{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2019-3773","assignerOrgId":"c550e75a-17ff-4988-97f0-544cde3820fe","assignerShortName":"dell","dateUpdated":"2024-09-17T03:33:35.558Z","dateReserved":"2019-01-03T00:00:00.000Z","datePublished":"2019-01-18T22:00:00.000Z"},"containers":{"cna":{"title":"Spring Web Services XML External Entity Injection (XXE)","datePublic":"2019-01-15T00:00:00.000Z","providerMetadata":{"orgId":"c550e75a-17ff-4988-97f0-544cde3820fe","shortName":"dell","dateUpdated":"2023-12-27T15:06:23.165Z"},"descriptions":[{"lang":"en","value":"Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported versions of all three projects, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources."}],"affected":[{"vendor":"Spring","product":"Spring Web Services","versions":[{"version":"3.0","status":"affected","lessThan":"v3.0.4.RELEASE","versionType":"custom"},{"version":"2.4","status":"affected","lessThan":"v2.4.3.RELEASE","versionType":"custom"}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cpujan2021.html"},{"url":"https://pivotal.io/security/cve-2019-3773"},{"url":"https://www.oracle.com/security-alerts/cpuApr2021.html"},{"url":"https://www.oracle.com//security-alerts/cpujul2021.html"},{"url":"https://security.netapp.com/advisory/ntap-20231227-0011/"}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-611: XML External Entities (XXE)","cweId":"CWE-611"}]}],"source":{"discovery":"UNKNOWN"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T19:19:18.472Z"},"title":"CVE Program Container","references":[{"url":"https://www.oracle.com/security-alerts/cpujan2021.html","tags":["x_transferred"]},{"url":"https://pivotal.io/security/cve-2019-3773","tags":["x_transferred"]},{"url":"https://www.oracle.com/security-alerts/cpuApr2021.html","tags":["x_transferred"]},{"url":"https://www.oracle.com//security-alerts/cpujul2021.html","tags":["x_transferred"]},{"url":"https://security.netapp.com/advisory/ntap-20231227-0011/","tags":["x_transferred"]}]}]}}