EPSS
Percentile
76.9%
Spring Integration is vulnerable to XML external entity injection (XXE). The library does not filter malicious XML data input due to failing to disable the Document Type Definition External Entities by default.
www.securityfocus.com/bid/106749
pivotal.io/security/cve-2019-3772
www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html