Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:13239
HistoryJan 16, 2019 - 6:32 a.m.

XML External Entity Injection (XXE)

2019-01-1606:32:54
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6

0.005 Low

EPSS

Percentile

76.7%

JSON

Spring Integration is vulnerable to XML external entity injection (XXE). The library does not filter malicious XML data input due to failing to disable the Document Type Definition External Entities by default.

Related

nvd 1
osv 2
cve 1
github 1
redhatcve 1
prion 1
cvelist 1
oracle 1
nvd
nvd
CVE-2019-3772
2019-01-18 22:29:00
osv
osv
Improper Restriction of XML External Entity Reference in org.springframework.integration:spring-integration-ws and org.springframework.integration:spring-integration-xml
2019-01-25 16:18:49
CVE-2019-3772
2019-01-18 22:29:00
cve
cve
CVE-2019-3772
2019-01-18 22:29:00
github
github
Improper Restriction of XML External Entity Reference in org.springframework.integration:spring-integration-ws and org.springframework.integration:spring-integration-xml
2019-01-25 16:18:49
redhatcve
redhatcve
CVE-2019-3772
2020-04-05 10:59:39
prion
prion
Xxe
2019-01-18 22:29:00
cvelist
cvelist
CVE-2019-3772 Spring Integration XML External Entity Injection (XXE)
2019-01-15 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2019
2019-04-16 00:00:00

0.005 Low

EPSS

Percentile

76.7%

JSON
Related for VERACODE:13239
nvd1osv2cve1github1redhatcve1prion1cvelist1oracle1