CVE-2014-3629

Name of the Vulnerable Software and Affected Versions Apache Qpid version 0.30

Description The issue is related to an XML external entity (XXE) vulnerability in the XML Exchange module. This allows remote attackers to cause outgoing HTTP connections via a crafted message.

Recommendations For Apache Qpid version 0.30, update to a version that includes a fix for this issue.