Maven package
org.springframework.ws/spring-xml
pkg:maven/org.springframework.ws/spring-xml
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-3773 | — | < 2.4.4 | 2.4.4 | Jan 18, 2019 | Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported versions of all three projects, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources. |
- CVE-2019-3773Jan 18, 2019affected < 2.4.4fixed 2.4.4
Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported versions of all three projects, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.