Search for packages
| purl | pkg:maven/org.springframework/spring-core@3.0.4.RELEASE |
| Next non-vulnerable version | 5.2.24.RELEASE |
| Latest non-vulnerable version | 6.2.11 |
| Risk | 4.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2327-21sr-mfgx
Aliases: CVE-2018-1272 GHSA-4487-x383-qpph |
Improper Privilege Management When Spring MVC or Spring WebFlux server application (server A) receives input from a remote client, and then uses that input to make a multipart request to another server (server B), it can be exposed to an attack, where an extra multipart is inserted in the content of the request from server A, causing server B to use the wrong value for a part it expects. This could to lead privilege escalation, for example, if the part content represents a username or user roles. |
Affected by 0 other vulnerabilities. Affected by 8 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 9 other vulnerabilities. |
|
VCID-46dm-5t83-tyh6
Aliases: CVE-2016-5007 GHSA-8crv-49fr-2h6j |
Spring Security / MVC Path Matching Inconsistency This package rely on URL pattern mappings for authorization and for mapping requests to controllers respectively. Differences in the strictness of the pattern matching mechanisms, for example with regards to space trimming in path segments, can lead Spring Security to not recognize certain paths as not protected that are in fact mapped to Spring MVC controllers that should be protected. The problem is compounded by the fact that the Spring Framework provides richer features with regards to pattern matching as well as by the fact that pattern matching in each Spring Security and the Spring Framework can easily be customized creating additional differences. |
Affected by 0 other vulnerabilities. Affected by 11 other vulnerabilities. |
|
VCID-72ga-q9u7-sfav
Aliases: CVE-2018-1275 GHSA-3rmv-2pg5-xvqj |
Improperly Implemented Security Check for Standard Spring Framework allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. |
Affected by 0 other vulnerabilities. Affected by 7 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 9 other vulnerabilities. |
|
VCID-amxf-c3z4-gbhk
Aliases: CVE-2023-20861 GHSA-564r-hj7v-mcr5 |
Spring Framework vulnerable to denial of service via specially crafted SpEL expression In Spring Framework versions 6.0.0 - 6.0.6, 5.3.0 - 5.3.25, 5.2.0.RELEASE - 5.2.22.RELEASE, and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition. |
Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 1 other vulnerability. |
|
VCID-cfmp-m8jn-uqg4
Aliases: CVE-2022-22968 GHSA-g5mm-vmx4-3rg7 |
Improper Handling of Case Sensitivity In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not effectively protected unless it is listed with both upper and lower case for the first character of the field, including upper and lower case for the first character of all nested fields within the property path. |
Affected by 0 other vulnerabilities. Affected by 4 other vulnerabilities. Affected by 4 other vulnerabilities. |
|
VCID-ehpw-txyw-auh6
Aliases: CVE-2023-20863 GHSA-wxqc-pxw9-g2p8 |
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') In spring framework versions prior to 5.2.24 release+,5.3.27+ and 6.0.8+, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-fra1-reqm-kfdb
Aliases: CVE-2020-5421 GHSA-rv39-3qh7-9v7w |
Remote file disclosure In Spring Framework the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter. |
Affected by 10 other vulnerabilities. Affected by 6 other vulnerabilities. Affected by 6 other vulnerabilities. Affected by 6 other vulnerabilities. Affected by 6 other vulnerabilities. Affected by 6 other vulnerabilities. Affected by 6 other vulnerabilities. Affected by 9 other vulnerabilities. Affected by 9 other vulnerabilities. |
|
VCID-gmn5-ykw3-cqf4
Aliases: CVE-2011-2894 GHSA-f866-m9mv-2xr3 |
Deserialization of Untrusted Data Spring Framework 3.0.0 through 3.0.5, Spring Security 3.0.0 through 3.0.5 and 2.0.0 through 2.0.6, and possibly other versions deserialize objects from untrusted sources, which allows remote attackers to bypass intended security restrictions and execute untrusted code by (1) serializing a java.lang.Proxy instance and using InvocationHandler, or (2) accessing internal AOP interfaces, as demonstrated using deserialization of a DefaultListableBeanFactory instance to execute arbitrary commands via the java.lang.Runtime class. |
Affected by 0 other vulnerabilities. Affected by 13 other vulnerabilities. |
|
VCID-hcrz-cwpf-37db
Aliases: CVE-2011-2730 GHSA-wv88-pf73-x22p |
EL expressions double evaluation When a container supports Expression Language (EL), this package evaluates EL expressions in tags twice, which allows remote attackers to obtain sensitive information via a name attribute in a `spring:hasBindErrors` tag; path attribute in a `spring:bind` or `spring:nestedpath` tag; `arguments`, `code`, `text`, `var`, `scope`, or `message` attribute in a `spring:message` or `spring:theme` tag; or `var`, `scope`, or `value` attribute in a `spring:transform` tag, aka Expression Language Injection. |
Affected by 0 other vulnerabilities. Affected by 13 other vulnerabilities. |
|
VCID-kvhz-7nfu-2kdx
Aliases: CVE-2014-3578 GHSA-rhcg-rwhx-qj3j |
Directory traversal flaw Directory traversal vulnerability in this package allows remote attackers to read arbitrary files via a crafted URL. |
Affected by 0 other vulnerabilities. Affected by 12 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 11 other vulnerabilities. |
|
VCID-n8kg-ajw8-5yd2
Aliases: CVE-2022-22970 GHSA-hh26-6xwr-ggv7 |
Allocation of Resources Without Limits or Throttling In spring framework versions prior to 5.3.20+, 5.2.22+ and old unsupported versions, applications that handle file uploads is vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object. |
Affected by 2 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
VCID-ncq1-u2qu-77ec
Aliases: CVE-2015-3192 GHSA-6v7w-535j-rq5m |
DoS Attack with XML Input This package do not properly process inline DTD declarations when DTD is not entirely disabled, which allows remote attackers to cause a denial of service (memory consumption and out-of-memory errors) via a crafted XML file. |
Affected by 0 other vulnerabilities. Affected by 11 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 10 other vulnerabilities. |
|
VCID-uvga-6hdm-3kda
Aliases: CVE-2022-22971 GHSA-rqph-vqwm-22vc |
Allocation of Resources Without Limits or Throttling In spring framework versions prior to 5.3.20+, 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user. |
Affected by 2 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
VCID-vgyx-gshk-tbcx
Aliases: CVE-2016-9878 GHSA-2m8h-fgr8-2q9w |
Path Traversal Paths provided to the `ResourceServlet` were not properly sanitized and as a result exposed to directory traversal attacks. |
Affected by 0 other vulnerabilities. Affected by 10 other vulnerabilities. Affected by 1 other vulnerability. Affected by 10 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 10 other vulnerabilities. |
|
VCID-vr7m-chzs-abfu
Aliases: CVE-2022-22965 GHSA-36p3-wjmg-h94x GMS-2022-558 GMS-2022-559 GMS-2022-560 GMS-2022-561 |
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in org.springframework.boot:spring-boot-starter-webflux. |
Affected by 0 other vulnerabilities. Affected by 5 other vulnerabilities. Affected by 5 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||