You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 through 3.2.x before 3.2.12, 4.0.x before 4.0.8, and 4.1.x before 4.1.2 allows remote attackers to read arbitrary files via unspecified vectors, related to static resource handling.
Fix Resolution: Users of affected versions should apply the following mitigation:
Users of 3.2.x should upgrade to 3.2.12 or later
Users of 4.0.x should upgrade to 4.0.8 or later
Users of 4.1.x should upgrade to 4.1.2 or later
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered:
CVE-2014-3625 - Medium Severity Vulnerability
Vulnerable Library - spring-webmvc-3.2.4.RELEASE.jar
Spring Web MVC
path: 2/repository/org/springframework/spring-webmvc/3.2.4.RELEASE/spring-webmvc-3.2.4.RELEASE.jar
Library home page: https://github.com/SpringSource/spring-framework
Dependency Hierarchy:
Vulnerability Details
Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 through 3.2.x before 3.2.12, 4.0.x before 4.0.8, and 4.1.x before 4.1.2 allows remote attackers to read arbitrary files via unspecified vectors, related to static resource handling.
Publish Date: 2014-11-20
URL: CVE-2014-3625
CVSS 2 Score Details (5.0)
Base Score Metrics not available
Suggested Fix
Type: Upgrade version
Origin: http://www.pivotal.io/security/cve-2014-3625
Release Date: 2017-12-31
Fix Resolution: Users of affected versions should apply the following mitigation: Users of 3.2.x should upgrade to 3.2.12 or later Users of 4.0.x should upgrade to 4.0.8 or later Users of 4.1.x should upgrade to 4.1.2 or later
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: