Описание
An issue was discovered in Pivotal Spring Framework before 3.2.18, 4.2.x before 4.2.9, and 4.3.x before 4.3.5. Paths provided to the ResourceServlet were not properly sanitized and as a result exposed to directory traversal attacks.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | 4.3.5-1 |
| cosmic | not-affected | 4.3.5-1 |
| devel | not-affected | 4.3.5-1 |
| disco | not-affected | 4.3.5-1 |
| eoan | not-affected | 4.3.5-1 |
| esm-apps/bionic | not-affected | 4.3.5-1 |
| esm-apps/focal | not-affected | 4.3.5-1 |
| esm-apps/jammy | not-affected | 4.3.5-1 |
| esm-apps/xenial | released | 3.2.13-5ubuntu0.1~esm1 |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
An issue was discovered in Pivotal Spring Framework before 3.2.18, 4.2.x before 4.2.9, and 4.3.x before 4.3.5. Paths provided to the ResourceServlet were not properly sanitized and as a result exposed to directory traversal attacks.
An issue was discovered in Pivotal Spring Framework before 3.2.18, 4.2.x before 4.2.9, and 4.3.x before 4.3.5. Paths provided to the ResourceServlet were not properly sanitized and as a result exposed to directory traversal attacks.
An issue was discovered in Pivotal Spring Framework before 3.2.18, 4.2 ...
Pivotal Spring Framework Paths provided to the ResourceServlet were not properly sanitized
EPSS
5 Medium
CVSS2
7.5 High
CVSS3