CVSS: 6.8EPSS: 1%CPEs: 28EXPL: 1CVE-2013-7315
https://notcve.org/view.php?id=CVE-2013-7315
23 Jan 2014 — The Spring MVC in Spring Framework before 3.2.4 and 4.0.0.M1 through 4.0.0.M2 does not disable external entity resolution for the StAX XMLInputFactory, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML with JAXB, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152. NOTE: this issue was SPLIT from CVE-2013-4152 due to different affected versions. El Spring MVC en Spring Framework anterior ... • http://seclists.org/bugtraq/2013/Aug/154 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6430 – Framework: org.spring.web.util.JavaScriptUtils.javaScriptEscape insufficient escaping of characters
https://notcve.org/view.php?id=CVE-2013-6430
16 Jan 2014 — The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring Framework before 3.2.2 does not properly escape certain characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a (1) line separator or (2) paragraph separator Unicode character or (3) left or (4) right angle bracket. El método JavaScriptUtils.javaScriptEscape en el archivo web/util/JavaScriptUtils.java en Spring MVC en Spring Framework versiones anteriores a la versión 3.... • http://www.gopivotal.com/security/cve-2013-6430 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 66%CPEs: 4EXPL: 0CVE-2013-6429 – Framework: XML External Entity (XXE) injection flaw
https://notcve.org/view.php?id=CVE-2013-6429
15 Jan 2014 — The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152 and CVE-2013-7315. El SourceHttpMessageConverter en Spring MVC en Spring Framework antes de 3.2.5 y 4.0.0.M1 hasta 4.0.0.RC1 no desactiva resoluc... • http://rhn.redhat.com/errata/RHSA-2014-0400.html • CWE-352: Cross-Site Request Forgery (CSRF) CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 6.8EPSS: 93%CPEs: 27EXPL: 1CVE-2013-4152 – Framework: XML External Entity (XXE) injection flaw
https://notcve.org/view.php?id=CVE-2013-4152
23 Aug 2013 — The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in conjunction with an entity reference in a (1) DOMSource, (2) StAXSource, (3) SAXSource, or (4) StreamSource, aka an XML External Entity (XXE) issue. El wrapper Spring OXM en Spring Framework anterior a la versión 3... • http://rhn.redhat.com/errata/RHSA-2014-0212.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 2%CPEs: 17EXPL: 0CVE-2011-2730 – Framework: Information (internal server information, classpath, local working directories, session IDs) disclosure
https://notcve.org/view.php?id=CVE-2011-2730
05 Dec 2012 — VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language (EL), evaluates EL expressions in tags twice, which allows remote attackers to obtain sensitive information via a (1) name attribute in a (a) spring:hasBindErrors tag; (2) path attribute in a (b) spring:bind or (c) spring:nestedpath tag; (3) arguments, (4) code, (5) text, (6) var, (7) scope, or (8) message attribute in a (d) spring:message or (e) spring:theme tag; or (9) ... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677814 • CWE-16: Configuration •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 1CVE-2011-2894 – Security: Chosen commands execution on the server (Framework) or authentication token bypass (Security) by objects de-serialization
https://notcve.org/view.php?id=CVE-2011-2894
04 Oct 2011 — Spring Framework 3.0.0 through 3.0.5, Spring Security 3.0.0 through 3.0.5 and 2.0.0 through 2.0.6, and possibly other versions deserialize objects from untrusted sources, which allows remote attackers to bypass intended security restrictions and execute untrusted code by (1) serializing a java.lang.Proxy instance and using InvocationHandler, or (2) accessing internal AOP interfaces, as demonstrated using deserialization of a DefaultListableBeanFactory instance to execute arbitrary commands via the java.lang... • https://github.com/pwntester/SpringBreaker • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.5EPSS: 3%CPEs: 14EXPL: 8CVE-2010-1622 – Spring Framework - Arbitrary code Execution
https://notcve.org/view.php?id=CVE-2010-1622
21 Jun 2010 — SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file. SpringSource Spring Framework v2.5.x anteriores a v2.5.6.SEC02, v2.5.7 anteriores a v2.5.7.SR01, y v3.0.x anteriores a v3.0.3 permite a atacantes remotos ejecutar código arbitrario a través de una petición HTTP que contenga class.classLoader.URLs[0]=jar:... • https://www.exploit-db.com/exploits/13918 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') •
CVSS: 5.3EPSS: 4%CPEs: 173EXPL: 2CVE-2009-1190
https://notcve.org/view.php?id=CVE-2009-1190
27 Apr 2009 — Algorithmic complexity vulnerability in the java.util.regex.Pattern.compile method in Sun Java Development Kit (JDK) before 1.6, when used with spring.jar in SpringSource Spring Framework 1.1.0 through 2.5.6 and 3.0.0.M1 through 3.0.0.M2 and dm Server 1.0.0 through 1.0.2, allows remote attackers to cause a denial of service (CPU consumption) via serializable data with a long regex string containing multiple optional groups, a related issue to CVE-2004-2540. Una vulnerabilidad de complejidad algorítmica en e... • http://secunia.com/advisories/34892 • CWE-399: Resource Management Errors •