Unrated severityNVD Advisory· Published Jul 7, 2014· Updated May 6, 2026
CVE-2014-3481
CVE-2014-3481
Description
org.jboss.as.jaxrs.deployment.JaxrsIntegrationProcessor in Red Hat JBoss Enterprise Application Platform (JEAP) before 6.2.4 enables entity expansion, which allows remote attackers to read arbitrary files via unspecified vectors, related to an XML External Entity (XXE) issue.
Affected products
7cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:*:*:*:*:*:*:*range: <=6.2.3
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.2.2:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- rhn.redhat.com/errata/RHSA-2014-0797.htmlnvd
- rhn.redhat.com/errata/RHSA-2014-0798.htmlnvd
- rhn.redhat.com/errata/RHSA-2014-0799.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-0675.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-0720.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-0765.htmlnvd
- www.securitytracker.com/id/1032017nvd
- bugzilla.redhat.com/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/94939nvd
News mentions
0No linked articles in our index yet.