Search for packages
| purl | pkg:maven/org.springframework/spring-core@4.3.1.RELEASE |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2327-21sr-mfgx
Aliases: CVE-2018-1272 GHSA-4487-x383-qpph |
Improper Privilege Management When Spring MVC or Spring WebFlux server application (server A) receives input from a remote client, and then uses that input to make a multipart request to another server (server B), it can be exposed to an attack, where an extra multipart is inserted in the content of the request from server A, causing server B to use the wrong value for a part it expects. This could to lead privilege escalation, for example, if the part content represents a username or user roles. |
Affected by 0 other vulnerabilities. Affected by 2 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 3 other vulnerabilities. |
|
VCID-72ga-q9u7-sfav
Aliases: CVE-2018-1275 GHSA-3rmv-2pg5-xvqj |
Improperly Implemented Security Check for Standard Spring Framework allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. |
Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. Affected by 3 other vulnerabilities. |
|
VCID-fra1-reqm-kfdb
Aliases: CVE-2020-5421 GHSA-rv39-3qh7-9v7w |
Remote file disclosure In Spring Framework the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-h4kj-zdr8-wbdr
Aliases: CVE-2018-1199 GHSA-v596-fwhq-8x48 |
Improper Input Validation Spring Security does not consider URL path parameters when processing security constraints. By adding a URL path parameter with special encodings, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path parameters in the Servlet Specification. Some Servlet containers include path parameters in the value returned for `getPathInfo()` and some do not. Spring Security uses the value returned by `getPathInfo()` as part of the process of mapping requests to security constraints. In this particular attack, different character encodings used in path parameters allows secured Spring MVC static resource URLs to be bypassed. |
Affected by 4 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 3 other vulnerabilities. Affected by 5 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 4 other vulnerabilities. |
|
VCID-vgyx-gshk-tbcx
Aliases: CVE-2016-9878 GHSA-2m8h-fgr8-2q9w |
Path Traversal Paths provided to the `ResourceServlet` were not properly sanitized and as a result exposed to directory traversal attacks. |
Affected by 0 other vulnerabilities. Affected by 4 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-46dm-5t83-tyh6 | Spring Security / MVC Path Matching Inconsistency This package rely on URL pattern mappings for authorization and for mapping requests to controllers respectively. Differences in the strictness of the pattern matching mechanisms, for example with regards to space trimming in path segments, can lead Spring Security to not recognize certain paths as not protected that are in fact mapped to Spring MVC controllers that should be protected. The problem is compounded by the fact that the Spring Framework provides richer features with regards to pattern matching as well as by the fact that pattern matching in each Spring Security and the Spring Framework can easily be customized creating additional differences. |
CVE-2016-5007
GHSA-8crv-49fr-2h6j |