CVSS: 6.8EPSS: 2%CPEs: 3EXPL: 0CVE-2023-34055 – Spring Boot server Web Observations DoS Vulnerability
https://notcve.org/view.php?id=CVE-2023-34055
28 Nov 2023 — In Spring Boot versions 2.7.0 - 2.7.17, 3.0.0-3.0.12 and 3.1.0-3.1.5, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable when all of the following are true: * the application uses Spring MVC or Spring WebFlux * org.springframework.boot:spring-boot-actuator is on the classpath En las versiones 2.7.0 - 2.7.17, 3.0.0-3.0.12 y 3.1.0-3.1.5 de Spring Boot, es posible que un usuario proporcione solicitu... • https://security.netapp.com/advisory/ntap-20231221-0010 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2023-44794
https://notcve.org/view.php?id=CVE-2023-44794
25 Oct 2023 — An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL. Un problema en Dromara SaToken versión 1.36.0 y anteriores permite a un atacante remoto escalar privilegios a través de un payload manipulado a la URL. • https://github.com/dromara/Sa-Token/issues/515 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-20883 – spring-boot: Spring Boot Welcome Page DoS Vulnerability
https://notcve.org/view.php?id=CVE-2023-20883
26 May 2023 — In Spring Boot versions 3.0.0 - 3.0.6, 2.7.0 - 2.7.11, 2.6.0 - 2.6.14, 2.5.0 - 2.5.14 and older unsupported versions, there is potential for a denial-of-service (DoS) attack if Spring MVC is used together with a reverse proxy cache. A flaw was found in Spring Boot, occurring prominently in Spring MVC with a reverse proxy cache. This issue requires Spring MVC to have auto-configuration enabled and the application to use Spring Boot's welcome page support, either static or templated, resulting in the applicat... • https://security.netapp.com/advisory/ntap-20230703-0008 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-20873 – spring-boot: Security Bypass With Wildcard Pattern Matching on Cloud Foundry
https://notcve.org/view.php?id=CVE-2023-20873
20 Apr 2023 — In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6+. 2.7.x users should upgrade to 2.7.11+. Users of older, unsupported versions should upgrade to 3.0.6+ or 2.7.11+. A flaw was found in Spring Boot. This targets specifically 'spring-boot-actuator-autoconfigure' package. • https://security.netapp.com/advisory/ntap-20230601-0009 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-22602 – Apache Shiro before 1.11.0, when used with Spring Boot 2.6+, may allow authentication bypass through a specially crafted HTTP request
https://notcve.org/view.php?id=CVE-2023-22602
14 Jan 2023 — When using Apache Shiro before 1.11.0 together with Spring Boot 2.6+, a specially crafted HTTP request may cause an authentication bypass. The authentication bypass occurs when Shiro and Spring Boot are using different pattern-matching techniques. Both Shiro and Spring Boot < 2.6 default to Ant style pattern matching. Mitigation: Update to Apache Shiro 1.11.0, or set the following Spring Boot configuration value: `spring.mvc.pathmatch.matching-strategy = ant_path_matcher` Cuando se utiliza Apache Shiro ante... • https://lists.apache.org/thread/dzj0k2smpzzgj6g666hrbrgsrlf9yhkl • CWE-436: Interpretation Conflict •
CVSS: 10.0EPSS: 14%CPEs: 5EXPL: 2CVE-2022-31691
https://notcve.org/view.php?id=CVE-2022-31691
04 Nov 2022 — Spring Tools 4 for Eclipse version 4.16.0 and below as well as VSCode extensions such as Spring Boot Tools, Concourse CI Pipeline Editor, Bosh Editor and Cloudfoundry Manifest YML Support version 1.39.0 and below all use Snakeyaml library for YAML editing support. This library allows for some special syntax in the YAML that under certain circumstances allows for potentially harmful remote code execution by the attacker. Spring Tools 4 para Eclipse versión 4.16.0 y siguientes, así como extensiones VSCode com... • https://github.com/SpindleSec/CVE-2022-31691 •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 2CVE-2022-27772
https://notcve.org/view.php?id=CVE-2022-27772
30 Mar 2022 — spring-boot versions prior to version v2.2.11.RELEASE was vulnerable to temporary directory hijacking. This vulnerability impacted the org.springframework.boot.web.server.AbstractConfigurableWebServerFactory.createTempDir method. NOTE: This vulnerability only affects products and/or versions that are no longer supported by the maintainer spring-boot versiones anteriores a v2.2.11.RELEASE eran vulnerables a un secuestro de directorios temporales. Esta vulnerabilidad afectaba al método org.springframework.boo... • https://github.com/puneetbehl/grails3-cve-2022-27772 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0CVE-2021-26987
https://notcve.org/view.php?id=CVE-2021-26987
15 Mar 2021 — Element Plug-in for vCenter Server incorporates SpringBoot Framework. SpringBoot Framework versions prior to 1.3.2 are susceptible to a vulnerability which when successfully exploited could lead to Remote Code Execution. All versions of Element Plug-in for vCenter Server, Management Services versions prior to 2.17.56 and Management Node versions through 12.2 contain vulnerable versions of SpringBoot Framework. Element Plug-in para vCenter Server incorpora SpringBoot Framework. Las versiones de SpringBo... • https://security.netapp.com/advisory/ntap-20210315-0001 •
CVSS: 5.9EPSS: 0%CPEs: 8EXPL: 0CVE-2018-1196
https://notcve.org/view.php?id=CVE-2018-1196
19 Mar 2018 — Spring Boot supports an embedded launch script that can be used to easily run the application as a systemd or init.d linux service. The script included with Spring Boot 1.5.9 and earlier and 2.0.0.M1 through 2.0.0.M7 is susceptible to a symlink attack which allows the "run_user" to overwrite and take ownership of any file on the same system. In order to instigate the attack, the application must be installed as a service and the "run_user" requires shell access to the server. Spring Boot application that ar... • https://pivotal.io/security/cve-2018-1196 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 10.0EPSS: 92%CPEs: 15EXPL: 11CVE-2017-8046 – Spring Data REST < 2.6.9 (Ingalls SR9) / 3.0.1 (Kay SR1) - PATCH Request Remote Code Execution
https://notcve.org/view.php?id=CVE-2017-8046
04 Jan 2018 — Malicious PATCH requests submitted to servers using Spring Data REST versions prior to 2.6.9 (Ingalls SR9), versions prior to 3.0.1 (Kay SR1) and Spring Boot versions prior to 1.5.9, 2.0 M6 can use specially crafted JSON data to run arbitrary Java code. Las peticiones PATCH maliciosas enviadas a servidores que utilizan versiones Spring Data REST anteriores a la 2.6.9 (Ingalls SR9), versiones anteriores a la 3.0.1 (Kay SR1) y versiones Spring Boot anteriores a la 1.5.9, 2.0 M6 pueden utilizar datos JSON espe... • https://packetstorm.news/files/id/146817 • CWE-20: Improper Input Validation •