LOW | JUNE 30, 2015 | CVE-2015-3192
Description Affected Spring Products and Versions Mitigation Credit This issue was identified responsibly and reported to Pivotal by Toshiaki Maki of NTT DATA Corporation who also helped to develop and test the solution. References https://jira.spring.io…
LOW | MARCH 06, 2015 | CVE-2015-0201
Description Affected Spring Products and Versions Mitigation Credit Philippe Arteau found and responsibly reported the problem to Pivotal. References https://github.com/spring-projects/spring-framework/commit/dc5b5ca8ee09c890352f89b2dae58bc0132d6545 https…
MEDIUM | NOVEMBER 11, 2014 | CVE-2014-3625
Description Affected Spring Products and Versions Mitigation Credit This issue was identified by Toshiaki Maki of NTT DATA Corporation and responsibly reported to Pivotal. References https://jira.spring.io/browse/SPR-12354 https://github.com/spring-projects…
MEDIUM | SEPTEMBER 05, 2014 | CVE-2014-3578
Description Affected Spring Products and Versions Mitigation Credit This issue was identified by Takeshi Terada of Mitsui Bussan Secure Directions, Inc. and reported to Pivotal via JPCERT/CC. Information that additional versions were affected was discovered by…
HIGH | AUGUST 15, 2014 | CVE-2014-3527
Description Affected Spring Products and Versions Mitigation Credit This issue was identified by David Ohsie and brought to our attention by the CAS Development team. References http://spring.io/blog/2014/08/15/cve-2014-3527-fixed-in-spring-security-3-2-5-and…
HIGH | MAY 28, 2014 | CVE-2014-0225
Description Affected Spring Products and Versions Mitigation Credit This issue was discovered and reported responsibly to the Pivotal security team by Nebula(XIAOBAISHAN,CHIBI,HUBEI.CN) HelloWorld security team, DBappsecurity.com security team. Additional…
HIGH | MARCH 11, 2014 | CVE-2014-0054
Description Affected Spring Products and Versions Mitigation Credit This issue was reported to the Spring Framework developers by Spase Markovski. References https://jira.springsource.org/browse/SPR-11376 https://github.com/spring-projects/spring-framework…
HIGH | MARCH 11, 2014 | CVE-2014-0097
Description Affected Spring Products and Versions Mitigation Credit This issue was identified by the Spring Development team. References https://jira.springsource.org/browse/SEC-2500 https://github.com/spring-projects/spring-security/commit/88559882e967085c47a…
MEDIUM | MARCH 11, 2014 | CVE-2014-1904
Description Affected Spring Products and Versions Mitigation Credit This issue was discovered and reported responsibly to the Pivotal security team by Paul Wowk of CAaNES LLC. References https://jira.springsource.org/browse/SPR-11426 https://github.com/spring…
HIGH | JANUARY 14, 2014 | CVE-2013-6429
Description Affected Spring Products and Versions Mitigation Credit This issue was identified by the Spring development team. References https://jira.springsource.org/browse/SPR-11078 History 2014-Jan-15: Initial vulnerability report. 2014-Jun-19: Update to…
