Unrated severityNVD Advisory· Published Jan 15, 2015· Updated Jun 17, 2026
CVE-2014-0171
CVE-2014-0171
Description
XML external entity (XXE) vulnerability in StaxXMLFactoryProvider2 in Odata4j, as used in Red Hat JBoss Data Virtualization before 6.0.0 patch 4, allows remote attackers to read arbitrary files via a crafted request to a REST endpoint.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- cpe:2.3:a:odata4j_project:odata4j:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_data_virtualization:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:redhat:jboss_data_virtualization:*:*:*:*:*:*:*:*range: <=6.0.0
- (no CPE)range: <6.0.0 patch 4
Patches
Vulnerability mechanics
References
2- issues.jboss.org/browse/TEIID-2911nvdExploit
- rhn.redhat.com/errata/RHSA-2015-0034.htmlnvdVendor Advisory
News mentions
0No linked articles in our index yet.