VMware Spring Web Services 授权问题漏洞

VMware Spring Web Services is a SOAP Web services development framework provided by the American company VMware. Versions 5.0.0 to 5.0.1, 4.1.0 to 4.1.3, 4.0.0 to 4.0.18, and 3.1.0 to 3.1.8 of VMware Spring Web Services contain authorization vulnerabilities. These vulnerabilities stem from the...

VMware Spring Web Flow 安全漏洞

VMware Spring Web Flow is a web application flow management framework developed by the American company VMware. Versions 4.0.0, 3.0.0 to 3.0.1, and 2.5.0 to 2.5.1 of VMware Spring Web Flow contain security vulnerabilities. These vulnerabilities stem from the possibility of malicious Unified EL...

VMware Spring Boot 信任管理问题漏洞

VMware Spring Boot is an open-source framework developed by the American company VMware. There are security vulnerabilities related to trust management in versions of VMware Spring Boot 4.0.0 to 4.0.6, 3.5.0 to 3.5.14, and 3.4.0 to 3.4.16. These vulnerabilities stem from the automatic email...

VMware Spring Web Services 代码问题漏洞

VMware Spring Web Services is a SOAP Web services development framework provided by the American company VMware. There are code vulnerabilities in versions 5.0.0 to 5.0.1, 4.1.0 to 4.1.3, 4.0.0 to 4.0.18, and 3.1.0 to 3.1.8 of VMware Spring Web Services. These vulnerabilities stem from the defaul...

VMware Spring Web Flow 跨站脚本漏洞

VMware Spring Web Flow is a web application flow management framework developed by VMware, Inc. Versions 4.0.0, 3.0.0 to 3.0.1, and 2.5.0 to 2.5.1 of VMware Spring Web Flow have cross-site scripting vulnerabilities. These vulnerabilities stem from the JavaScript RemotingHandler’s ability to rende...

VMware Spring Integration 路径遍历漏洞

VMware Spring Integration is an enterprise application integration framework developed by VMware, Inc. Versions 7.0.0 to 7.0.4, 6.5.0 to 6.5.8, 6.4.0 to 6.4.11, 6.3.0 to 6.3.14, and 5.5.0 to 5.5.20 of VMware Spring Integration have a path traversal vulnerability. This vulnerability arises due to...

VMware Spring Boot 安全漏洞

VMware Spring Boot is an open-source framework developed by the American company VMware. There are security vulnerabilities in versions 4.0.0 to 4.0.6, 3.5.0 to 3.5.14, 3.4.0 to 3.4.16, 3.3.0 to 3.3.19, and 2.7.0 to 2.7.33 of VMware Spring Boot. These vulnerabilities stem from the use of fixed...

VMware Spring REST Docs 代码问题漏洞

VMware Spring REST Docs is a REST API documentation generation framework developed by VMware, Inc. There are code-related vulnerabilities in VMware Spring REST Docs. These vulnerabilities arise when using spring-restdocs-webtestclient or spring-restdocs-restassistant to record remote APIs accesse...

VMware Spring Data REST 访问控制错误漏洞

VMware Spring Data REST is a data interface provided by the American company VMware. It is used to build domain models based on Spring Data repositories, and to expose hypermedia-driven HTTP resources for aggregates contained within those models. VMware Spring Data REST versions 3.7.0 and earlier...

VMware Spring for Apache Kafka 输入验证错误漏洞

VMware Spring for Apache Kafka is a Kafka messaging integration framework developed by VMware, Inc. Versions of Spring for Apache Kafka such as 4.0.0 and earlier, 3.3.0 and earlier, 3.2.0 and earlier, 2.9.0 and earlier, and 2.8.0 and earlier have a input validation vulnerability. This vulnerabili...

VMware Spring for Apache Pulsar 代码问题漏洞

VMware Spring for Apache Pulsar is a Pulsar messaging integration framework developed by the company VMware. Versions of VMware Spring for Apache Pulsar such as 2.0.0, 1.2.0, and 1.1.0 have code vulnerabilities. These vulnerabilities stem from the use of JsonPulsarHeaderMapper to check header typ...

VMware Spring AMQP 信任管理问题漏洞

VMware Spring AMQP is a message queue integration framework developed by VMware, Inc. There is a vulnerability related to trust management in VMware Spring AMQP. This vulnerability arises when configuring a proxy connection using RabbitConnectionFactoryBean.setUriamqps://…, without calling...

VMware Spring Security 代码问题漏洞

VMware Spring Security is a security framework provided by the American company VMware, designed to provide descriptive security protection for Spring-based applications. Versions of VMware Spring Security from 7.0.0 to 7.0.5 have code vulnerabilities. These vulnerabilities stem from attackers wh...

VMware Spring Data Commons 资源管理错误漏洞

VMware Spring Data Commons is a data access abstraction framework developed by VMware Corporation in the United States. There is a resource management vulnerability in VMware Spring Data Commons. This vulnerability arises when the attribute path string controlled by the attacker is passed to the...

VMware Spring Data Relational 安全漏洞

VMware Spring Data Relational is a relational database access framework developed by VMware, Inc. There is a security vulnerability in VMware Spring Data Relational, which stems from the improper escaping of external control inputs when using StringMatcher in Query By Example. Attackers can use...

VMware Spring Data Commons 资源管理错误漏洞

VMware Spring Data Commons is a data access abstraction framework developed by VMware Corporation. There is a resource management vulnerability in VMware Spring Data Commons, which may lead to a StackOverflowException during the parsing of Sort parameters, resulting in a denial-of-service attack...

VMware Spring for Apache Kafka 代码问题漏洞

VMware Spring for Apache Kafka is a Kafka messaging integration framework developed by VMware, Inc. Versions of VMware Spring for Apache Kafka prior to 4.0.0, as well as versions 3.3.0 and earlier, 3.2.0 and earlier, 2.9.0 and earlier, and 2.8.0 and earlier, contain code vulnerabilities. These...

VMware Spring Framework 安全特征问题漏洞

VMware Spring Framework is an open-source Java/JavaEE application framework developed by VMware, Inc. This framework helps developers build high-quality applications. Versions of VMware Spring Framework from 7.0.0 to 7.0.7, 6.2.0 to 6.2.18, 6.1.0 to 6.1.27, and 5.3.0 to 5.3.48 contain security...

VMware Spring Framework 输入验证错误漏洞

VMware Spring Framework is an open-source Java/JavaEE application framework developed by VMware, a US-based company. This framework helps developers build high-quality applications. Versions of VMware Spring Framework from 5.3.0 to 5.3.48 contain a vulnerability related to input validation errors...

VMware Spring Framework 代码问题漏洞

VMware Spring Framework is an open-source Java and JavaEE application framework developed by VMware, Inc. This framework helps developers build high-quality applications. Versions of the VMware Spring Framework prior to 7.0.0, 6.2.0, 6.1.0, and 5.3.0 contain code vulnerabilities. These...