Lucene search
+L

17 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.14 views

EUVD-2022-4886

Malicious code in bioql PyPI...

5.9CVSS6.2AI score0.00963EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2017-8039

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Pivotal Spring Web Flow through 2.4.5. Applications that do not change the value of the MvcViewFactoryCreator useSpringBinding proper...

5.9CVSS6.9AI score0.15858EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2017-4971

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Pivotal Spring Web Flow through 2.4.4. Applications that do not change the value of the MvcViewFactoryCreator useSpringBinding proper...

5.9CVSS6.7AI score0.15858EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.35 views

RHEL 7 : jasperreports-server-pro (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jackson-databind: Unsafe deserialization due to incomplete black list incomplete fix for CVE-2017-15095...

9.8CVSS8.8AI score0.49727EPSS
Exploits4References6
OSV
OSV
added 2022/05/13 1:47 a.m.58 views

GHSA-Q4V9-QJMW-J7VF Insecure Default Initialization of Resource in Pivotal Spring Web Flow

An issue was discovered in Pivotal Spring Web Flow through 2.4.5. Applications that do not change the value of the MvcViewFactoryCreator useSpringBinding property which is disabled by default i.e., set to 'false' can be vulnerable to malicious EL expressions in view states that process form...

5.9CVSS5.8AI score0.00963EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2018/09/28 4:30 a.m.29 views

Security Bulletin: IBM Security Guardium is affected by a Using Components with Known Vulnerabilities vulnerability

Summary IBM Security Guardium has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2017-8039 DESCRIPTION: Pivotal Spring Web Flow could provide weaker than expected security, caused by an error related to applications that do not change the value of the...

7.5CVSS1.7AI score0.15858EPSS
Exploits1Affected Software1
Prion
Prion
added 2017/11/27 10:29 a.m.19 views

Design/Logic Flaw

An issue was discovered in Pivotal Spring Web Flow through 2.4.5. Applications that do not change the value of the MvcViewFactoryCreator useSpringBinding property which is disabled by default i.e., set to 'false' can be vulnerable to malicious EL expressions in view states that process form...

4.3CVSS5.6AI score0.15858EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2017/11/27 10:29 a.m.35 views

CVE-2017-8039

An issue was discovered in Pivotal Spring Web Flow through 2.4.5. Applications that do not change the value of the MvcViewFactoryCreator useSpringBinding property which is disabled by default i.e., set to 'false' can be vulnerable to malicious EL expressions in view states that process form...

5.9CVSS6AI score0.00963EPSS
Exploits0References2
OSV
OSV
added 2017/11/27 10:29 a.m.23 views

CVE-2017-8039

An issue was discovered in Pivotal Spring Web Flow through 2.4.5. Applications that do not change the value of the MvcViewFactoryCreator useSpringBinding property which is disabled by default i.e., set to 'false' can be vulnerable to malicious EL expressions in view states that process form...

5.9CVSS6.6AI score0.00963EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/11/27 10:0 a.m.45 views

CVE-2017-8039

An issue was discovered in Pivotal Spring Web Flow through 2.4.5. Applications that do not change the value of the MvcViewFactoryCreator useSpringBinding property which is disabled by default i.e., set to 'false' can be vulnerable to malicious EL expressions in view states that process form...

5.6AI score0.00963EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2017/09/22 8:49 a.m.41 views

CVE-2017-8039

An issue was discovered in Pivotal Spring Web Flow through 2.4.5. Applications that do not change the value of the MvcViewFactoryCreator useSpringBinding property which is disabled by default i.e., set to 'false' can be vulnerable to malicious EL expressions in view states that process form...

5.9CVSS3.2AI score0.15858EPSS
Exploits1References2
Prion
Prion
added 2017/06/13 6:29 a.m.20 views

Design/Logic Flaw

An issue was discovered in Pivotal Spring Web Flow through 2.4.4. Applications that do not change the value of the MvcViewFactoryCreator useSpringBinding property which is disabled by default i.e., set to 'false' can be vulnerable to malicious EL expressions in view states that process form...

4.3CVSS5.4AI score0.15858EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2017/06/13 6:29 a.m.30 views

CVE-2017-4971

An issue was discovered in Pivotal Spring Web Flow through 2.4.4. Applications that do not change the value of the MvcViewFactoryCreator useSpringBinding property which is disabled by default i.e., set to 'false' can be vulnerable to malicious EL expressions in view states that process form...

5.9CVSS5.8AI score0.15858EPSS
Exploits1References3
OSV
OSV
added 2017/06/13 6:29 a.m.30 views

CVE-2017-4971

An issue was discovered in Pivotal Spring Web Flow through 2.4.4. Applications that do not change the value of the MvcViewFactoryCreator useSpringBinding property which is disabled by default i.e., set to 'false' can be vulnerable to malicious EL expressions in view states that process form...

5.9CVSS6.5AI score0.15858EPSS
Exploits1References3
Cvelist
Cvelist
added 2017/06/13 6:0 a.m.44 views

CVE-2017-4971

An issue was discovered in Pivotal Spring Web Flow through 2.4.4. Applications that do not change the value of the MvcViewFactoryCreator useSpringBinding property which is disabled by default i.e., set to 'false' can be vulnerable to malicious EL expressions in view states that process form...

5.5AI score0.15858EPSS
Exploits1References3
seebug.org
seebug.org
added 2017/06/12 12:0 a.m.124 views

Pivotal Spring Web Flow Security Bypass Vulnerability(CVE-2017-4971)

Author: iswin@ThreatHunter A. Vulnerability description This vulnerability is in year 6 at the beginning has just been submittedtransfer Gate, the official and there is no detailed information, by the official Description and a patch of the contrast, we can roughly infer should be the Spring Web...

4.3CVSS6.8AI score0.15858EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2017/06/01 7:19 a.m.27 views

CVE-2017-4971

An issue was discovered in Pivotal Spring Web Flow through 2.4.4. Applications that do not change the value of the MvcViewFactoryCreator useSpringBinding property which is disabled by default i.e., set to 'false' can be vulnerable to malicious EL expressions in view states that process form...

5.9CVSS2.9AI score0.15858EPSS
Exploits1References2
Rows per page
Query Builder