Lucene search
DellCVELIST:CVE-2019-3772HistoryJan 18, 2019 - 10:00 p.m.
CVE-2019-3772 Spring Integration XML External Entity Injection (XXE)
2019-01-1822:00:00
CWE-611
dell
www.cve.org
5
Spring Integration (spring-integration-xml and spring-integration-ws modules), versions 4.3.18, 5.0.10, 5.1.1, and older unsupported versions, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.
CNA Affected
[
{
"product": "Spring Integration",
"vendor": "Spring",
"versions": [
{
"lessThan": "v5.0.10.RELEASE",
"status": "affected",
"version": "5.0",
"versionType": "custom"
},
{
"lessThan": "v5.1.1.RELEASE",
"status": "affected",
"version": "5.1",
"versionType": "custom"
},
{
"lessThan": "v4.3.18.RELEASE",
"status": "affected",
"version": "4.3",
"versionType": "custom"
}
]
}
]Related
osv
osv
nvd
nvd
CVE-2019-3772
2019-01-18 22:29:00
veracode
veracode
XML External Entity Injection (XXE)
2019-01-16 06:32:54
prion
prion
Xxe
2019-01-18 22:29:00
redhatcve
redhatcve
CVE-2019-3772
2020-04-05 10:59:39
github
github
cve
cve
CVE-2019-3772
2019-01-18 22:29:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2019
2019-04-16 00:00:00