Lucene search
K

7 matches found

F5 Networks
F5 Networks
added 2023/02/21 7:57 p.m.299 views

K29042031: Multiple Spring Framework vulnerabilities

Security Advisory Description On April 5th, 2018, three new vulnerabilities were published in the popular Java web framework called Spring. Details on these vulnerabilities and exploit code are not yet available, and mitigation details may change if and when the exploit code is available. You can...

9.8CVSS8.8AI score0.95649EPSS
Exploits15
vulnersOsv
vulnersOsv
added 2018/10/17 8:27 p.m.3 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +20817 more potentially affected by CVE-2018-1272 via org.springframework:spring-core (>=1.2 <=4.3.14.RELEASE)

org.springframework:spring-core MAVEN version =1.2, =1.1, =1.3, =0.0.1, =0.1.6, =0.1.4-SB1X, =0.1.0, =4.2.1, =4.4.1, =0.1.0, =1.0, =5.0.9, =0.0.20, =0.0.34 and more Source cves: CVE-2018-1272 Source advisory: OSV:GHSA-4487-X383-QPPH...

7.5CVSS7AI score0.02831EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2018/09/11 7:53 a.m.132 views

Important: Red Hat Security Advisory: Fuse 7.1 security update

An update is now available for Red Hat Fuse. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

9.8CVSS7.7AI score0.96121EPSS
Exploits7References27
RedHat Linux
RedHat Linux
added 2018/05/03 5:6 p.m.84 views

Critical: Red Hat Security Advisory: Red Hat OpenShift Application Runtimes security and bug fix update

An update is now available for Red Hat OpenShift Application Runtimes. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

9.8CVSS6.9AI score0.77245EPSS
Exploits8References8
UbuntuCve
UbuntuCve
added 2018/04/06 1:29 p.m.40 views

CVE-2018-1272

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, provide client-side support for multipart requests. When Spring MVC or Spring WebFlux server application server A receives input from a remote client, and then uses that input to make a...

7.5CVSS7AI score0.02831EPSS
Exploits0References2
OSV
OSV
added 2018/04/06 1:29 p.m.30 views

CVE-2018-1272

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, provide client-side support for multipart requests. When Spring MVC or Spring WebFlux server application server A receives input from a remote client, and then uses that input to make a...

7.5CVSS7.7AI score0.02831EPSS
Exploits0References10
CVE
CVE
added 2018/04/06 1:0 p.m.181 views

CVE-2018-1272

CVE-2018-1272 affects Spring Framework: versions 5.0 before 5.0.5 and 4.3 before 4.3.15 (and older unsupported) have a flaw in multipart request handling where an injected extra multipart in a server A→server B flow can cause server B to misread a part, potentially enabling privilege escalation. ...

7.5CVSS8.3AI score0.02831EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder