Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2015-0201HistoryMar 10, 2015 - 2:59 p.m.
CVE-2015-0201
2015-03-1014:59:04
Debian Security Bug Tracker
security-tracker.debian.org
11
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
0.003
Percentile
70.5%
The Java SockJS client in Pivotal Spring Framework 4.1.x before 4.1.5 generates predictable session ids, which allows remote attackers to send messages to other sessions via unspecified vectors.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libspring-java | < 4.3.30-2 | libspring-java_4.3.30-2_all.deb |
| Debian | 11 | all | libspring-java | < 4.3.30-1 | libspring-java_4.3.30-1_all.deb |
| Debian | 999 | all | libspring-java | < 4.3.30-2 | libspring-java_4.3.30-2_all.deb |
| Debian | 13 | all | libspring-java | < 4.3.30-2 | libspring-java_4.3.30-2_all.deb |
Related
cve
cve
CVE-2015-0201
2015-03-10 14:59:04
github
github
Moderate severity vulnerability that affects org.springframework:spring-core
2018-10-17 20:28:20
nvd
nvd
CVE-2015-0201
2015-03-10 14:59:04
prion
prion
Design/Logic Flaw
2015-03-10 14:59:00
cvelist
cvelist
CVE-2015-0201
2015-03-10 14:00:00
osv
osv
Moderate severity vulnerability that affects org.springframework:spring-core
2018-10-17 20:28:20
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
0.003
Percentile
70.5%
Related for DEBIANCVE:CVE-2015-0201