Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware spring framework 3.0.5 vulnerabilities and exploits
(subscribe to this query)
606
VMScore
CVE-2011-2894
Spring Framework 3.0.0 up to and including 3.0.5, Spring Security 3.0.0 up to and including 3.0.5 and 2.0.0 up to and including 2.0.6, and possibly other versions deserialize objects from untrusted sources, which allows remote malicious users to bypass intended security restricti...
Vmware Spring Security
Vmware Spring Framework
3 Github repositories
605
VMScore
CVE-2014-0225
When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack.
Vmware Spring Framework 3.1.3
Vmware Spring Framework 3.1.4
Pivotal Software Spring Framework 3.0.0
Vmware Spring Framework 3.0.1
Vmware Spring Framework 3.2.1
Pivotal Software Spring Framework 3.2.0
Pivotal Software Spring Framework 4.0.0
Vmware Spring Framework 4.0.1
Vmware Spring Framework 3.1.0
Vmware Spring Framework 4.0.0
Vmware Spring Framework 3.1.1
Vmware Spring Framework 3.0.3
Vmware Spring Framework 3.0.5
Vmware Spring Framework 3.2.4
Vmware Spring Framework 3.2.2
Vmware Spring Framework 4.0.2
Vmware Spring Framework 4.0.4
Vmware Spring Framework 3.2.0
Vmware Spring Framework 3.0.7
Vmware Spring Framework 3.2.8
Vmware Spring Framework 3.2.6
Vmware Spring Framework 3.2.7
605
VMScore
CVE-2013-7315
The Spring MVC in Spring Framework prior to 3.2.4 and 4.0.0.M1 up to and including 4.0.0.M2 does not disable external entity resolution for the StAX XMLInputFactory, which allows context-dependent malicious users to read arbitrary files, cause a denial of service, and conduct CSR...
Vmware Spring Framework 3.1.4
Vmware Spring Framework 3.1.3
Vmware Spring Framework 4.0.0
Springsource Spring Framework 3.0.5
Springsource Spring Framework 3.0.0
Vmware Spring Framework
Vmware Spring Framework 3.2.2
Vmware Spring Framework 3.1.0
Vmware Spring Framework 3.0.7
Springsource Spring Framework 3.0.2
Springsource Spring Framework 3.0.1
Springsource Spring Framework 3.0.0.m2
Vmware Spring Framework 3.2.1
Vmware Spring Framework 3.2.0
Vmware Spring Framework 3.0.6
Springsource Spring Framework 3.0.0.m1
Vmware Spring Framework 3.1.2
Vmware Spring Framework 3.1.1
Springsource Spring Framework 3.0.4
Springsource Spring Framework 3.0.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started