Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware spring framework vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-0201
The Java SockJS client in Pivotal Spring Framework 4.1.x prior to 4.1.5 generates predictable session ids, which allows remote malicious users to send messages to other sessions via unspecified vectors.
Pivotal Software Spring Framework 4.1.0
Vmware Spring Framework 4.1.2
Vmware Spring Framework 4.1.4
Vmware Spring Framework 4.1.1
Vmware Spring Framework 4.1.3
1 Github repository
NA
CVE-2014-3625
Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 up to and including 3.2.x prior to 3.2.12, 4.0.x prior to 4.0.8, and 4.1.x prior to 4.1.2 allows remote malicious users to read arbitrary files via unspecified vectors, related to static resource handling.
Vmware Spring Framework
Pivotal Software Spring Framework
NA
CVE-2013-7315
The Spring MVC in Spring Framework prior to 3.2.4 and 4.0.0.M1 up to and including 4.0.0.M2 does not disable external entity resolution for the StAX XMLInputFactory, which allows context-dependent malicious users to read arbitrary files, cause a denial of service, and conduct CSR...
Vmware Spring Framework 3.1.4
Vmware Spring Framework 3.1.3
Vmware Spring Framework 4.0.0
Springsource Spring Framework 3.0.5
Springsource Spring Framework 3.0.0
Vmware Spring Framework
Vmware Spring Framework 3.2.2
Vmware Spring Framework 3.1.0
Vmware Spring Framework 3.0.7
Springsource Spring Framework 3.0.2
Springsource Spring Framework 3.0.1
Springsource Spring Framework 3.0.0.m2
Vmware Spring Framework 3.2.1
Vmware Spring Framework 3.2.0
Vmware Spring Framework 3.0.6
Springsource Spring Framework 3.0.0.m1
Vmware Spring Framework 3.1.2
Vmware Spring Framework 3.1.1
Springsource Spring Framework 3.0.4
Springsource Spring Framework 3.0.3
NA
CVE-2011-2730
VMware SpringSource Spring Framework prior to 2.5.6.SEC03, 2.5.7.SR023, and 3.x prior to 3.0.6, when a container supports Expression Language (EL), evaluates EL expressions in tags twice, which allows remote malicious users to obtain sensitive information via a (1) name attribute...
Springsource Spring Framework 2.5.0
Springsource Spring Framework 2.5.5
Springsource Spring Framework 2.5.6
Springsource Spring Framework 3.0.4
Springsource Spring Framework
Springsource Spring Framework 2.5.3
Springsource Spring Framework 2.5.4
Springsource Spring Framework 3.0.2
Springsource Spring Framework 3.0.3
Springsource Spring Framework 2.5.1
Springsource Spring Framework 2.5.2
Springsource Spring Framework 3.0.0
Springsource Spring Framework 3.0.1
Springsource Spring Framework 2.5.7
NA
CVE-2011-2894
Spring Framework 3.0.0 up to and including 3.0.5, Spring Security 3.0.0 up to and including 3.0.5 and 2.0.0 up to and including 2.0.6, and possibly other versions deserialize objects from untrusted sources, which allows remote malicious users to bypass intended security restricti...
Vmware Spring Security
Vmware Spring Framework
3 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4