Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
spring boot vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-29466
Directory Traversal vulnerability in lsgwr spring boot online exam v.0.9 allows an malicious user to execute arbitrary code via the FileTransUtil.java component.
7.5
CVSSv3
CVE-2024-22233
In Spring Framework versions 6.0.15 and 6.1.2, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable when all of the following are true: * the application uses Spring MVC...
Vmware Spring Framework 6.1.2
Vmware Spring Framework 6.0.15
5.3
CVSSv3
CVE-2023-51074
json-path v2.8.0 exists to contain a stack overflow via the Criteria.parse() method.
Json-path Jayway Jsonpath 2.8.0
2 Github repositories
7.5
CVSSv3
CVE-2023-51650
Hertzbeat is an open source, real-time monitoring system. Prior to version 1.4.1, Spring Boot permission configuration issues caused unauthorized access vulnerabilities to three interfaces. This could result in disclosure of sensitive server information. Version 1.4.1 fixes this ...
Dromara Hertzbeat
7.5
CVSSv3
CVE-2023-6481
A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an malicious user to mount a Denial-Of-Service attack by sending poisoned data.
Qos Logback 1.2.12
Qos Logback 1.3.13
Qos Logback 1.4.13
7.5
CVSSv3
CVE-2023-6378
A serialization vulnerability in logback receiver component part of logback version 1.4.11 allows an malicious user to mount a Denial-Of-Service attack by sending poisoned data.
Qos Logback
3 Github repositories
7.5
CVSSv3
CVE-2023-34053
In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable when all of the following are true: * the application uses Spring MVC o...
Vmware Spring Framework
6.5
CVSSv3
CVE-2023-34055
In Spring Boot versions 2.7.0 - 2.7.17, 3.0.0-3.0.12 and 3.1.0-3.1.5, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable when all of the following are true: * the appl...
Vmware Spring Boot
7.5
CVSSv3
CVE-2023-4043
In Eclipse Parsson prior to 1.1.4 and 1.0.5, Parsing JSON from untrusted sources can lead malicious actors to exploit the fact that the built-in support for parsing numbers with large scale in Java has a number of edge cases where the input text of a number can lead to much large...
Eclipse Parsson
7.5
CVSSv3
CVE-2023-5072
Denial of Service in JSON-Java versions up to and including 20230618. A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used.
Json-java Project Json-java
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »