VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-sw3u-a2s1-23b7

Essentials
Severities (22)
References (22)
Severity details (18)
Exploits (1)
EPSS
History (1)

Vulnerability ID	VCID-sw3u-a2s1-23b7
Aliases	CVE-2010-1622 GHSA-vpr3-f594-mg5g
Summary
Status	Published
Exploitability	2.0
Weighted Severity	6.2
Risk	10.0
Affected and Fixed Packages	Package Details

Weaknesses (5)

CWE-96	Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')
CWE-94	Improper Control of Generation of Code ('Code Injection')
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-78	Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

System	Score	Found at
generic_textual	MODERATE	http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html
generic_textual	MODERATE	http://geronimo.apache.org/21x-security-report.html
generic_textual	MODERATE	http://geronimo.apache.org/22x-security-report.html
generic_textual	MODERATE	https://access.redhat.com/errata/RHSA-2011:0175
generic_textual	MODERATE	https://access.redhat.com/security/cve/CVE-2010-1622
epss	0.01554	https://api.first.org/data/v1/epss?cve=CVE-2010-1622
epss	0.01554	https://api.first.org/data/v1/epss?cve=CVE-2010-1622
epss	0.01554	https://api.first.org/data/v1/epss?cve=CVE-2010-1622
epss	0.01554	https://api.first.org/data/v1/epss?cve=CVE-2010-1622
generic_textual	MODERATE	https://bugzilla.redhat.com/show_bug.cgi?id=606706
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-vpr3-f594-mg5g
generic_textual	MODERATE	https://github.com/spring-projects/spring-framework
generic_textual	MODERATE	https://github.com/spring-projects/spring-framework/commit/3a5af35d37c79d0644d49b93f792a4c18fe8eb71
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2010-1622
generic_textual	MODERATE	https://seclists.org/fulldisclosure/2010/Jun/456
generic_textual	MODERATE	https://web.archive.org/web/20100623011648/http://www.springsource.com/security/cve-2010-1622
generic_textual	MODERATE	https://web.archive.org/web/20161014113129/http://www.securitytracker.com/id/1033898
generic_textual	MODERATE	https://web.archive.org/web/20200227210033/http://www.securityfocus.com/archive/1/511877
generic_textual	MODERATE	https://web.archive.org/web/20200228060816/http://www.securityfocus.com/bid/40954
generic_textual	MODERATE	http://www.exploit-db.com/exploits/13918
generic_textual	MODERATE	http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
generic_textual	MODERATE	http://www.redhat.com/support/errata/RHSA-2011-0175.html

Reference id	Reference type	URL
		http://geronimo.apache.org/2010/07/21/apache-geronimo-v216-released.html
		http://geronimo.apache.org/21x-security-report.html
		http://geronimo.apache.org/22x-security-report.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1622.json
		https://access.redhat.com/security/cve/CVE-2010-1622
		https://api.first.org/data/v1/epss?cve=CVE-2010-1622
		https://github.com/spring-projects/spring-framework
		https://github.com/spring-projects/spring-framework/commit/3a5af35d37c79d0644d49b93f792a4c18fe8eb71
		https://nvd.nist.gov/vuln/detail/CVE-2010-1622
		https://seclists.org/fulldisclosure/2010/Jun/456
		https://web.archive.org/web/20100623011648/http://www.springsource.com/security/cve-2010-1622
		https://web.archive.org/web/20161014113129/http://www.securitytracker.com/id/1033898
		https://web.archive.org/web/20200227210033/http://www.securityfocus.com/archive/1/511877
		https://web.archive.org/web/20200228060816/http://www.securityfocus.com/bid/40954
		https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1622
		http://www.exploit-db.com/exploits/13918
		http://www.redhat.com/support/errata/RHSA-2011-0175.html
606706		https://bugzilla.redhat.com/show_bug.cgi?id=606706
CVE-2010-1622		http://support.springsource.com/security/cve-2010-1622
CVE-2010-1622;OSVDB-65661	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/13918.txt
GHSA-vpr3-f594-mg5g		https://github.com/advisories/GHSA-vpr3-f594-mg5g
RHSA-2011:0175		https://access.redhat.com/errata/RHSA-2011:0175

Data source	Exploit-DB
Date added	June 17, 2010
Description	Spring Framework - Arbitrary code Execution
Ransomware campaign use	Known
Source publication date	June 18, 2010
Exploit type	webapps
Platform	multiple

Exploit Prediction Scoring System (EPSS)

Percentile	0.81846
EPSS Score	0.01554
Published At	June 11, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-12T01:21:08.712332+00:00	EPSS Importer	Import	https://epss.cyentia.com/epss_scores-current.csv.gz	38.6.0