Maven package
org.springframework.ws/spring-ws
pkg:maven/org.springframework.ws/spring-ws
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-3773 | — | < 2.4.4 | 2.4.4 | Jan 18, 2019 | Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported versions of all three projects, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources. |
- CVE-2019-3773Jan 18, 2019affected < 2.4.4fixed 2.4.4
Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported versions of all three projects, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.