CVE
CVE-2019-3773
Vulnerability that affects org.springframework.ws:spring-ws and org.springframework.ws:spring-xml
Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported versions of all three projects, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.
Endor Patches
Patch Name
Vulnerabilities fixed
Lines of Code Changed