CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-3774

Spring Batch versions 3.0.9, 4.0.1, 4.1.0, and older unsupported versions, were susceptible to XML External Entity Injection (XXE) when receiving XML data from untrusted sources.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.021

EPSS Ranking 83.4%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2019-3774

Pivotal Software » Spring Batch » Version: 1.0.0

cpe:2.3:a:pivotal_software:spring_batch:1.0.0
Pivotal Software » Spring Batch » Version: 1.0.1

cpe:2.3:a:pivotal_software:spring_batch:1.0.1
Pivotal Software » Spring Batch » Version: 1.0.2

cpe:2.3:a:pivotal_software:spring_batch:1.0.2
Pivotal Software » Spring Batch » Version: 1.1.0

cpe:2.3:a:pivotal_software:spring_batch:1.1.0
Pivotal Software » Spring Batch » Version: 1.1.1

cpe:2.3:a:pivotal_software:spring_batch:1.1.1
Pivotal Software » Spring Batch » Version: 1.1.2

cpe:2.3:a:pivotal_software:spring_batch:1.1.2
Pivotal Software » Spring Batch » Version: 1.1.3

cpe:2.3:a:pivotal_software:spring_batch:1.1.3
Pivotal Software » Spring Batch » Version: 1.1.4

cpe:2.3:a:pivotal_software:spring_batch:1.1.4
Pivotal Software » Spring Batch » Version: 2.0.0

cpe:2.3:a:pivotal_software:spring_batch:2.0.0
Pivotal Software » Spring Batch » Version: 2.0.1

cpe:2.3:a:pivotal_software:spring_batch:2.0.1
Pivotal Software » Spring Batch » Version: 2.0.2

cpe:2.3:a:pivotal_software:spring_batch:2.0.2
Pivotal Software » Spring Batch » Version: 2.0.3

cpe:2.3:a:pivotal_software:spring_batch:2.0.3
Pivotal Software » Spring Batch » Version: 2.0.4

cpe:2.3:a:pivotal_software:spring_batch:2.0.4
Pivotal Software » Spring Batch » Version: 2.0.5

cpe:2.3:a:pivotal_software:spring_batch:2.0.5
Pivotal Software » Spring Batch » Version: 2.1.0

cpe:2.3:a:pivotal_software:spring_batch:2.1.0
Pivotal Software » Spring Batch » Version: 2.1.1

cpe:2.3:a:pivotal_software:spring_batch:2.1.1
Pivotal Software » Spring Batch » Version: 2.1.2

cpe:2.3:a:pivotal_software:spring_batch:2.1.2
Pivotal Software » Spring Batch » Version: 2.1.3

cpe:2.3:a:pivotal_software:spring_batch:2.1.3
Pivotal Software » Spring Batch » Version: 2.1.4

cpe:2.3:a:pivotal_software:spring_batch:2.1.4
Pivotal Software » Spring Batch » Version: 2.1.5

cpe:2.3:a:pivotal_software:spring_batch:2.1.5
Pivotal Software » Spring Batch » Version: 2.1.6

cpe:2.3:a:pivotal_software:spring_batch:2.1.6
Pivotal Software » Spring Batch » Version: 2.1.7

cpe:2.3:a:pivotal_software:spring_batch:2.1.7
Pivotal Software » Spring Batch » Version: 2.1.8

cpe:2.3:a:pivotal_software:spring_batch:2.1.8
Pivotal Software » Spring Batch » Version: 2.1.9

cpe:2.3:a:pivotal_software:spring_batch:2.1.9
Pivotal Software » Spring Batch » Version: 2.2.0

cpe:2.3:a:pivotal_software:spring_batch:2.2.0
Pivotal Software » Spring Batch » Version: 2.2.0.rc1

cpe:2.3:a:pivotal_software:spring_batch:2.2.0.rc1
Pivotal Software » Spring Batch » Version: 2.2.0.rc2

cpe:2.3:a:pivotal_software:spring_batch:2.2.0.rc2
Pivotal Software » Spring Batch » Version: 2.2.1

cpe:2.3:a:pivotal_software:spring_batch:2.2.1
Pivotal Software » Spring Batch » Version: 2.2.2

cpe:2.3:a:pivotal_software:spring_batch:2.2.2
Pivotal Software » Spring Batch » Version: 2.2.3

cpe:2.3:a:pivotal_software:spring_batch:2.2.3
Pivotal Software » Spring Batch » Version: 2.2.4

cpe:2.3:a:pivotal_software:spring_batch:2.2.4
Pivotal Software » Spring Batch » Version: 2.2.5

cpe:2.3:a:pivotal_software:spring_batch:2.2.5
Pivotal Software » Spring Batch » Version: 2.2.6

cpe:2.3:a:pivotal_software:spring_batch:2.2.6
Pivotal Software » Spring Batch » Version: 2.2.7

cpe:2.3:a:pivotal_software:spring_batch:2.2.7
Pivotal Software » Spring Batch » Version: 3.0.0

cpe:2.3:a:pivotal_software:spring_batch:3.0.0
Pivotal Software » Spring Batch » Version: 3.0.0.rc1

cpe:2.3:a:pivotal_software:spring_batch:3.0.0.rc1
Pivotal Software » Spring Batch » Version: 3.0.0.rc2

cpe:2.3:a:pivotal_software:spring_batch:3.0.0.rc2
Pivotal Software » Spring Batch » Version: 3.0.1

cpe:2.3:a:pivotal_software:spring_batch:3.0.1
Pivotal Software » Spring Batch » Version: 3.0.2

cpe:2.3:a:pivotal_software:spring_batch:3.0.2
Pivotal Software » Spring Batch » Version: 3.0.3

cpe:2.3:a:pivotal_software:spring_batch:3.0.3
Pivotal Software » Spring Batch » Version: 3.0.4

cpe:2.3:a:pivotal_software:spring_batch:3.0.4
Pivotal Software » Spring Batch » Version: 3.0.5

cpe:2.3:a:pivotal_software:spring_batch:3.0.5
Pivotal Software » Spring Batch » Version: 3.0.6

cpe:2.3:a:pivotal_software:spring_batch:3.0.6
Pivotal Software » Spring Batch » Version: 3.0.7

cpe:2.3:a:pivotal_software:spring_batch:3.0.7
Pivotal Software » Spring Batch » Version: 3.0.8

cpe:2.3:a:pivotal_software:spring_batch:3.0.8
Pivotal Software » Spring Batch » Version: 3.0.9

cpe:2.3:a:pivotal_software:spring_batch:3.0.9
Pivotal Software » Spring Batch » Version: 4.0.0

cpe:2.3:a:pivotal_software:spring_batch:4.0.0
Pivotal Software » Spring Batch » Version: 4.0.1

cpe:2.3:a:pivotal_software:spring_batch:4.0.1
Pivotal Software » Spring Batch » Version: 4.1.0

cpe:2.3:a:pivotal_software:spring_batch:4.1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-3774

Products

Pricing

Contact Us