Dell Emc Spring By Pivotal vulnerabilities

1 known vulnerability affecting dell_emc/spring_by_pivotal.

Total CVEs
1
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2018-1199MEDIUMCVSS 5.3vspring Security 4.1.0 - 4.1.4, 4.2.0 - 4.2.3, 5.0.0vSpring Framework 5.0.0 - 5.0.2, 4.3.0 - 4.3.13+1 more2018-03-16
CVE-2018-1199 [MEDIUM] CWE-20 CVE-2018-1199: Spring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14 and 5.0.x before 5.0.3) does not consider URL path parameters when processing security constraints. By adding a URL path parameter with special encodings, an attacker may be able to bypass a security constraint. The
cvelistv5nvd