Vulnerability Database
289,599
Total vulnerabilities in the database
CVE-2019-3772
Spring Integration (spring-integration-xml and spring-integration-ws modules), versions 4.3.18, 5.0.10, 5.1.1, and older unsupported versions, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.
| Software | From | Fixed in |
|---|---|---|
| vmware / spring_integration | - | 4.3.18.x |
| vmware / spring_integration | 5.0.0 | 5.0.10.x |
| vmware / spring_integration | 5.1.0 | 5.1.1.x |
| oracle / retail_customer_management_and_segmentation_foundation | 16.0 | 16.0.x |
| oracle / retail_customer_management_and_segmentation_foundation | 17.0 | 17.0.x |
| oracle / retail_customer_management_and_segmentation_foundation | 18.0 | 18.0.x |
org.springframework.integration / spring-integration-xml
|
- | 4.3.19 |
|
org.springframework.integration / spring-integration-xml
|
5.0.0 | 5.0.11 |
|
org.springframework.integration / spring-integration-xml
|
5.1.0 | 5.1.2 |
|
org.springframework.integration / spring-integration-ws
|
- | 4.3.19 |
|
org.springframework.integration / spring-integration-ws
|
5.0.0 | 5.0.11 |
|
org.springframework.integration / spring-integration-ws
|
5.1.0 | 5.1.2 |