Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2020/04/05 10:59 a.m.29 views

CVE-2019-3772

Spring Integration spring-integration-xml and spring-integration-ws modules, versions 4.3.18, 5.0.10, 5.1.1, and older unsupported versions, were susceptible to XML External Entity Injection XXE when receiving XML data from untrusted sources...

9.8CVSS4.9AI score0.03002EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2019/01/25 4:18 p.m.6 views

com.ahome-it:ahome-tooling-server-core (>=1.0.83-RC1 <=1.1.3-RELEASE), com.ahome-it:ahome-tooling-server-hazelcast (>=1.0.88-RC1 <=1.1.3-RELEASE) +336 more potentially affected by CVE-2019-3772 via org.springframework.integration:spring-integration-xml (>=1.0.1.RELEASE <=4.3.17.RELEASE)

org.springframework.integration:spring-integration-xml MAVEN version =1.0.1.RELEASE, =1.0.83-RC1, =1.0.88-RC1, =1.0.83-RC1, =1.1.0-RELEASE, =1.0.83-RC1, =1.0.83-RC1, =1.0.19-RELEASE, =1.2.2-RELEASE, =1.2.23-RELEASE, =1.1.0-RELEASE, =1.1.0-RELEASE, =1.2.1-RELEASE, =0.0.3, =1.0.1, =2.1.1 and more...

9.8CVSS7.2AI score0.03002EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2019/01/25 4:18 p.m.5 views

com.ahome-it:ahome-tooling-server-core (>=1.0.110-RELEASE <=1.1.3-RELEASE), com.ahome-it:ahome-tooling-server-hazelcast (>=1.0.111-RELEASE <=1.1.3-RELEASE) +19 more potentially affected by CVE-2019-3772 via org.springframework.integration:spring-integration-ws (>=1.0.1.RELEASE <=4.3.17.RELEASE)

org.springframework.integration:spring-integration-ws MAVEN version =1.0.1.RELEASE, =1.0.110-RELEASE, =1.0.111-RELEASE, =1.0.111-RELEASE, =1.1.0-RELEASE, =1.0.111-RELEASE, =1.0.111-RELEASE, =1.0.19-RELEASE, =1.2.2-RELEASE, =1.2.23-RELEASE, =1.1.0-RELEASE, =1.1.0-RELEASE, =1.2.1-RELEASE, =0.0.3,...

9.8CVSS7.2AI score0.03002EPSS
Exploits0
OSV
OSV
added 2019/01/18 10:29 p.m.31 views

CVE-2019-3772

Spring Integration spring-integration-xml and spring-integration-ws modules, versions 4.3.18, 5.0.10, 5.1.1, and older unsupported versions, were susceptible to XML External Entity Injection XXE when receiving XML data from untrusted sources...

9.8CVSS9.6AI score0.03002EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/01/18 10:0 p.m.35 views

CVE-2019-3772 Spring Integration XML External Entity Injection (XXE)

Spring Integration spring-integration-xml and spring-integration-ws modules, versions 4.3.18, 5.0.10, 5.1.1, and older unsupported versions, were susceptible to XML External Entity Injection XXE when receiving XML data from untrusted sources...

9.7AI score0.03002EPSS
Exploits0References3
CVE
CVE
added 2019/01/18 10:0 p.m.96 views

CVE-2019-3772

The CVE-2019-3772 entry concerns Spring Integration’s XML handling in the spring-integration-xml and spring-integration-ws modules. Affected versions are 4.3.18, 5.0.10, 5.1.1, and older unsupported releases. The root cause is an XML External Entity (XXE) vulnerability when processing XML data fr...

9.8CVSS9.7AI score0.03002EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder