exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2018-1270

около 7 лет назад

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack.

CVSS3: 9.8

EPSS: Высокий

CVE-2018-1270

около 7 лет назад

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack.

CVSS3: 9.8

EPSS: Высокий

CVE-2018-1270

около 7 лет назад

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack.

CVSS3: 9.8

EPSS: Высокий

CVE-2018-1270

около 7 лет назад

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior t ...

CVSS3: 9.8

EPSS: Высокий

GHSA-p5hg-3xm3-gcjg

больше 6 лет назад

Spring Framework allows applications to expose STOMP over WebSocket endpoints

CVSS3: 9.8

EPSS: Высокий

BDU:2019-01223

около 7 лет назад

Уязвимость модуля spring-messaging программной платформы Spring Framework, позволяющая нарушителю выполнить произвольный код

CVSS3: 9.8

EPSS: Высокий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2018-1270 Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack.	CVSS3: 9.8	89% Высокий	около 7 лет назад
CVE-2018-1270 Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack.	CVSS3: 9.8	89% Высокий	около 7 лет назад
CVE-2018-1270 Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack.	CVSS3: 9.8	89% Высокий	около 7 лет назад
CVE-2018-1270 Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior t ...	CVSS3: 9.8	89% Высокий	около 7 лет назад
GHSA-p5hg-3xm3-gcjg Spring Framework allows applications to expose STOMP over WebSocket endpoints	CVSS3: 9.8	89% Высокий	больше 6 лет назад
BDU:2019-01223 Уязвимость модуля spring-messaging программной платформы Spring Framework, позволяющая нарушителю выполнить произвольный код	CVSS3: 9.8	89% Высокий	около 7 лет назад

Уязвимостей на страницу