Filtered by vendor Vmware Subscriptions
Filtered by product Spring Framework Subscriptions
Total 43 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-38820 1 Vmware 1 Spring Framework 2024-11-29 3.1 Low
The fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive. However, String.toLowerCase() has some Locale dependent exceptions that could potentially result in fields not protected as expected.
CVE-2024-38809 2 Redhat, Vmware 2 Apache Camel Spring Boot, Spring Framework 2024-11-21 5.3 Medium
Applications that parse ETags from "If-Match" or "If-None-Match" request headers are vulnerable to DoS attack. Users of affected versions should upgrade to the corresponding fixed version. Users of older, unsupported versions could enforce a size limit on "If-Match" and "If-None-Match" headers, e.g. through a Filter.
CVE-2024-22233 1 Vmware 1 Spring Framework 2024-11-21 7.5 High
In Spring Framework versions 6.0.15 and 6.1.2, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable when all of the following are true: * the application uses Spring MVC * Spring Security 6.1.6+ or 6.2.1+ is on the classpath Typically, Spring Boot applications need the org.springframework.boot:spring-boot-starter-web and org.springframework.boot:spring-boot-starter-security dependencies to meet all conditions.
CVE-2023-44794 2 Dromara, Vmware 3 Sa-token, Spring Boot, Spring Framework 2024-11-21 9.8 Critical
An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL.
CVE-2023-34053 1 Vmware 1 Spring Framework 2024-11-21 5.3 Medium
In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable when all of the following are true: * the application uses Spring MVC or Spring WebFlux * io.micrometer:micrometer-core is on the classpath * an ObservationRegistry is configured in the application to record observations Typically, Spring Boot applications need the org.springframework.boot:spring-boot-actuator dependency to meet all conditions.
CVE-2023-20863 2 Redhat, Vmware 2 Camel Spring Boot, Spring Framework 2024-11-21 6.5 Medium
In spring framework versions prior to 5.2.24 release+ ,5.3.27+ and 6.0.8+ , it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition.
CVE-2023-20861 2 Redhat, Vmware 8 Amq Broker, Camel Spring Boot, Jboss Enterprise Bpms Platform and 5 more 2024-11-21 6.5 Medium
In Spring Framework versions 6.0.0 - 6.0.6, 5.3.0 - 5.3.25, 5.2.0.RELEASE - 5.2.22.RELEASE, and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition.
CVE-2023-20860 2 Redhat, Vmware 9 Amq Broker, Camel Spring Boot, Jboss Enterprise Bpms Platform and 6 more 2024-11-21 7.5 High
Spring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using "**" as a pattern in Spring Security configuration with the mvcRequestMatcher creates a mismatch in pattern matching between Spring Security and Spring MVC, and the potential for a security bypass.
CVE-2022-22971 4 Netapp, Oracle, Redhat and 1 more 6 Cloud Secure Agent, Oncommand Insight, Financial Services Crime And Compliance Management Studio and 3 more 2024-11-21 6.5 Medium
In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user.
CVE-2022-22970 4 Netapp, Oracle, Redhat and 1 more 8 Active Iq Unified Manager, Brocade San Navigator, Cloud Secure Agent and 5 more 2024-11-21 5.3 Medium
In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object.
CVE-2022-22968 4 Netapp, Oracle, Redhat and 1 more 9 Active Iq Unified Manager, Cloud Secure Agent, Metrocluster Tiebreaker and 6 more 2024-11-21 5.3 Medium
In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not effectively protected unless it is listed with both upper and lower case for the first character of the field, including upper and lower case for the first character of all nested fields within the property path.
CVE-2022-22965 6 Cisco, Oracle, Redhat and 3 more 45 Cx Cloud Agent, Commerce Platform, Communications Cloud Native Core Automated Test Suite and 42 more 2024-11-21 9.8 Critical
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
CVE-2022-22950 2 Redhat, Vmware 5 Jboss Enterprise Bpms Platform, Jboss Fuse, Openshift Application Runtimes and 2 more 2024-11-21 6.5 Medium
n Spring Framework versions 5.3.0 - 5.3.16 and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial of service condition.
CVE-2021-22118 4 Netapp, Oracle, Redhat and 1 more 34 Hci, Management Services For Element Software, Commerce Guided Search and 31 more 2024-11-21 7.8 High
In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFlux application, or overwrite arbitrary files with multipart request data.
CVE-2021-22096 4 Netapp, Oracle, Redhat and 1 more 12 Active Iq Unified Manager, Management Services For Element Software And Netapp Hci, Metrocluster Tiebreaker and 9 more 2024-11-21 4.3 Medium
In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries.
CVE-2021-22060 3 Oracle, Redhat, Vmware 4 Communications Cloud Native Core Console, Communications Cloud Native Core Service Communication Proxy, Jboss Fuse and 1 more 2024-11-21 4.3 Medium
In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. This is a follow-up to CVE-2021-22096 that protects against additional types of input and in more places of the Spring Framework codebase.
CVE-2020-5421 4 Netapp, Oracle, Redhat and 1 more 39 Oncommand Insight, Snap Creator Framework, Snapcenter and 36 more 2024-11-21 6.5 Medium
In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter.
CVE-2020-5398 4 Netapp, Oracle, Redhat and 1 more 34 Data Availability Services, Snapcenter, Application Testing Suite and 31 more 2024-11-21 7.5 High
In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input.
CVE-2020-5397 2 Oracle, Vmware 27 Application Testing Suite, Communications Brm - Elastic Charging Engine, Communications Diameter Signaling Router and 24 more 2024-11-21 5.3 Medium
Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module) endpoints. Only non-authenticated endpoints are vulnerable because preflight requests should not include credentials and therefore requests should fail authentication. However a notable exception to this are Chrome based browsers when using client certificates for authentication since Chrome sends TLS client certificates in CORS preflight requests in violation of spec requirements. No HTTP body can be sent or received as a result of this attack.
CVE-2018-1275 3 Oracle, Redhat, Vmware 21 Application Testing Suite, Big Data Discovery, Communications Converged Application Server and 18 more 2024-11-21 9.8 Critical
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. This CVE addresses the partial fix for CVE-2018-1270 in the 4.3.x branch of the Spring Framework.