code ZIP pw:eip

References (4)

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2018:1809

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2018:3768

[Vendor Advisory] https://pivotal.io/security/cve-2018-1259

[Vendor Advisory] https://www.oracle.com/security-alerts/cpujul2022.html

Scores

CVSS v3 7.5

EPSS 0.0983

EPSS Percentile 93.0%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-611

Status published

Products (4)

org.springframework.data/spring-data-commons 1.13.0 - 1.13.12Maven

pivotal_software/spring_data_commons 1.13 - 1.13.11

pivotal_software/spring_data_rest 2.6 - 2.6.11

xmlbeam/xmlbeam < 1.4.14

Published May 11, 2018

Tracked Since Feb 18, 2026