Vulnerabilidades en Spring by Pivotal
9 resultadosCVE-2018-1273CRITICALSpring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerabilitEPSS 95.6%KEVCVE-2018-1270—Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose EPSS 77.2%CVE-2018-1275—Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose EPSS 57.6%CVE-2018-1271—Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to configuEPSS 35.7%CVE-2018-1272—Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, provide client-side support fEPSS 2.8%CVE-2018-1274—Spring Data Commons, versions 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property path parser vulnerability caEPSS 2.0%CVE-2018-1229—Pivotal Spring Batch Admin, all versions, contains a stored XSS vulnerability in the file upload feature. An unauthenticated malicious user EPSS 0.8%CVE-2018-1230—Pivotal Spring Batch Admin, all versions, does not contain cross site request forgery protection. A remote unauthenticated user could craft EPSS 0.7%CVE-2018-15801LOWAuthorization Bypass During JWT Issuer Validation with spring-securityEPSS 0.7%