Debian: Security Advisory (DLA-1853-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1853-1] libspring-java security update

Package : libspring-java Version : 3.0.6.RELEASE-17+deb8u1 CVE ID : CVE-2014-3578 CVE-2014-3625 CVE-2015-3192 CVE-2015-5211 CVE-2016-9878 Debian Bug : 760733 769698 796137 849167 Vulnerabilities have been identified in libspring-java, a modular Java/J2EE application framework. CVE-2014-3578 A...

Security Bulletin: IBM QRadar SIEM contains vulnerable components and libraries. (CVE-2016-5007, CVE-2016-9878)

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2016-5007 DESCRIPTION: Pivotal Spring Security and Spring Framework could provide weaker than expected security, caused by the...

Moderate: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R5 security and bug fix update

An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Fedora Update for springframework FEDORA-2016-f341d71730

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 25 : springframework (2016-f341d71730)

Update to 3.2.18.RELEASE. Resolves: CVE-2016-9878 rhbz1408164,1408165 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

CVE-2016-9878

An issue was discovered in Pivotal Spring Framework before 3.2.18, 4.2.x before 4.2.9, and 4.3.x before 4.3.5. Paths provided to the ResourceServlet were not properly sanitized and as a result exposed to directory traversal attacks...

CVE-2016-9878

CVE-2016-9878 affects Pivotal Spring Framework prior to 3.2.18, 4.2.x prior to 4.2.9, and 4.3.x prior to 4.3.5. The root cause is insufficient sanitization of paths provided to ResourceServlet, enabling directory traversal to view arbitrary files. Affected entry is corroborated by IBM/DOORS secur...