12 matches found
EUVD-2018-0586
Malware in sbrugna...
EUVD-2022-0479
Malicious code in bioql PyPI...
EUVD-2022-3947
Malicious code in bioql PyPI...
EUVD-2022-3731
Malicious code in bioql PyPI...
CVE-2022-43484
TERASOLUNA Global Framework 1.0.0 Public review version and TERASOLUNA Server Framework for Java Rich 2.0.0.2 to 2.0.5.1 are vulnerable to a ClassLoader manipulation vulnerability due to using the old version of Spring Framework which contains the vulnerability.The vulnerability is caused by an...
Spring Framework Path Traversal vulnerability
Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible to the process in which the Spring application...
PT-2024-6332
Name of the Vulnerable Software and Affected Versions Spring Framework versions 5.3.0 through 5.3.39 Spring Framework versions 6.0.0 through 6.0.23 Spring Framework versions 6.0.24 through 6.1.12 Spring Framework versions 6.1.13 and earlier Description The vulnerability is related to path travers...
PT-2024-1921 · Unknown +2 · Spring Framework +3
Name of the Vulnerable Software and Affected Versions: Spring Framework versions prior to the fixed version Description: The issue arises from insufficient validation of user-input data in the Spring Framework, potentially allowing an attacker to perform a Server-Side Request Forgery SSRF attack ...
CVE-2022-43484
TERASOLUNA Global Framework 1.0.0 Public review version and TERASOLUNA Server Framework for Java Rich 2.0.0.2 to 2.0.5.1 are vulnerable to a ClassLoader manipulation vulnerability due to using the old version of Spring Framework which contains the vulnerability.The vulnerability is caused by an...
Exploit for Code Injection in Vmware Spring_Framework
CVE-2022-22965 aka "Spring4Shell" Vulnerabilidad RCE en Spri...
Security Bulletin: IBM Security Guardium is affected by a Spring Framework vulnerability
Summary IBM Security Guardium has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2018-15756 DESCRIPTION: Pivotal Spring Framework is vulnerable to a denial of service, caused by improper handling of range request by the ResourceHttpRequestHandler. By adding a range header...
Framework: Information (internal server information, classpath, local working directories, session IDs) disclosure
VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language EL, evaluates EL expressions in tags twice, which allows remote attackers to obtain sensitive information via a 1 name attribute in a a spring:hasBindErrors ta...