Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported versions of all three projects, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.
Metrics
Affected Vendors & Products
References
History
Tue, 17 Sep 2024 03:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Title | Spring Web Services XML External Entity Injection (XXE) | Spring Web Services XML External Entity Injection (XXE) |
MITRE
Status: PUBLISHED
Assigner: dell
Published: 2019-01-18T22:00:00Z
Updated: 2024-09-17T03:33:35.558Z
Reserved: 2019-01-03T00:00:00
Link: CVE-2019-3773
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-01-18T22:29:01.020
Modified: 2024-11-21T04:42:30.113
Link: CVE-2019-3773
Redhat