Search for packages
| purl | pkg:maven/org.springframework/spring-web@4.0.0.RELEASE |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2nff-p7we-tuax
Aliases: CVE-2015-3192 GHSA-6v7w-535j-rq5m |
Pivotal Spring Framework before 3.2.14 and 4.x before 4.1.7 do not properly process inline DTD declarations when DTD is not entirely disabled, which allows remote attackers to cause a denial of service (memory consumption and out-of-memory errors) via a crafted XML file. |
Affected by 0 other vulnerabilities. Affected by 5 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-5ng1-3a32-cugs
Aliases: CVE-2024-22262 GHSA-2wrp-6fg6-hmc5 |
Spring Framework URL Parsing with Host Validation Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used after passing validation checks. This is the same as CVE-2024-22259 https://spring.io/security/cve-2024-22259 and CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input. |
Affected by 2 other vulnerabilities. Affected by 1 other vulnerability. Affected by 1 other vulnerability. |
|
VCID-ec6g-dnjb-vycb
Aliases: CVE-2015-5211 GHSA-pgf9-h69p-pcgf |
Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versions is vulnerable to a Reflected File Download (RFD) attack. The attack involves a malicious user crafting a URL with a batch script extension that results in the response being downloaded rather than rendered and also includes some input reflected in the response. |
Affected by 4 other vulnerabilities. Affected by 5 other vulnerabilities. |
|
VCID-kpma-e8rd-b7c8
Aliases: CVE-2016-1000027 GHSA-4wrc-f8pq-fpqp |
Pivotal Spring Framework contains unsafe Java deserialization methods Pivotal Spring Framework before 6.0.0 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication may be required. Maintainers recommend investigating alternative components or a potential mitigating control. Version 4.2.6 and 3.2.17 contain [enhanced documentation](https://github.com/spring-projects/spring-framework/commit/5cbe90b2cd91b866a5a9586e460f311860e11cfa) advising users to take precautions against unsafe Java deserialization, version 5.3.0 [deprecate the impacted classes](https://github.com/spring-projects/spring-framework/issues/25379) and version 6.0.0 [removed it entirely](https://github.com/spring-projects/spring-framework/issues/27422). |
Affected by 5 other vulnerabilities. |
|
VCID-r384-aque-vqcw
Aliases: CVE-2014-0225 GHSA-f93f-g33r-8pcp |
When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack. |
Affected by 6 other vulnerabilities. |
|
VCID-x5w8-j62d-m7h6
Aliases: CVE-2024-38809 GHSA-2rmj-mq67-h97g |
Spring Framework DoS via conditional HTTP request ### Description Applications that parse ETags from `If-Match` or `If-None-Match` request headers are vulnerable to DoS attack. ### Affected Spring Products and Versions org.springframework:spring-web in versions 6.1.0 through 6.1.11 6.0.0 through 6.0.22 5.3.0 through 5.3.37 Older, unsupported versions are also affected ### Mitigation Users of affected versions should upgrade to the corresponding fixed version. 6.1.x -> 6.1.12 6.0.x -> 6.0.23 5.3.x -> 5.3.38 No other mitigation steps are necessary. Users of older, unsupported versions could enforce a size limit on `If-Match` and `If-None-Match` headers, e.g. through a Filter. |
Affected by 1 other vulnerability. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-y3uz-etva-sufh
Aliases: CVE-2020-5421 GHSA-rv39-3qh7-9v7w |
Improper Input Validation in Spring Framework In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter. |
Affected by 4 other vulnerabilities. Affected by 3 other vulnerabilities. Affected by 3 other vulnerabilities. Affected by 3 other vulnerabilities. Affected by 3 other vulnerabilities. Affected by 3 other vulnerabilities. Affected by 3 other vulnerabilities. Affected by 3 other vulnerabilities. Affected by 3 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-eer8-apxc-2ue6 | The Spring MVC in Spring Framework before 3.2.4 and 4.0.0.M1 through 4.0.0.M2 does not disable external entity resolution for the StAX XMLInputFactory, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML with JAXB, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152. NOTE: this issue was SPLIT from CVE-2013-4152 due to different affected versions. |
CVE-2013-7315
GHSA-vp63-rrcm-9mph |
| VCID-mvx7-2y3s-fbbb | The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152 and CVE-2013-7315. |
CVE-2013-6429
GHSA-g6hf-f9cq-q7w7 |