CVE-2014-1202: Code Injection

January 24, 2014 (updated January 27, 2014)

The WSDL/WADL import functionality in SoapUI allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL file.

References

baraktawily.blogspot.com/2014/01/soapui-code-execution-vulnerability-cve.html
github.com/SmartBear/soapui/commit/6373165649ad74257493c69dbc0569caa7e6b4a6

Detect and mitigate CVE-2014-1202 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →