9 matches found
CVE-2022-43484
TERASOLUNA Global Framework 1.0.0 Public review version and TERASOLUNA Server Framework for Java Rich 2.0.0.2 to 2.0.5.1 are vulnerable to a ClassLoader manipulation vulnerability due to using the old version of Spring Framework which contains the vulnerability.The vulnerability is caused by an...
CVE-2025-22233
CVE-2024-38820 ensured Locale-independent, lowercase conversion for both the configured disallowedFields patterns and for request parameter names. However, there are still cases where it is possible to bypass the disallowedFields checks. Affected Spring Products and Versions Spring Framework: 6.2...
CVE-2025-22233 Spring Framework DataBinder Case Sensitive Match Exception
CVE-2024-38820 ensured Locale-independent, lowercase conversion for both the configured disallowedFields patterns and for request parameter names. However, there are still cases where it is possible to bypass the disallowedFields checks. Affected Spring Products and Versions Spring Framework: 6.2...
CVE-2025-22233
CVE-2024-38820 ensured Locale-independent, lowercase conversion for both the configured disallowedFields patterns and for request parameter names. However, there are still cases where it is possible to bypass the disallowedFields checks. Affected Spring Products and Versions Spring Framework: 6.2...
CVE-2022-43484
TERASOLUNA Global Framework 1.0.0 Public review version and TERASOLUNA Server Framework for Java Rich 2.0.0.2 to 2.0.5.1 are vulnerable to a ClassLoader manipulation vulnerability due to using the old version of Spring Framework which contains the vulnerability.The vulnerability is caused by an...
NTT DATA TERASOLUNA 输入验证错误漏洞
NTT DATA TERASOLUNA is an NTT DATA framework from NTT DATA Corporation in Japan. A security vulnerability exists in NTT DATA TERASOLUNA Global Framework version 1.0.0 and TERASOLUNA Server Framework for Java Rich versions 2.0.0.2 through 2.0.5.1, which stems from improper input validation in the...
TERASOLUNA Server Framework for Java (WEB) Information Disclosure Vulnerability
TERASOLUNA Server Framework for Java WEB is a set of frameworks based on the Java language for creating Web applications WEB version. A security vulnerability exists in TERASOLUNA Server Framework for Java WEB versions 2.0.0.1 through 2.0.6.1. A remote attacker can exploit the vulnerability to...
The Validator in TERASOLUNA Server Framework for Java(WEB) vulnerable to input validation bypass
Overview The TERASOLUNA Server Framework for JavaWEB provided by NTT Data Corporation is a software framework for creating web applications. The TERASOLUNA Server Framework for JavaWEB is vulnerable to an issue contained in the Apache Struts 1 Validator, since it uses Apache Struts 1.2.9. The...
TERASOLUNA Server Framework for Java(Web) vulnerable to ClassLoader manipulation
Overview TERASOLUNA Server Framework for JavaWeb provided by NTT DATA Corporation is a software framework for creating Java web applications. TERASOLUNA Server Framework for JavaWeb bundles Apache Struts 1.2.9, which contains a vulnerability where the ClassLoader may be manipulated CVE-2014-0114...