VIR Vulnerability Intelligence Relay

Package impact

java Maven / org.springframework:spring-web

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2013-6429 medium 6.8 13y ago The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitra… debianjavavmware
CVE-2015-3192 medium 5.5 5.5 10y ago Pivotal Spring Framework DoS Attack with XML Input debianfedorajavavmware