Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-vvv9-hpac-sqf6
Vulnerability ID VCID-vvv9-hpac-sqf6
Aliases CVE-2011-2894
GHSA-f866-m9mv-2xr3
Summary
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (4)
CWE-502 Deserialization of Untrusted Data
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
generic_textual MODERATE http://osvdb.org/75263
epss 0.01998 https://api.first.org/data/v1/epss?cve=CVE-2011-2894
epss 0.01998 https://api.first.org/data/v1/epss?cve=CVE-2011-2894
epss 0.01998 https://api.first.org/data/v1/epss?cve=CVE-2011-2894
generic_textual MODERATE http://securityreason.com/securityalert/8405
generic_textual MODERATE https://exchange.xforce.ibmcloud.com/vulnerabilities/69687
cvssv3.1_qr MODERATE https://github.com/advisories/GHSA-f866-m9mv-2xr3
generic_textual MODERATE https://github.com/spring-projects/spring-framework
generic_textual MODERATE https://github.com/spring-projects/spring-framework/commit/070a723ef2c886770a063eb9a67f84f74e06edfb
generic_textual MODERATE https://nvd.nist.gov/vuln/detail/CVE-2011-2894
generic_textual MODERATE https://web.archive.org/web/20120307233721/http://www.springsource.com/security/cve-2011-2894
generic_textual MODERATE http://www.redhat.com/support/errata/RHSA-2011-1334.html
generic_textual MODERATE http://www.securityfocus.com/archive/1/519593/100/0/threaded
generic_textual MODERATE http://www.securityfocus.com/bid/49536
generic_textual MODERATE http://www.springsource.com/security/cve-2011-2894
Reference id Reference type URL
http://osvdb.org/75263
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2894.json
https://api.first.org/data/v1/epss?cve=CVE-2011-2894
http://securityreason.com/securityalert/8405
https://exchange.xforce.ibmcloud.com/vulnerabilities/69687
https://github.com/spring-projects/spring-framework
https://github.com/spring-projects/spring-framework/commit/070a723ef2c886770a063eb9a67f84f74e06edfb
https://nvd.nist.gov/vuln/detail/CVE-2011-2894
https://web.archive.org/web/20120307233721/http://www.springsource.com/security/cve-2011-2894
http://www.redhat.com/support/errata/RHSA-2011-1334.html
http://www.securityfocus.com/archive/1/519593/100/0/threaded
http://www.securityfocus.com/bid/49536
http://www.springsource.com/security/cve-2011-2894
737611 https://bugzilla.redhat.com/show_bug.cgi?id=737611
GHSA-f866-m9mv-2xr3 https://github.com/advisories/GHSA-f866-m9mv-2xr3
RHSA-2011:1334 https://access.redhat.com/errata/RHSA-2011:1334
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.84026
EPSS Score 0.01998
Published At June 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-12T01:23:09.299588+00:00 EPSS Importer Import https://epss.cyentia.com/epss_scores-current.csv.gz 38.6.0