CVSS: 7.5EPSS: 10%CPEs: 114EXPL: 0CVE-2018-15756 – DoS Attack via Range Requests
https://notcve.org/view.php?id=CVE-2018-15756
18 Oct 2018 — Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controller returns an org.springframework.core.io.Resource. A malicious user (or attacker) can add a range header with a high number of ranges, or with wide ranges that overlap, or both, for a denial of service attack. This ... • http://www.securityfocus.com/bid/105703 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 1%CPEs: 37EXPL: 1CVE-2018-1000632 – dom4j: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity of XML documents
https://notcve.org/view.php?id=CVE-2018-1000632
20 Aug 2018 — dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document. This vulnerability appears to have been fixed in 2.1.1 or later. dom4j en versiones anteriores a la 2.1.1 contiene una vulnerabilidad CWE-91: Inyección XML en Clase: Element. Métodos: ... • https://access.redhat.com/errata/RHSA-2019:0362 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') CWE-91: XML Injection (aka Blind XPath Injection) •
CVSS: 5.9EPSS: 3%CPEs: 42EXPL: 0CVE-2018-10237 – guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service
https://notcve.org/view.php?id=CVE-2018-10237
26 Apr 2018 — Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable. Asignación de memoria ... • http://www.securitytracker.com/id/1041707 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.8EPSS: 89%CPEs: 70EXPL: 6CVE-2018-1270 – spring-framework: Possible RCE via spring messaging
https://notcve.org/view.php?id=CVE-2018-1270
06 Apr 2018 — Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. Spring Framework, en versiones 5.0 anteriores a la 5.0.5 y versiones 4.3 anteriores a la 4.3.15, así como versiones más antiguas no soportadas, permite ... • https://packetstorm.news/files/id/147974 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 6.5EPSS: 92%CPEs: 72EXPL: 0CVE-2018-1271 – spring-framework: Directory traversal vulnerability with static resources on Windows filesystems
https://notcve.org/view.php?id=CVE-2018-1271
06 Apr 2018 — Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g. CSS, JS, images). When static resources are served from a file system on Windows (as opposed to the classpath, or the ServletContext), a malicious user can send a request using a specially crafted URL that can lead a directory traversal attack. Spring Framework, en versiones 5.0 anteriores a la 5.0.5 y versiones 4.3 anterior... • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 1%CPEs: 67EXPL: 0CVE-2018-1272 – spring-framework: Multipart content pollution
https://notcve.org/view.php?id=CVE-2018-1272
06 Apr 2018 — Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, provide client-side support for multipart requests. When Spring MVC or Spring WebFlux server application (server A) receives input from a remote client, and then uses that input to make a multipart request to another server (server B), it can be exposed to an attack, where an extra multipart is inserted in the content of the request from server A, causing server B to use the wrong value for a part ... • http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 9.8EPSS: 94%CPEs: 174EXPL: 2CVE-2017-5645 – log4j: Socket receiver deserialization vulnerability
https://notcve.org/view.php?id=CVE-2017-5645
17 Apr 2017 — In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code. En Apache Log4j 2.x en versiones anteriores a 2.8.2, cuando se utiliza el servidor de socket TCP o el servidor de socket UDP para recibir sucesos de registro serializados de otra aplicación, puede enviarse una carga binaria especialmente diseñada que, cuando se des... • https://github.com/pimps/CVE-2017-5645 • CWE-502: Deserialization of Untrusted Data •