Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5 matches found

Tenable Nessus
Tenable Nessusadded 2024/05/11 12:0 a.m.18 views

RHEL 7 : spring-webflow (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - spring-webflow: Data Binding Expression Vulnerability in Spring Web Flow CVE-2017-8039 - An issue was...

6.1AI score0.75359EPSS
Exploits1References2
vulnersOsv
vulnersOsvadded 2022/05/13 1:47 a.m.1 views

com.github.gfernandez598:springwebflow-optforrepl (=1.0), com.github.stephanarts:cas-server-integration-zeromq (>=0.0.1 <=0.0.8) +443 more potentially affected by CVE-2017-8039 via org.springframework.webflow:spring-webflow (>=2.0.6.RELEASE <=2.4.5.RELEASE)

org.springframework.webflow:spring-webflow MAVEN version =2.0.6.RELEASE, =0.0.1, =1.0, =1.0.0.RELEASE, =1.0, =1.0, =1.0.0-GA, =1.0.0-GA, =1.0.0-GA, =1.0.0-GA, =1.0.0-RC1 and more Source cves: CVE-2017-8039 Source advisory: OSV:GHSA-Q4V9-QJMW-J7VF...

5.9CVSS6.5AI score0.00183EPSS
Exploits1
vulnersOsv
vulnersOsvadded 2022/05/13 1:45 a.m.2 views

com.github.gfernandez598:springwebflow-optforrepl (=1.0), fr.natsystem.natjet:natsys-nsworkflow (=7.0.19) +295 more potentially affected by CVE-2017-4971 via org.springframework.webflow:spring-webflow (>=2.4.0.RELEASE <=2.4.4.RELEASE)

org.springframework.webflow:spring-webflow MAVEN version =2.4.0.RELEASE, =1.0.0.RELEASE, =1.0, =1.0, =2.0.0-RC1, =2.0.0-RC1, =2.0.0-RC1, =2.0.0-RC1, =2.0.0-RC1, =5.0.0, =5.0.0, =5.1.9 and more Source cves: CVE-2017-4971 Source advisory: OSV:GHSA-FG9W-CFFM-PMH2...

5.9CVSS6.5AI score0.75359EPSS
Exploits1
Veracode
Veracodeadded 2017/09/18 4:54 a.m.18 views

Data Binding Expression Vulnerability

spring-webflow is vulnerable to a data binding expression vulnerability. The vulnerability is caused when the MvcViewFactoryCreator useSpringBinding property is set to false by default. Therefore, applications which use the default settings are vulnerable to malicious EL expressions in view state...

5.9CVSS6.5AI score0.00183EPSS
Exploits1References3Affected Software1
myhack58
myhack58added 2017/06/12 12:0 a.m.504 views

Spring WebFlow remote code execution vulnerability analysis(CVE-2017-4971)-vulnerability warning-the black bar safety net

In order to better and the majority of security enthusiasts, we build a community, the community mainly focused on the threats found and security data analysis and other fields, we hope to have more friends to join, together with the analysis of knowledge and common progress. Community address: ,...

6.3AI score0.75359EPSS
Exploits1
Rows per page
Query Builder