The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Pivotal Spring Framework

2 Spring Framework: privilege escalation via JWT Issuer Validation
An attacker can bypass restrictions via JWT Issuer Validation of Spring Framework, in order to escalate his privileges...
CVE-2018-15801, VIGILANCE-VUL-28058
2 Spring Framework: denial of service via Complex Range Requests
An attacker can generate a fatal error via Complex Range Requests of Spring Framework, in order to trigger a denial of service...
CERTFR-2019-AVI-331, cpujul2019, cpuoct2019, CVE-2018-15756, ibm10957141, VIGILANCE-VUL-27548
2 Spring Framework: information disclosure via Cross-Domain Requests
An attacker can bypass access restrictions to data via Cross-Domain Requests of Spring Framework, in order to obtain sensitive information...
cpuapr2019, cpujan2019, cpujul2019, cpuoct2018, CVE-2018-11040, VIGILANCE-VUL-26440
2 Spring Framework: information disclosure via Cross Site Tracing
An attacker can bypass access restrictions to data via Cross Site Tracing of Spring Framework, in order to obtain sensitive information...
cpuapr2019, cpujan2019, cpujul2019, cpuoct2018, CVE-2018-11039, VIGILANCE-VUL-26439
2 Spring Integration Zip: directory traversal
An attacker can traverse directories of Spring Integration Zip, in order to create a file outside the service root path. This vulnerability is a member of the Zip Slip family (VIGILANCE-VUL-26357)...
CVE-2018-1263, VIGILANCE-VUL-26358
2 Spring Integration Zip: directory traversal
An attacker can traverse directories of Spring Integration Zip, in order to create a file outside the service root path. This vulnerability is a member of the Zip Slip family (VIGILANCE-VUL-26357)...
CVE-2018-1261, VIGILANCE-VUL-26092
3 Spring Security OAuth: code execution
An attacker can use a vulnerability of Spring Security OAuth, in order to run code...
CVE-2018-1260, VIGILANCE-VUL-26091
2 Spring Data: external XML entity injection
An attacker can transmit malicious XML data to Spring Data, in order to read a file, scan sites, or trigger a denial of service...
CVE-2018-1259, VIGILANCE-VUL-26090
2 Spring Framework: privilege escalation via Spring Security Method
An attacker can bypass restrictions via Spring Security Method of Spring Framework, in order to escalate his privileges...
cpuapr2019, cpujan2019, cpujul2019, cpuoct2018, CVE-2018-1258, DSA-2019-093, VIGILANCE-VUL-26089
2 Spring Framework: denial of service via Spring-messaging
An attacker can generate a fatal error via Spring-messaging of Spring Framework, in order to trigger a denial of service...
cpuapr2019, cpujan2019, cpujul2019, cpuoct2018, CVE-2018-1257, VIGILANCE-VUL-26088
Our database contains other pages. You can request a free trial to read them.

Display information about Pivotal Spring Framework: