Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Spring_framework
(Vmware)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 40 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-06-25 | CVE-2018-11040 | Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through AbstractJsonpResponseBodyAdvice for REST controllers and MappingJackson2JsonView for browser requests. Both are not enabled by default in Spring Framework nor Spring Boot, however, when MappingJackson2JsonView is configured in an application, JSONP support is automatically ready to use through... | Debian_linux, Agile_product_lifecycle_management, Application_testing_suite, Communications_network_integrity, Communications_online_mediation_controller, Communications_services_gatekeeper, Communications_unified_inventory_management, Endeca_information_discovery_integrator, Enterprise_manager, Enterprise_manager_ops_center, Flexcube_private_banking, Healthcare_master_person_index, Hospitality_guest_access, Insurance_calculation_engine, Insurance_rules_palette, Micros_lucas, Mysql_enterprise_monitor, Product_lifecycle_management, Retail_advanced_inventory_planning, Retail_clearance_optimization_engine, Retail_customer_insights, Retail_markdown_optimization, Retail_predictive_application_server, Retail_service_backbone, Retail_xstore_point_of_service, Utilities_network_management_system, Weblogic_server, Spring_framework | 7.5 | ||
| 2018-05-11 | CVE-2018-1257 | Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a regular expression, denial of service attack. | Agile_product_lifecycle_management, Application_testing_suite, Big_data_discovery, Communications_converged_application_server, Communications_diameter_signaling_router, Communications_performance_intelligence_center, Communications_services_gatekeeper, Communications_unified_inventory_management, Endeca_information_discovery_integrator, Enterprise_manager_base_platform, Enterprise_manager_for_mysql_database, Enterprise_manager_ops_center, Flexcube_private_banking, Goldengate_for_big_data, Health_sciences_information_manager, Healthcare_master_person_index, Hospitality_guest_access, Insurance_calculation_engine, Insurance_rules_palette, Primavera_gateway, Retail_customer_insights, Retail_open_commerce_platform, Retail_order_broker, Retail_predictive_application_server, Service_architecture_leveraging_tuxedo, Tape_library_acsls, Utilities_network_management_system, Weblogic_server, Openshift, Spring_framework | 6.5 | ||
| 2018-06-25 | CVE-2018-11039 | Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applications to change the HTTP request method to any HTTP method (including TRACE) using the HiddenHttpMethodFilter in Spring MVC. If an application has a pre-existing XSS vulnerability, a malicious user (or attacker) can use this filter to escalate to an XST (Cross Site Tracing) attack. | Debian_linux, Agile_plm, Application_testing_suite, Communications_diameter_signaling_router, Communications_network_integrity, Communications_online_mediation_controller, Communications_performance_intelligence_center, Communications_services_gatekeeper, Communications_unified_inventory_management, Endeca_information_discovery_integrator, Enterprise_manager_base_platform, Enterprise_manager_for_mysql_database, Enterprise_manager_ops_center, Health_sciences_information_manager, Healthcare_master_person_index, Hospitality_guest_access, Insurance_calculation_engine, Insurance_rules_palette, Micros_lucas, Mysql_enterprise_monitor, Primavera_p6_enterprise_project_portfolio_management, Retail_advanced_inventory_planning, Retail_assortment_planning, Retail_clearance_optimization_engine, Retail_customer_insights, Retail_financial_integration, Retail_integration_bus, Retail_markdown_optimization, Retail_predictive_application_server, Retail_xstore_point_of_service, Utilities_network_management_system, Weblogic_server, Spring_framework | 5.9 | ||
| 2022-04-01 | CVE-2022-22950 | n Spring Framework versions 5.3.0 - 5.3.16 and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial of service condition. | Spring_framework | 6.5 | ||
| 2017-05-25 | CVE-2015-5211 | Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versions is vulnerable to a Reflected File Download (RFD) attack. The attack involves a malicious user crafting a URL with a batch script extension that results in the response being downloaded rather than rendered and also includes some input reflected in the response. | Debian_linux, Spring_framework | 9.6 | ||
| 2018-12-19 | CVE-2018-15801 | Spring Security versions 5.1.x prior to 5.1.2 contain an authorization bypass vulnerability during JWT issuer validation. In order to be impacted, the same private key for an honest issuer and a malicious user must be used when signing JWTs. In that case, a malicious user could fashion signed JWTs with the malicious issuer URL that may be granted for the honest issuer. | Spring_framework | 7.4 | ||
| 2022-01-10 | CVE-2021-22060 | In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. This is a follow-up to CVE-2021-22096 that protects against additional types of input and in more places of the Spring Framework codebase. | Communications_cloud_native_core_console, Communications_cloud_native_core_service_communication_proxy, Spring_framework | 4.3 | ||
| 2021-10-28 | CVE-2021-22096 | In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. | Active_iq_unified_manager, Management_services_for_element_software_and_netapp_hci, Metrocluster_tiebreaker, Snap_creator_framework, Snapcenter, Communications_cloud_native_core_console, Communications_cloud_native_core_service_communication_proxy, Spring_framework | 4.3 | ||
| 2014-01-23 | CVE-2013-4152 | The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in conjunction with an entity reference in a (1) DOMSource, (2) StAXSource, (3) SAXSource, or (4) StreamSource, aka an XML External Entity (XXE) issue. | Spring_framework, Spring_framework | N/A | ||
| 2014-01-23 | CVE-2013-7315 | The Spring MVC in Spring Framework before 3.2.4 and 4.0.0.M1 through 4.0.0.M2 does not disable external entity resolution for the StAX XMLInputFactory, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML with JAXB, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152. NOTE: this issue was SPLIT from CVE-2013-4152 due to different affected versions. | Spring_framework, Spring_framework | N/A |