CVE-2021-43090
- Source
- https://cve.org/CVERecord?id=CVE-2021-43090
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-43090.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2021-43090
- Aliases
- Published
- 2022-03-25T16:15:09.313Z
- Modified
- 2026-02-23T01:50:24.446130Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An XML External Entity (XXE) vulnerability exists in soa-model before 1.6.4 in the WSDLParser function.
- References
-
- https://github.com/membrane/soa-model/commit/19de16902468e7963cc4dc6b544574bc1ea3f251
- https://github.com/membrane/soa-model/commit/3aa295f155f621d5ea661cb9a0604013fc8fd8ff
- https://github.com/membrane/soa-model/issues/281
- https://github.com/membrane/soa-model/releases/tag/v1.6.4
- https://github.com/membrane/soa-model/issues/281
- https://github.com/membrane/soa-model/commit/19de16902468e7963cc4dc6b544574bc1ea3f251
- https://github.com/membrane/soa-model/commit/3aa295f155f621d5ea661cb9a0604013fc8fd8ff
- https://github.com/membrane/soa-model/issues/281
Affected packages
Git / github.com/membrane/soa-model
Affected ranges
- Type
- GIT
- Repo
- https://github.com/membrane/soa-model
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed