漏洞信息详情

Pivotal Spring Batch 代码问题漏洞

  • CNNVD编号:CNNVD-201901-763
  • 危害等级: 超危
  • CVE编号: CVE-2019-3774
  • 漏洞类型: 代码问题
  • 发布时间: 2019-01-21
  • 威胁类型: 远程
  • 更新时间: 2021-01-14
  • 厂        商:
  • 漏洞来源: Red Hat

漏洞简介

Pivotal Spring Batch是美国Pivotal Software公司的一款用于大量数据处理并行处理的轻量级框架。

Pivotal Spring Batch中存在XML外部实体注入漏洞。目前尚无此漏洞的相关信息,请随时关注CNNVD或厂商公告。以下版本受到受到影响:Pivotal Spring Batch 3.0.9版本,4.0.1版本,4.1.0版本及不再支持的老版本。

漏洞公告

目前厂商已发布升级补丁以修复漏洞,补丁获取链接:

https://pivotal.io/security/cve-2019-3774

参考网址

来源:MLIST

链接:https://lists.apache.org/thread.html/ra329bb85da9da93ac6f9b5fc0fc5446a3af0ee2a62c5de484da0af54@%3Ccommits.servicemix.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/ree71c6425d2cc0e36b77bda6902965a657c1e09c7229459811d66474@%3Cissues.servicemix.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/ra62a3bf48ab4e0e9aaed970b03d79a73224d68a4275858c707542f6c@%3Cissues.servicemix.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/r96d90e59bb12af5e5c631dcf7d7d80857a52bf3dc44d5b85553e7fc4@%3Cissues.servicemix.apache.org%3E

来源:CONFIRM

链接:https://pivotal.io/security/cve-2019-3774

来源:MLIST

链接:https://lists.apache.org/thread.html/rcd26a5409af7356b5f69b2fafae3cf621bff8bf155f50e9ccf9ed5f6@%3Cissues.servicemix.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/rfea6eebfebb13bc015f258e7fa31d4e24a4202601be3b307da28d530@%3Ccommits.servicemix.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/raae74a9290784e20e86fcd4e2525fa8700aeed6f65f3613b5b04bb11@%3Ccommits.servicemix.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/r2349237482bcec43632d9d78d7d2804520d9a82f4d8b1fd96bb616b8@%3Cissues.servicemix.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/rb9fe3ae33246d7f11604a1c85c861cb013a1e32248a43a0c22457107@%3Cissues.servicemix.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/r78645ca0eef44a276e144447fb2087db758b1fb8826d0330b3f0da1a@%3Cissues.servicemix.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/r5fbb63e405d2211c16524d33f52e3b122109d3bc88d5f74623fb212d@%3Ccommits.servicemix.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/r47c7f67a3067ec09262eef0705abc42ea1b646699d9198bcaf8dad02@%3Cissues.servicemix.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/r01292194daa9ed3117b34dabec0c26929f6db13b9613fc144f720d52@%3Cissues.servicemix.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/r0153a08177fcfac7584c7b9ea3027f1e8f18f770126f905b9989190e@%3Cissues.servicemix.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/r08e7ddc354bdcbf95d88399f18b3d804865034f8bc706095e594b29f@%3Cissues.servicemix.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/ra8c7573911082e9968f4835943045ad0952232bb6314becf23dc3de5@%3Cissues.servicemix.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/rf83697efcbcfe1131e31bbc7025cb3ee1db5d9185e9481093b2ef961@%3Cissues.servicemix.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/rcd4945d66d8bb2fc92396af56a70ede4af983a2c98166f1281338346@%3Cissues.servicemix.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/r79991aeb5d0c53c67e400e037c72758a06607752ca2f23b5302dd61f@%3Cissues.servicemix.apache.org%3E

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-guardium-data-encryption-gde-3/

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/160562/Red-Hat-Security-Advisory-2020-5568-01.html

来源:www.nsfocus.net

链接:http://www.nsfocus.net/vulndb/43884

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2020.4464/

受影响实体

    暂无


漏洞信息快速查询

相关漏洞

更多