Lucene search
GoogleOSV:GHSA-45VG-2V73-VM62HistoryOct 17, 2018 - 8:28 p.m.
Moderate severity vulnerability that affects org.springframework:spring-core
2018-10-1720:28:20
Google
osv.dev
10
EPSS
0.003
Percentile
70.5%
The Java SockJS client in Pivotal Spring Framework 4.1.x before 4.1.5 generates predictable session ids, which allows remote attackers to send messages to other sessions via unspecified vectors.
References
github.com/advisories/GHSA-45vg-2v73-vm62
github.com/spring-projects/spring-framework
github.com/spring-projects/spring-framework/commit/d63cfc8eebc396be009e733a81ebb4c984811f6e
github.com/spring-projects/spring-framework/commit/dc5b5ca8ee09c890352f89b2dae58bc0132d6545
nvd.nist.gov/vuln/detail/CVE-2015-0201
pivotal.io/security/cve-2015-0201
Related
debiancve
debiancve
CVE-2015-0201
2015-03-10 14:59:04
cve
cve
CVE-2015-0201
2015-03-10 14:59:04
github
github
Moderate severity vulnerability that affects org.springframework:spring-core
2018-10-17 20:28:20
nvd
nvd
CVE-2015-0201
2015-03-10 14:59:04
prion
prion
Design/Logic Flaw
2015-03-10 14:59:00
cvelist
cvelist
CVE-2015-0201
2015-03-10 14:00:00