Spring Batch versions 3.0.9, 4.0.1, 4.1.0, and older unsupported versions, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.
Metrics
Affected Vendors & Products
References
History
Mon, 16 Sep 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Title | Spring Batch XML External Entity Injection (XXE) | Spring Batch XML External Entity Injection (XXE) |
MITRE
Status: PUBLISHED
Assigner: dell
Published: 2019-01-18T22:00:00Z
Updated: 2024-09-16T20:57:23.130Z
Reserved: 2019-01-03T00:00:00
Link: CVE-2019-3774
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-01-18T22:29:01.050
Modified: 2024-11-21T04:42:30.277
Link: CVE-2019-3774
Redhat