Vulnerabilities (CVE)

Filtered by vendor Pivotal Software Subscribe
Filtered by product Spring Web Services
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-3773 2 Oracle, Pivotal Software 3 Financial Services Analytical Applications Infrastructure, Flexcube Private Banking, Spring Web Services 2024-11-21 7.5 HIGH 9.8 CRITICAL
Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported versions of all three projects, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.