2014-11-20 18:50:00 2019-07-14 02:15:11

Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 through 3.2.x before 3.2.12, 4.0.x before 4.0.8, and 4.1.x before 4.1.2 allows remote attackers to read arbitrary files via unspecified vectors, related to static resource handling.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE
Pivotal software Spring framework 3.0.4 (not an official CPE) Pivotal software Spring framework 3.0.5 (not an official CPE) Pivotal software Spring framework 3.0.6 (not an official CPE) Pivotal software Spring framework 3.0.7 (not an official CPE) Pivotal software Spring framework 3.1.0 (not an official CPE) Pivotal software Spring framework 3.1.0 - (not an official CPE) Pivotal software Spring framework 3.1.0 Milestone1 (not an official CPE) Pivotal software Spring framework 3.1.0 Milestone2 (not an official CPE) Pivotal software Spring framework 3.1.0 Rc1 (not an official CPE) Pivotal software Spring framework 3.1.0 Rc2 (not an official CPE) Pivotal software Spring framework 3.1.1 (not an official CPE) Pivotal software Spring framework 3.1.2 (not an official CPE) Pivotal software Spring framework 3.1.3 (not an official CPE) Pivotal software Spring framework 3.1.4 (not an official CPE) Pivotal software Spring framework 3.2.0 (not an official CPE) Pivotal software Spring framework 3.2.0 - (not an official CPE) Pivotal software Spring framework 3.2.0 Milestone1 (not an official CPE) Pivotal software Spring framework 3.2.0 Milestone2 (not an official CPE) Pivotal software Spring framework 3.2.0 Rc1 (not an official CPE) Pivotal software Spring framework 3.2.0 Rc2 (not an official CPE) Pivotal software Spring framework 3.2.0 Rc2-a (not an official CPE) Pivotal software Spring framework 3.2.1 (not an official CPE) Pivotal software Spring framework 3.2.2 (not an official CPE) Pivotal software Spring framework 3.2.3 (not an official CPE) Pivotal software Spring framework 3.2.4 (not an official CPE) Pivotal software Spring framework 3.2.5 (not an official CPE) Pivotal software Spring framework 3.2.6 (not an official CPE) Pivotal software Spring framework 3.2.7 (not an official CPE) Pivotal software Spring framework 3.2.8 (not an official CPE) Pivotal software Spring framework 3.2.9 (not an official CPE) Pivotal software Spring framework 3.2.10 (not an official CPE) Pivotal software Spring framework 3.2.11 (not an official CPE) Pivotal software Spring framework 4.0.0 (not an official CPE) Pivotal software Spring framework 4.0.0 - (not an official CPE) Pivotal software Spring framework 4.0.0 Milestone1 (not an official CPE) Pivotal software Spring framework 4.0.0 Milestone2 (not an official CPE) Pivotal software Spring framework 4.0.0 Milestone3 (not an official CPE) Pivotal software Spring framework 4.0.0 Rc1 (not an official CPE) Pivotal software Spring framework 4.0.0 Rc2 (not an official CPE) Pivotal software Spring framework 4.0.1 (not an official CPE) Pivotal software Spring framework 4.0.2 (not an official CPE) Pivotal software Spring framework 4.0.3 (not an official CPE) Pivotal software Spring framework 4.0.4 (not an official CPE) Pivotal software Spring framework 4.0.5 (not an official CPE) Pivotal software Spring framework 4.0.6 (not an official CPE) Pivotal software Spring framework 4.0.7 (not an official CPE) Pivotal Software Spring Framework 4.1.0 Pivotal software Spring framework 4.1.0 - (not an official CPE) Pivotal software Spring framework 4.1.0 Rc1 (not an official CPE) Pivotal software Spring framework 4.1.0 Rc2 (not an official CPE) Pivotal Software Spring Framework 4.1.1