An issue was discovered in Pivotal Spring Framework before 3.2.18, 4.2.x before 4.2.9, and 4.3.x before 4.3.5. Paths provided to the ResourceServlet were not properly sanitized and as a result exposed to directory traversal attacks.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: dell
Published: 2016-12-29T09:02:00
Updated: 2024-08-06T03:07:30.827Z
Reserved: 2016-12-06T00:00:00
Link: CVE-2016-9878
Vulnrichment
No data.
NVD
Status : Modified
Published: 2016-12-29T09:59:00.820
Modified: 2024-11-21T03:01:56.327
Link: CVE-2016-9878
Redhat