Lucene search
DellCVELIST:CVE-2016-9878HistoryDec 29, 2016 - 9:02 a.m.
CVE-2016-9878
2016-12-2909:02:00
dell
www.cve.org
An issue was discovered in Pivotal Spring Framework before 3.2.18, 4.2.x before 4.2.9, and 4.3.x before 4.3.5. Paths provided to the ResourceServlet were not properly sanitized and as a result exposed to directory traversal attacks.
CNA Affected
[
{
"product": "Pivotal Spring Framework before 3.2.18, 4.2.x before 4.2.9, and 4.3.x before 4.3.5",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Pivotal Spring Framework before 3.2.18, 4.2.x before 4.2.9, and 4.3.x before 4.3.5"
}
]
}
]References
www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
www.securityfocus.com/bid/95072
www.securitytracker.com/id/1040698
access.redhat.com/errata/RHSA-2017:3115
lists.debian.org/debian-lts-announce/2019/07/msg00012.html
pivotal.io/security/cve-2016-9878
security.netapp.com/advisory/ntap-20180419-0002/
www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
Related
veracode
veracode
Directory Traversal
2016-12-28 07:29:41
ubuntucve
ubuntucve
CVE-2016-9878
2016-12-29 00:00:00
redhatcve
redhatcve
CVE-2016-9878
2016-12-22 11:17:24
nvd
nvd
CVE-2016-9878
2016-12-29 09:59:00
cve
cve
CVE-2016-9878
2016-12-29 09:59:00
nessus
nessus
Fedora 25 : springframework (2016-f341d71730)
2017-01-03 00:00:00
MySQL Enterprise Monitor 3.3.x < 3.3.9.3339 / 3.4.x < 3.4.7.4296 / 4.0.x < 4.0.4.5233 Multiple Vulnerabilities (April 2018 CPU)
2018-08-09 00:00:00
Debian DLA-1853-1 : libspring-java security update
2019-07-15 00:00:00
debiancve
debiancve
CVE-2016-9878
2016-12-29 09:59:00
osv
osv
Pivotal Spring Framework Paths provided to the ResourceServlet were not properly sanitized
2018-10-04 20:29:55
libspring-java - security update
2019-07-13 00:00:00
libspring-java vulnerabilities
2021-03-17 17:02:03
fedora
fedora
[SECURITY] Fedora 25 Update: springframework-3.2.18-1.fc25
2017-01-01 21:51:55
openvas
openvas
Fedora Update for springframework FEDORA-2016-f341d71730
2017-01-04 00:00:00
Debian: Security Advisory (DLA-1853-1)
2019-07-14 00:00:00
Ubuntu: Security Advisory (USN-4774-1)
2023-01-27 00:00:00
github
github
prion
prion
Directory traversal
2016-12-29 09:59:00
ibm
ibm
redhat
redhat
debian
debian
[SECURITY] [DLA 1853-1] libspring-java security update
2019-07-13 21:20:48
ubuntu
ubuntu
Spring Framework vulnerabilities
2021-03-17 00:00:00
atlassian
atlassian
Insecure version of Spring Web MVC used in Confluence Analytics
2020-02-19 22:31:10
oracle
oracle
Oracle Critical Patch Update - April 2018
2018-04-17 00:00:00
Oracle Critical Patch Update - January 2018
2018-01-16 00:00:00
Oracle Critical Patch Update Advisory - July 2019
2019-07-16 00:00:00