6 matches found
EUVD-2018-0494
Malware in sbrugna...
Moderate severity vulnerability that affects org.springframework:spring-core
The Java SockJS client in Pivotal Spring Framework 4.1.x before 4.1.5 generates predictable session ids, which allows remote attackers to send messages to other sessions via unspecified vectors...
Brute-force Session Guessing Attacks
sockjs-client is vulnerable to brute-force session guessing attacks. The vulnerability is due to using default random 8-character long session ID which is not robust enough to prevent the attackers from guessing the ID using the Brute-Force search...
Unspecified Vulnerability in Pivotal Software Spring Framework Java SockJS Client
Pivotal Software Spring Framework is the U.S. Pivotal Software, Inc. of a set of open source Java, Java EE application framework. The framework helps developers build high-quality applications . A security vulnerability exists in the Java SockJS client in Pivotal Software Spring Framework version...
CVE-2015-0201
The Java SockJS client in Pivotal Spring Framework 4.1.x before 4.1.5 generates predictable session ids, which allows remote attackers to send messages to other sessions via unspecified vectors...
CVE-2015-0201
The Java SockJS client in Pivotal Spring Framework 4.1.x before 4.1.5 generates predictable session ids, which allows remote attackers to send messages to other sessions via unspecified vectors...