Vulnerabilities (CVE)

Filtered by vendor Broadcom Subscribe
Filtered by product Spring Rest Docs
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2026-40991 1 Broadcom 1 Spring Rest Docs 2026-07-17 N/A 5.9 MEDIUM
When using spring-restdocs-webtestclient or spring-restdocs-restassured to document a remote API accessed over HTTP, an attacker who compromises the API or tricks the user into documenting a malicious API can perform an XXE injection attack when the documentation-generating tests are next executed. Affected versions: Spring REST Docs 4.0.0; 3.0.0 through 3.0.5; 2.0.0.RELEASE through 2.0.8.RELEASE.