Known Vulnerabilities for Spring Framework by Pivotal Software
Listed below are 10 of the newest known vulnerabilities associated with "Spring Framework" by "Pivotal Software".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-22950 json | n Spring Framework versions 5.3.0 - 5.3.16 and older unsupported versions, it is possible for a user to provide a specially c... | 6.5 - MEDIUM | 2022-04-01 | 2022-06-22 |
| CVE-2021-22118 json | In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to... | 7.8 - HIGH | 2021-05-27 | 2022-10-25 |
| CVE-2020-5421 json | In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, t... | 6.5 - MEDIUM | 2020-09-19 | 2023-11-07 |
| CVE-2020-5398 json | In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an ap... | 7.5 - HIGH | 2020-01-17 | 2023-11-07 |
| CVE-2020-5397 json | Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Sp... | 5.3 - MEDIUM | 2020-01-17 | 2022-07-25 |
| CVE-2018-15801 json | Spring Security versions 5.1.x prior to 5.1.2 contain an authorization bypass vulnerability during JWT issuer validation. In ... | 7.4 - HIGH | 2018-12-19 | 2022-06-03 |
| CVE-2018-15756 json | Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions... | 7.5 - HIGH | 2018-10-18 | 2023-11-07 |
| CVE-2018-11040 json | Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applicat... | 7.5 - HIGH | 2018-06-25 | 2022-06-23 |
| CVE-2018-11039 json | Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web ap... | 5.9 - MEDIUM | 2018-06-25 | 2022-06-23 |
| CVE-2018-1275 json | Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applicat... | 9.8 - CRITICAL | 2018-04-11 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Pivotal Software | Spring Framework | 5.2.3 | |||
| Application | Pivotal Software | Spring Framework | 5.2.2 | |||
| Application | Pivotal Software | Spring Framework | 5.2.1 | |||
| Application | Pivotal Software | Spring Framework | 5.2.0 | |||
| Application | Pivotal Software | Spring Framework | 5.2.0 | |||
| Application | Pivotal Software | Spring Framework | 5.2.0 | |||
| Application | Pivotal Software | Spring Framework | 5.2.0 | |||
| Application | Pivotal Software | Spring Framework | 5.2.0 | |||
| Application | Pivotal Software | Spring Framework | 5.2.0 | |||
| Application | Pivotal Software | Spring Framework | 5.1.9 | |||
| Application | Pivotal Software | Spring Framework | 5.1.8 | |||
| Application | Pivotal Software | Spring Framework | 5.1.7 | |||
| Application | Pivotal Software | Spring Framework | 5.1.6 | |||
| Application | Pivotal Software | Spring Framework | 5.1.5 | |||
| Application | Pivotal Software | Spring Framework | 5.1.4 | |||
| Application | Pivotal Software | Spring Framework | 5.1.3 | |||
| Application | Pivotal Software | Spring Framework | 5.1.2 | |||
| Application | Pivotal Software | Spring Framework | 5.1.13 | |||
| Application | Pivotal Software | Spring Framework | 5.1.12 | |||
| Application | Pivotal Software | Spring Framework | 5.1.11 |