Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware spring framework 3.2.6 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-22979
In Spring Cloud Function versions before 3.2.6, it is possible for a user who directly interacts with framework provided lookup functionality to cause a denial-of-service condition due to the caching issue in the Function Catalog component of the framework.
Vmware Spring Cloud Function
9.6
CVSSv3
CVE-2015-5211
Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versions is vulnerable to a Reflected File Download (RFD) attack. The attack involves a malicious user crafting a URL with a batch script extension that results in th...
Vmware Spring Framework 3.2.2
Vmware Spring Framework 3.2.1
Vmware Spring Framework 3.2.8
Vmware Spring Framework 3.2.7
Vmware Spring Framework 3.2.10
Vmware Spring Framework 3.2.9
Vmware Spring Framework 3.2.4
Vmware Spring Framework 3.2.3
Vmware Spring Framework 3.2.6
Vmware Spring Framework 3.2.5
Vmware Spring Framework 4.0.1
Vmware Spring Framework 4.0.6
Vmware Spring Framework 4.0.8
Vmware Spring Framework 3.2.14
Vmware Spring Framework 4.2.1
Vmware Spring Framework 4.1.6
Vmware Spring Framework 4.0.2
Vmware Spring Framework 4.0.3
Vmware Spring Framework 4.0.4
Vmware Spring Framework 4.0.5
Vmware Spring Framework 3.2.11
Vmware Spring Framework 3.2.12
2 Github repositories
8.8
CVSSv3
CVE-2014-0225
When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack.
Vmware Spring Framework 3.1.3
Vmware Spring Framework 3.1.4
Pivotal Software Spring Framework 3.0.0
Vmware Spring Framework 3.0.1
Vmware Spring Framework 3.2.1
Pivotal Software Spring Framework 3.2.0
Pivotal Software Spring Framework 4.0.0
Vmware Spring Framework 4.0.1
Vmware Spring Framework 3.1.0
Vmware Spring Framework 4.0.0
Vmware Spring Framework 3.1.1
Vmware Spring Framework 3.0.3
Vmware Spring Framework 3.0.5
Vmware Spring Framework 3.2.4
Vmware Spring Framework 3.2.2
Vmware Spring Framework 4.0.2
Vmware Spring Framework 4.0.4
Vmware Spring Framework 3.2.0
Vmware Spring Framework 3.0.7
Vmware Spring Framework 3.2.8
Vmware Spring Framework 3.2.6
Vmware Spring Framework 3.2.7
7.5
CVSSv3
CVE-2016-9878
An issue exists in Pivotal Spring Framework prior to 3.2.18, 4.2.x prior to 4.2.9, and 4.3.x prior to 4.3.5. Paths provided to the ResourceServlet were not properly sanitized and as a result exposed to directory traversal attacks.
Vmware Spring Framework 4.3.1
Pivotal Software Spring Framework 4.3.0
Vmware Spring Framework 4.2.8
Vmware Spring Framework 4.2.1
Pivotal Software Spring Framework 4.2.0
Vmware Spring Framework 3.2.11
Vmware Spring Framework 3.2.10
Vmware Spring Framework 3.2.2
Vmware Spring Framework 3.2.1
Vmware Spring Framework 4.2.7
Vmware Spring Framework 4.2.6
Vmware Spring Framework 3.2.17
Vmware Spring Framework 3.2.16
Vmware Spring Framework 3.2.9
Vmware Spring Framework 3.2.8
Pivotal Software Spring Framework
Vmware Spring Framework 4.3.4
Vmware Spring Framework 4.2.5
Vmware Spring Framework 4.2.4
Vmware Spring Framework 3.2.15
Vmware Spring Framework 3.2.14
Vmware Spring Framework 3.2.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started