Описание
In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input.
A flaw was found in springframework in versions prior to 5.0.16, 5.1.13, and 5.2.3. A reflected file download (RFD) attack is possible when a "Content-Disposition" header is set in response to where the filename attribute is derived from user supplied input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Отчет
This issue does not affect the version of SpringFramework (embedded in rhevm-dependencies) shipped with Red Hat Gluster Storage 3, as it does not provide support for spring-web. This issue does not affect the version of SpringFramework (embedded in rhvm-dependencies) shipped with Red Hat Virtualization, as it does not provide support for spring-web.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat JBoss BRMS 5 | springframework | Out of support scope | ||
| Red Hat JBoss Data Virtualization 6 | springframework | Out of support scope | ||
| Red Hat JBoss Fuse 6 | springframework | Out of support scope | ||
| Red Hat JBoss Fuse Service Works 6 | springframework | Out of support scope | ||
| Red Hat JBoss SOA Platform 5 | springframework | Out of support scope | ||
| Red Hat Storage 3 | rhevm-dependencies | Not affected | ||
| Red Hat Virtualization 4 | rhvm-dependencies | Not affected | ||
| Red Hat Fuse 7.8.0 | springframework | Fixed | RHSA-2020:5568 | 16.12.2020 |
Показывать по
Дополнительная информация
Статус:
8 High
CVSS3
Связанные уязвимости
In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input.
In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input.
In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x pri ...
RFD attack via Content-Disposition header sourced from request input by Spring MVC or Spring WebFlux Application
Уязвимость компонента Spring Framework программного продукта Oracle Retail Order Broker, позволяющая нарушителю получить полный контроль над приложением
8 High
CVSS3