0.016 Low
EPSS
Percentile
87.3%
Spring Batch versions 3.0.9, 4.0.1, 4.1.0, and older unsupported versions, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.
bugzilla.redhat.com/show_bug.cgi?id=1670597
nvd.nist.gov/vuln/detail/CVE-2019-3774
pivotal.io/security/cve-2019-3774
www.cve.org/CVERecord?id=CVE-2019-3774