Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware spring security 4.2.1 vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2017-4995
An issue exists in Pivotal Spring Security 4.2.0.RELEASE up to and including 4.2.2.RELEASE, and Spring Security 5.0.0.M1. When configured to enable default typing, Jackson contained a deserialization vulnerability that could lead to arbitrary code execution. Jackson fixed this vu...
Vmware Spring Security 4.2.1
Vmware Spring Security 4.2.2
Vmware Spring Security 5.0.0
Vmware Spring Security 4.2.0
6.5
CVSSv2
CVE-2018-1258
Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted.
Pivotal Software Spring Security
Vmware Spring Framework 5.0.5
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.4
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Application Testing Suite 10.1
Oracle Application Testing Suite 12.5.0.3
Oracle Application Testing Suite 13.1.0.1
Oracle Application Testing Suite 13.2.0.1
Oracle Application Testing Suite 13.3.0.1
Oracle Big Data Discovery 1.6.0
Oracle Communications Converged Application Server
Oracle Communications Diameter Signaling Router
Oracle Communications Network Integrity
Oracle Communications Performance Intelligence Center
Oracle Communications Services Gatekeeper
Oracle Endeca Information Discovery Integrator 3.1.0
Oracle Endeca Information Discovery Integrator 3.2.0
Oracle Enterprise Manager For Mysql Database 13.2
Oracle Enterprise Manager Ops Center 12.2.2
Oracle Enterprise Manager Ops Center 12.3.3
5
CVSSv2
CVE-2016-9879
An issue exists in Pivotal Spring Security prior to 3.2.10, 4.1.x prior to 4.1.4, and 4.2.x prior to 4.2.1. Spring Security does not consider URL path parameters when processing security constraints. By adding a URL path parameter with an encoded "/" to a request, an at...
Vmware Spring Security 4.1.3
Vmware Spring Security 4.1.2
Vmware Spring Security 3.2.5
Vmware Spring Security 3.2.4
Vmware Spring Security 4.1.1
Vmware Spring Security 4.1.0
Vmware Spring Security 3.2.3
Vmware Spring Security 3.2.2
Vmware Spring Security 3.2.7
Vmware Spring Security 3.2.6
Vmware Spring Security 4.2.0
Vmware Spring Security 3.2.9
Vmware Spring Security 3.2.8
Vmware Spring Security 3.2.1
Vmware Spring Security 3.2.0
Ibm Websphere Application Server 8.5.5.6
Ibm Websphere Application Server 8.5.5.5
Ibm Websphere Application Server 8.5.5.4
Ibm Websphere Application Server 8.5.5.3
Ibm Websphere Application Server 8.5.5.2
Ibm Websphere Application Server 8.5.5.9
Ibm Websphere Application Server 8.5.5.1
5
CVSSv2
CVE-2016-9878
An issue exists in Pivotal Spring Framework prior to 3.2.18, 4.2.x prior to 4.2.9, and 4.3.x prior to 4.3.5. Paths provided to the ResourceServlet were not properly sanitized and as a result exposed to directory traversal attacks.
Vmware Spring Framework 4.3.1
Pivotal Software Spring Framework 4.3.0
Vmware Spring Framework 4.2.8
Vmware Spring Framework 4.2.1
Pivotal Software Spring Framework 4.2.0
Vmware Spring Framework 3.2.11
Vmware Spring Framework 3.2.10
Vmware Spring Framework 3.2.2
Vmware Spring Framework 3.2.1
Vmware Spring Framework 4.2.7
Vmware Spring Framework 4.2.6
Vmware Spring Framework 3.2.17
Vmware Spring Framework 3.2.16
Vmware Spring Framework 3.2.9
Vmware Spring Framework 3.2.8
Pivotal Software Spring Framework
Vmware Spring Framework 4.3.4
Vmware Spring Framework 4.2.5
Vmware Spring Framework 4.2.4
Vmware Spring Framework 3.2.15
Vmware Spring Framework 3.2.14
Vmware Spring Framework 3.2.7
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started