← volver
CVE-2019-3773

Spring Web Services XML External Entity Injection (XXE)

EPSS 4.1%CWE-611
Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported versions of all three projects, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.
Productos afectados
Spring · Spring Web Services

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://pivotal.io/security/cve-2019-3773https://security.netapp.com/advisory/ntap-20231227-0011/https://www.oracle.com/security-alerts/cpuApr2021.htmlhttps://www.oracle.com/security-alerts/cpujan2021.htmlhttps://www.oracle.com//security-alerts/cpujul2021.html