DNA View

Critical Severity Vulnerability

This vulnerability has been rated as Critical severity. Immediate action is recommended.

CVE-2016-1000027

Critical
Low Medium High Critical
9.8
CVSS Score
Published: Jan 02, 2020
Last Modified: Nov 21, 2024

Vulnerability Description

Pivotal Spring Framework through 5.3.16 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication may be required. NOTE: the vendor's position is that untrusted data is not an intended use case. The product's behavior will not be changed because some users rely on deserialization of trusted data.

CVSS Metrics

Common Vulnerability Scoring System

Vector String:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
N
Attack Complexity
L
Privileges Required
N
User Interaction
N
Scope
U
Confidentiality
H
Integrity
H
Availability
H

Known Affected Software

203 configuration(s) from 1 vendor(s)

spring_framework
Version:
3.2.0
CPE:
cpe:2.3:a:vmware:spring_framework:3.2.0:-:*:*:*:*:*:*
spring_framework
Version:
5.3.33
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.33:*:*:*:*:*:*:*
spring_framework
Version:
4.1.4
CPE:
cpe:2.3:a:vmware:spring_framework:4.1.4:*:*:*:*:*:*:*
spring_framework
Version:
4.1.0
CPE:
cpe:2.3:a:vmware:spring_framework:4.1.0:-:*:*:*:*:*:*
spring_framework
Version:
5.0.17
CPE:
cpe:2.3:a:vmware:spring_framework:5.0.17:*:*:*:*:*:*:*
spring_framework
Version:
5.3.31
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.31:*:*:*:*:*:*:*
spring_framework
Version:
5.3.1
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.1:*:*:*:*:*:*:*
spring_framework
Version:
5.0.11
CPE:
cpe:2.3:a:vmware:spring_framework:5.0.11:*:*:*:*:*:*:*
spring_framework
Version:
5.1.10
CPE:
cpe:2.3:a:vmware:spring_framework:5.1.10:*:*:*:*:*:*:*
spring_framework
Version:
4.2.5
CPE:
cpe:2.3:a:vmware:spring_framework:4.2.5:*:*:*:*:*:*:*
spring_framework
Version:
5.3.4
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.4:*:*:*:*:*:*:*
spring_framework
Version:
4.3.26
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.26:*:*:*:*:*:*:*
spring_framework
Version:
5.2.23
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.23:*:*:*:*:*:*:*
spring_framework
Version:
5.1.7
CPE:
cpe:2.3:a:vmware:spring_framework:5.1.7:*:*:*:*:*:*:*
spring_framework
Version:
3.2.11
CPE:
cpe:2.3:a:vmware:spring_framework:3.2.11:*:*:*:*:*:*:*
spring_framework
Version:
5.2.13
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.13:*:*:*:*:*:*:*
spring_framework
Version:
3.0.3
CPE:
cpe:2.3:a:vmware:spring_framework:3.0.3:*:*:*:*:*:*:*
spring_framework
Version:
5.3.28
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.28:*:*:*:*:*:*:*
spring_framework
Version:
5.3.37
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.37:*:*:*:*:*:*:*
spring_framework
Version:
5.3.18
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.18:*:*:*:*:*:*:*
spring_framework
Version:
4.3.20
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.20:*:*:*:*:*:*:*
spring_framework
Version:
3.1.3
CPE:
cpe:2.3:a:vmware:spring_framework:3.1.3:*:*:*:*:*:*:*
spring_framework
Version:
4.3.28
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.28:*:*:*:*:*:*:*
spring_framework
Version:
4.3.16
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.16:*:*:*:*:*:*:*
spring_framework
Version:
4.1.9
CPE:
cpe:2.3:a:vmware:spring_framework:4.1.9:*:*:*:*:*:*:*
spring_framework
Version:
5.2.16
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.16:*:*:*:*:*:*:*
spring_framework
Version:
5.1.9
CPE:
cpe:2.3:a:vmware:spring_framework:5.1.9:*:*:*:*:*:*:*
spring_framework
Version:
5.2.17
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.17:*:*:*:*:*:*:*
spring_framework
Version:
5.3.8
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.8:*:*:*:*:*:*:*
spring_framework
Version:
5.3.19
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.19:*:*:*:*:*:*:*
spring_framework
Version:
5.2.25
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.25:*:*:*:*:*:*:*
spring_framework
Version:
4.0.8
CPE:
cpe:2.3:a:vmware:spring_framework:4.0.8:*:*:*:*:*:*:*
spring_framework
Version:
5.0.2
CPE:
cpe:2.3:a:vmware:spring_framework:5.0.2:*:*:*:*:*:*:*
spring_framework
Version:
5.2.14
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.14:*:*:*:*:*:*:*
spring_framework
Version:
4.3.2
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.2:*:*:*:*:*:*:*
spring_framework
Version:
5.0.10
CPE:
cpe:2.3:a:vmware:spring_framework:5.0.10:*:*:*:*:*:*:*
spring_framework
Version:
4.3.0
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.0:-:*:*:*:*:*:*
spring_framework
Version:
4.3.1
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.1:*:*:*:*:*:*:*
spring_framework
Version:
5.3.38
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.38:*:*:*:*:*:*:*
spring_framework
Version:
4.1.1
CPE:
cpe:2.3:a:vmware:spring_framework:4.1.1:*:*:*:*:*:*:*
spring_framework
Version:
4.2.0
CPE:
cpe:2.3:a:vmware:spring_framework:4.2.0:-:*:*:*:*:*:*
spring_framework
Version:
4.0.5
CPE:
cpe:2.3:a:vmware:spring_framework:4.0.5:*:*:*:*:*:*:*
spring_framework
Version:
4.3.21
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.21:*:*:*:*:*:*:*
spring_framework
Version:
3.2.13
CPE:
cpe:2.3:a:vmware:spring_framework:3.2.13:*:*:*:*:*:*:*
spring_framework
Version:
4.0.2
CPE:
cpe:2.3:a:vmware:spring_framework:4.0.2:*:*:*:*:*:*:*
spring_framework
Version:
5.2.9
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.9:*:*:*:*:*:*:*
spring_framework
Version:
3.0.2
CPE:
cpe:2.3:a:vmware:spring_framework:3.0.2:*:*:*:*:*:*:*
spring_framework
Version:
4.1.6
CPE:
cpe:2.3:a:vmware:spring_framework:4.1.6:*:*:*:*:*:*:*
spring_framework
Version:
5.2.2
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.2:*:*:*:*:*:*:*
spring_framework
Version:
4.3.4
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.4:*:*:*:*:*:*:*
spring_framework
Version:
5.2.21
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.21:*:*:*:*:*:*:*
spring_framework
Version:
4.1.2
CPE:
cpe:2.3:a:vmware:spring_framework:4.1.2:*:*:*:*:*:*:*
spring_framework
Version:
5.3.29
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.29:*:*:*:*:*:*:*
spring_framework
Version:
5.3.14
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.14:*:*:*:*:*:*:*
spring_framework
Version:
4.3.5
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.5:*:*:*:*:*:*:*
spring_framework
Version:
4.2.9
CPE:
cpe:2.3:a:vmware:spring_framework:4.2.9:*:*:*:*:*:*:*
spring_framework
Version:
5.2.3
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.3:*:*:*:*:*:*:*
spring_framework
Version:
3.2.4
CPE:
cpe:2.3:a:vmware:spring_framework:3.2.4:*:*:*:*:*:*:*
spring_framework
Version:
5.2.19
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.19:*:*:*:*:*:*:*
spring_framework
Version:
5.1.20
CPE:
cpe:2.3:a:vmware:spring_framework:5.1.20:*:*:*:*:*:*:*
spring_framework
Version:
5.1.14
CPE:
cpe:2.3:a:vmware:spring_framework:5.1.14:*:*:*:*:*:*:*
spring_framework
Version:
3.2.17
CPE:
cpe:2.3:a:vmware:spring_framework:3.2.17:*:*:*:*:*:*:*
spring_framework
Version:
5.3.27
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.27:*:*:*:*:*:*:*
spring_framework
Version:
5.3.13
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.13:*:*:*:*:*:*:*
spring_framework
Version:
5.3.24
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.24:*:*:*:*:*:*:*
spring_framework
Version:
5.2.0
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.0:-:*:*:*:*:*:*
spring_framework
Version:
5.2.20
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.20:*:*:*:*:*:*:*
spring_framework
Version:
5.0.3
CPE:
cpe:2.3:a:vmware:spring_framework:5.0.3:*:*:*:*:*:*:*
spring_framework
Version:
5.3.17
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.17:*:*:*:*:*:*:*
spring_framework
Version:
4.3.18
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.18:*:*:*:*:*:*:*
spring_framework
Version:
5.2.22
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.22:*:*:*:*:*:*:*
spring_framework
Version:
5.3.30
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.30:*:*:*:*:*:*:*
spring_framework
Version:
5.3.10
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.10:*:*:*:*:*:*:*
spring_framework
Version:
5.1.11
CPE:
cpe:2.3:a:vmware:spring_framework:5.1.11:*:*:*:*:*:*:*
spring_framework
Version:
5.1.6
CPE:
cpe:2.3:a:vmware:spring_framework:5.1.6:*:*:*:*:*:*:*
spring_framework
Version:
4.3.30
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.30:*:*:*:*:*:*:*
spring_framework
Version:
4.3.7
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.7:*:*:*:*:*:*:*
spring_framework
Version:
4.1.8
CPE:
cpe:2.3:a:vmware:spring_framework:4.1.8:*:*:*:*:*:*:*
spring_framework
Version:
3.2.15
CPE:
cpe:2.3:a:vmware:spring_framework:3.2.15:*:*:*:*:*:*:*
spring_framework
Version:
5.1.15
CPE:
cpe:2.3:a:vmware:spring_framework:5.1.15:*:*:*:*:*:*:*
spring_framework
Version:
3.2.12
CPE:
cpe:2.3:a:vmware:spring_framework:3.2.12:*:*:*:*:*:*:*
spring_framework
Version:
5.0.12
CPE:
cpe:2.3:a:vmware:spring_framework:5.0.12:*:*:*:*:*:*:*
spring_framework
Version:
5.0.13
CPE:
cpe:2.3:a:vmware:spring_framework:5.0.13:*:*:*:*:*:*:*
spring_framework
Version:
5.3.0
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.0:milestone1:*:*:*:*:*:*
spring_framework
Version:
5.1.16
CPE:
cpe:2.3:a:vmware:spring_framework:5.1.16:*:*:*:*:*:*:*
spring_framework
Version:
5.1.19
CPE:
cpe:2.3:a:vmware:spring_framework:5.1.19:*:*:*:*:*:*:*
spring_framework
Version:
5.2.11
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.11:*:*:*:*:*:*:*
spring_framework
Version:
5.3.26
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.26:*:*:*:*:*:*:*
spring_framework
Version:
5.1.13
CPE:
cpe:2.3:a:vmware:spring_framework:5.1.13:*:*:*:*:*:*:*
spring_framework
Version:
5.3.23
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.23:*:*:*:*:*:*:*
spring_framework
Version:
3.0.6
CPE:
cpe:2.3:a:vmware:spring_framework:3.0.6:*:*:*:*:*:*:*
spring_framework
Version:
5.0.8
CPE:
cpe:2.3:a:vmware:spring_framework:5.0.8:*:*:*:*:*:*:*
spring_framework
Version:
5.0.1
CPE:
cpe:2.3:a:vmware:spring_framework:5.0.1:*:*:*:*:*:*:*
spring_framework
Version:
5.3.40
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.40:*:*:*:*:*:*:*
spring_framework
Version:
4.3.29
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.29:*:*:*:*:*:*:*
spring_framework
Version:
3.2.2
CPE:
cpe:2.3:a:vmware:spring_framework:3.2.2:*:*:*:*:*:*:*
spring_framework
Version:
4.3.11
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.11:*:*:*:*:*:*:*
spring_framework
Version:
5.2.7
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.7:*:*:*:*:*:*:*
spring_framework
Version:
4.2.8
CPE:
cpe:2.3:a:vmware:spring_framework:4.2.8:*:*:*:*:*:*:*
spring_framework
Version:
5.3.7
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.7:*:*:*:*:*:*:*
spring_framework
Version:
3.2.1
CPE:
cpe:2.3:a:vmware:spring_framework:3.2.1:*:*:*:*:*:*:*
spring_framework
Version:
5.3.21
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.21:*:*:*:*:*:*:*
spring_framework
Version:
5.2.6
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.6:*:*:*:*:*:*:*
spring_framework
Version:
4.0.9
CPE:
cpe:2.3:a:vmware:spring_framework:4.0.9:*:*:*:*:*:*:*
spring_framework
Version:
3.2.3
CPE:
cpe:2.3:a:vmware:spring_framework:3.2.3:*:*:*:*:*:*:*
spring_framework
Version:
3.2.16
CPE:
cpe:2.3:a:vmware:spring_framework:3.2.16:*:*:*:*:*:*:*
spring_framework
Version:
5.3.12
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.12:*:*:*:*:*:*:*
spring_framework
Version:
4.3.6
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.6:*:*:*:*:*:*:*
spring_framework
Version:
5.2.5
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.5:*:*:*:*:*:*:*
spring_framework
Version:
3.0.0
CPE:
cpe:2.3:a:vmware:spring_framework:3.0.0:-:*:*:*:*:*:*
spring_framework
Version:
4.3.3
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.3:*:*:*:*:*:*:*
spring_framework
Version:
5.2.1
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.1:*:*:*:*:*:*:*
spring_framework
Version:
5.0.6
CPE:
cpe:2.3:a:vmware:spring_framework:5.0.6:*:*:*:*:*:*:*
spring_framework
Version:
3.1.1
CPE:
cpe:2.3:a:vmware:spring_framework:3.1.1:*:*:*:*:*:*:*
spring_framework
Version:
5.3.41
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.41:*:*:*:*:*:*:*
spring_framework
Version:
4.3.13
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.13:*:*:*:*:*:*:*
spring_framework
Version:
3.1.2
CPE:
cpe:2.3:a:vmware:spring_framework:3.1.2:*:*:*:*:*:*:*
spring_framework
Version:
4.0.3
CPE:
cpe:2.3:a:vmware:spring_framework:4.0.3:*:*:*:*:*:*:*
spring_framework
Version:
4.0.0
CPE:
cpe:2.3:a:vmware:spring_framework:4.0.0:-:*:*:*:*:*:*
spring_framework
Version:
4.2.7
CPE:
cpe:2.3:a:vmware:spring_framework:4.2.7:*:*:*:*:*:*:*
spring_framework
Version:
4.2.1
CPE:
cpe:2.3:a:vmware:spring_framework:4.2.1:*:*:*:*:*:*:*
spring_framework
Version:
5.3.11
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.11:*:*:*:*:*:*:*
spring_framework
Version:
5.3.36
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.36:*:*:*:*:*:*:*
spring_framework
Version:
5.0.18
CPE:
cpe:2.3:a:vmware:spring_framework:5.0.18:*:*:*:*:*:*:*
spring_framework
Version:
5.1.12
CPE:
cpe:2.3:a:vmware:spring_framework:5.1.12:*:*:*:*:*:*:*
spring_framework
Version:
5.2.8
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.8:*:*:*:*:*:*:*
spring_framework
Version:
5.2.4
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.4:*:*:*:*:*:*:*
spring_framework
Version:
5.1.4
CPE:
cpe:2.3:a:vmware:spring_framework:5.1.4:*:*:*:*:*:*:*
spring_framework
Version:
5.0.0
CPE:
cpe:2.3:a:vmware:spring_framework:5.0.0:-:*:*:*:*:*:*
spring_framework
Version:
4.3.24
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.24:*:*:*:*:*:*:*
spring_framework
Version:
4.3.27
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.27:*:*:*:*:*:*:*
spring_framework
Version:
3.0.4
CPE:
cpe:2.3:a:vmware:spring_framework:3.0.4:*:*:*:*:*:*:*
spring_framework
Version:
5.3.20
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.20:*:*:*:*:*:*:*
spring_framework
Version:
5.0.5
CPE:
cpe:2.3:a:vmware:spring_framework:5.0.5:*:*:*:*:*:*:*
spring_framework
Version:
4.3.17
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.17:*:*:*:*:*:*:*
spring_framework
Version:
5.0.7
CPE:
cpe:2.3:a:vmware:spring_framework:5.0.7:*:*:*:*:*:*:*
spring_framework
Version:
5.3.35
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.35:*:*:*:*:*:*:*
spring_framework
Version:
5.0.19
CPE:
cpe:2.3:a:vmware:spring_framework:5.0.19:*:*:*:*:*:*:*
spring_framework
Version:
4.2.2
CPE:
cpe:2.3:a:vmware:spring_framework:4.2.2:*:*:*:*:*:*:*
spring_framework
Version:
3.2.5
CPE:
cpe:2.3:a:vmware:spring_framework:3.2.5:*:*:*:*:*:*:*
spring_framework
Version:
5.1.0
CPE:
cpe:2.3:a:vmware:spring_framework:5.1.0:-:*:*:*:*:*:*
spring_framework
Version:
4.3.15
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.15:*:*:*:*:*:*:*
spring_framework
Version:
5.1.2
CPE:
cpe:2.3:a:vmware:spring_framework:5.1.2:*:*:*:*:*:*:*
spring_framework
Version:
5.2.18
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.18:*:*:*:*:*:*:*
spring_framework
Version:
4.3.10
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.10:*:*:*:*:*:*:*
spring_framework
Version:
5.2.12
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.12:*:*:*:*:*:*:*
spring_framework
Version:
4.3.9
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.9:*:*:*:*:*:*:*
spring_framework
Version:
4.3.14
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.14:*:*:*:*:*:*:*
spring_framework
Version:
5.0.20
CPE:
cpe:2.3:a:vmware:spring_framework:5.0.20:*:*:*:*:*:*:*
spring_framework
Version:
5.3.6
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.6:*:*:*:*:*:*:*
spring_framework
Version:
4.1.7
CPE:
cpe:2.3:a:vmware:spring_framework:4.1.7:*:*:*:*:*:*:*
spring_framework
Version:
5.0.9
CPE:
cpe:2.3:a:vmware:spring_framework:5.0.9:*:*:*:*:*:*:*
spring_framework
Version:
4.3.19
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.19:*:*:*:*:*:*:*
spring_framework
Version:
5.1.5
CPE:
cpe:2.3:a:vmware:spring_framework:5.1.5:*:*:*:*:*:*:*
spring_framework
Version:
3.2.10
CPE:
cpe:2.3:a:vmware:spring_framework:3.2.10:*:*:*:*:*:*:*
spring_framework
Version:
4.1.3
CPE:
cpe:2.3:a:vmware:spring_framework:4.1.3:*:*:*:*:*:*:*
spring_framework
Version:
5.0.15
CPE:
cpe:2.3:a:vmware:spring_framework:5.0.15:*:*:*:*:*:*:*
spring_framework
Version:
5.0.4
CPE:
cpe:2.3:a:vmware:spring_framework:5.0.4:*:*:*:*:*:*:*
spring_framework
Version:
3.2.6
CPE:
cpe:2.3:a:vmware:spring_framework:3.2.6:*:*:*:*:*:*:*
spring_framework
Version:
5.3.25
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.25:*:*:*:*:*:*:*
spring_framework
Version:
5.1.8
CPE:
cpe:2.3:a:vmware:spring_framework:5.1.8:*:*:*:*:*:*:*
spring_framework
Version:
4.3.8
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.8:*:*:*:*:*:*:*
spring_framework
Version:
5.2.15
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.15:*:*:*:*:*:*:*
spring_framework
Version:
4.2.3
CPE:
cpe:2.3:a:vmware:spring_framework:4.2.3:*:*:*:*:*:*:*
spring_framework
Version:
5.3.3
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.3:*:*:*:*:*:*:*
spring_framework
Version:
4.0.7
CPE:
cpe:2.3:a:vmware:spring_framework:4.0.7:*:*:*:*:*:*:*
spring_framework
Version:
5.3.2
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.2:*:*:*:*:*:*:*
spring_framework
Version:
5.1.3
CPE:
cpe:2.3:a:vmware:spring_framework:5.1.3:*:*:*:*:*:*:*
spring_framework
Version:
5.1.1
CPE:
cpe:2.3:a:vmware:spring_framework:5.1.1:*:*:*:*:*:*:*
spring_framework
Version:
5.2.10
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.10:*:*:*:*:*:*:*
spring_framework
Version:
3.2.14
CPE:
cpe:2.3:a:vmware:spring_framework:3.2.14:*:*:*:*:*:*:*
spring_framework
Version:
3.0.5
CPE:
cpe:2.3:a:vmware:spring_framework:3.0.5:*:*:*:*:*:*:*
spring_framework
Version:
5.3.32
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.32:*:*:*:*:*:*:*
spring_framework
Version:
5.3.5
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.5:*:*:*:*:*:*:*
spring_framework
Version:
4.2.4
CPE:
cpe:2.3:a:vmware:spring_framework:4.2.4:*:*:*:*:*:*:*
spring_framework
Version:
5.1.18
CPE:
cpe:2.3:a:vmware:spring_framework:5.1.18:*:*:*:*:*:*:*
spring_framework
Version:
5.2.24
CPE:
cpe:2.3:a:vmware:spring_framework:5.2.24:*:*:*:*:*:*:*
spring_framework
Version:
5.3.15
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.15:*:*:*:*:*:*:*
spring_framework
Version:
4.3.12
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.12:*:*:*:*:*:*:*
spring_framework
Version:
4.0.6
CPE:
cpe:2.3:a:vmware:spring_framework:4.0.6:*:*:*:*:*:*:*
spring_framework
Version:
3.1.4
CPE:
cpe:2.3:a:vmware:spring_framework:3.1.4:*:*:*:*:*:*:*
spring_framework
Version:
5.3.39
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.39:*:*:*:*:*:*:*
spring_framework
Version:
4.0.4
CPE:
cpe:2.3:a:vmware:spring_framework:4.0.4:*:*:*:*:*:*:*
spring_framework
Version:
4.3.22
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.22:*:*:*:*:*:*:*
spring_framework
Version:
5.3.34
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.34:*:*:*:*:*:*:*
spring_framework
Version:
3.2.7
CPE:
cpe:2.3:a:vmware:spring_framework:3.2.7:*:*:*:*:*:*:*
spring_framework
Version:
5.0.16
CPE:
cpe:2.3:a:vmware:spring_framework:5.0.16:*:*:*:*:*:*:*
spring_framework
Version:
5.3.9
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.9:*:*:*:*:*:*:*
spring_framework
Version:
4.2.6
CPE:
cpe:2.3:a:vmware:spring_framework:4.2.6:*:*:*:*:*:*:*
spring_framework
Version:
5.3.16
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.16:*:*:*:*:*:*:*
spring_framework
Version:
4.3.25
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.25:*:*:*:*:*:*:*
spring_framework
Version:
3.1.0
CPE:
cpe:2.3:a:vmware:spring_framework:3.1.0:-:*:*:*:*:*:*
spring_framework
Version:
3.0.7
CPE:
cpe:2.3:a:vmware:spring_framework:3.0.7:*:*:*:*:*:*:*
spring_framework
Version:
5.0.14
CPE:
cpe:2.3:a:vmware:spring_framework:5.0.14:*:*:*:*:*:*:*
spring_framework
Version:
4.1.5
CPE:
cpe:2.3:a:vmware:spring_framework:4.1.5:*:*:*:*:*:*:*
spring_framework
Version:
4.3.23
CPE:
cpe:2.3:a:vmware:spring_framework:4.3.23:*:*:*:*:*:*:*
spring_framework
Version:
3.0.1
CPE:
cpe:2.3:a:vmware:spring_framework:3.0.1:*:*:*:*:*:*:*
spring_framework
Version:
3.2.9
CPE:
cpe:2.3:a:vmware:spring_framework:3.2.9:*:*:*:*:*:*:*
spring_framework
Version:
5.1.17
CPE:
cpe:2.3:a:vmware:spring_framework:5.1.17:*:*:*:*:*:*:*
spring_framework
Version:
3.2.18
CPE:
cpe:2.3:a:vmware:spring_framework:3.2.18:*:*:*:*:*:*:*
spring_framework
Version:
3.2.8
CPE:
cpe:2.3:a:vmware:spring_framework:3.2.8:*:*:*:*:*:*:*
spring_framework
Version:
4.0.1
CPE:
cpe:2.3:a:vmware:spring_framework:4.0.1:*:*:*:*:*:*:*
spring_framework
Version:
5.3.22
CPE:
cpe:2.3:a:vmware:spring_framework:5.3.22:*:*:*:*:*:*:*
This vulnerability affects 203 software configuration(s). Ensure you patch all affected systems.

Available Security Patches

2 patches available from vendors

View All Patches
Oracle

CPUAPR2025

Oracle Critical Patch Update Advisory - April 2025

Severity
Critical
Released
Apr 15, 2025
Restart Required
Security Update
Oracle

CPUJAN2025

Oracle Critical Patch Update Advisory - January 2025

Severity
Critical
Released
Jan 21, 2025
Restart Required
Security Update

References & Resources

Severity Details

9.8
out of 10.0
Critical

Weakness Type (CWE)

CWE-502 Top 25 #15

Deserialization of Untrusted Data

Description
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.
Exploit Likelihood
Medium
Typical Severity
Medium
OWASP Top 10
A08:2021-Software/Data Integrity Failures
Abstraction Level
Base

Key Information

Published Date
January 02, 2020