Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware spring boot vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2018-1196
Spring Boot supports an embedded launch script that can be used to easily run the application as a systemd or init.d linux service. The script included with Spring Boot 1.5.9 and previous versions and 2.0.0.M1 up to and including 2.0.0.M7 is susceptible to a symlink attack which ...
Vmware Spring Boot
Vmware Spring Boot 2.0.0
7.5
CVSSv3
CVE-2023-20883
In Spring Boot versions 3.0.0 - 3.0.6, 2.7.0 - 2.7.11, 2.6.0 - 2.6.14, 2.5.0 - 2.5.14 and older unsupported versions, there is potential for a denial-of-service (DoS) attack if Spring MVC is used together with a reverse proxy cache.
* Spring Boot
Vmware Spring Boot
9.8
CVSSv3
CVE-2023-20873
In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6...
Vmware Spring Boot
1 Github repository
7.8
CVSSv3
CVE-2022-27772
spring-boot versions prior to version v2.2.11.RELEASE was vulnerable to temporary directory hijacking. This vulnerability impacted the org.springframework.boot.web.server.AbstractConfigurableWebServerFactory.createTempDir method. NOTE: This vulnerability only affects products and...
Vmware Spring Boot
6.5
CVSSv3
CVE-2023-34055
In Spring Boot versions 2.7.0 - 2.7.17, 3.0.0-3.0.12 and 3.1.0-3.1.5, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable when all of the following are true: * the appl...
Vmware Spring Boot
7.5
CVSSv3
CVE-2023-22602
When using Apache Shiro prior to 1.11.0 together with Spring Boot 2.6+, a specially crafted HTTP request may cause an authentication bypass. The authentication bypass occurs when Shiro and Spring Boot are using different pattern-matching techniques. Both Shiro and Spring Boot <...
Apache Shiro
Vmware Spring Boot 2.6.0
9.8
CVSSv3
CVE-2022-31691
Spring Tools 4 for Eclipse version 4.16.0 and below as well as VSCode extensions such as Spring Boot Tools, Concourse CI Pipeline Editor, Bosh Editor and Cloudfoundry Manifest YML Support version 1.39.0 and below all use Snakeyaml library for YAML editing support. This library al...
Vmware Bosh Editor
Vmware Cloudfoundry Manifest Yml Support
Vmware Concourse Ci Pipeline Editor
Vmware Spring Boot Tools
Vmware Spring Tools
1 Github repository
9.8
CVSSv3
CVE-2021-26987
Element Plug-in for vCenter Server incorporates SpringBoot Framework. SpringBoot Framework versions before 1.3.2 are susceptible to a vulnerability which when successfully exploited could lead to Remote Code Execution. All versions of Element Plug-in for vCenter Server, Managemen...
Vmware Spring Boot
Netapp Element Plug-in For Vcenter Server
Netapp Management Services For Element Software And Netapp Hci
Netapp Solidfire & Hci Management Node
6.5
CVSSv3
CVE-2023-20863
In spring framework versions before 5.2.24 release+ ,5.3.27+ and 6.0.8+ , it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition.
Vmware Spring Framework
7.5
CVSSv3
CVE-2024-22233
In Spring Framework versions 6.0.15 and 6.1.2, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable when all of the following are true: * the application uses Spring MVC...
Vmware Spring Framework 6.0.15
Vmware Spring Framework 6.1.2
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2024-52884
CVE-2025-25085
CVE-2025-20124
login-box
CVE-2025-1114
bnielsen
log injection
CVE-2025-0411
metagauss
CVE-2024-57357
malicious code
file upload
impronta
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »