Known vulnerabilities in Pivotal Pivotal Spring Framework

Vendor: Pivotal
Website: https://pivotal.io/
Total Security Bulletins: 30

Security bulletins (30)

Secuity bulletin Severity Status Published
SB2025101638: CSRF in Spring Framework STOMP Medium
Patched
16.10.2025
SB20250916314: Information disclosure in Spring Framework Medium
Patched
16.09.2025
SB2025081411: Path traversal in Spring Framework Medium
Patched
14.08.2025
SB2025061720: Reflected file download attack in Spring Framework Medium
Patched
17.06.2025
SB2025051612: Security features bypass in Spring Framework Low
Patched
16.05.2025
SB2024112009: Remote denial of service in Spring Framework Medium
Patched
20.11.2024
SB2024101781: Multiple vulnerabilities in Spring Framework Medium
Patched Public exploit
17.10.2024
SB2024091290: Path traversal in Spring Framework Medium
Patched
12.09.2024
SB2024081480: Denial of service in Spring Framework via SpEL expressions Medium
Patched
14.08.2024
SB2024081479: Denial of service in Spring Framework via conditional HTTP request Medium
Patched
14.08.2024
SB2024052420: SSRF in Pivotal Spring Framework Medium
Patched
24.05.2024
SB2024031918: Server-Side Request Forgery (SSRF) in Spring Framework Medium
Patched
19.03.2024
SB2024022140: SSRF in Spring Framework Medium
Patched
21.02.2024
SB2024012665: Denial of service in Spring Framework Medium
Patched
26.01.2024
SB2023112966: Denial of service in Spring Framework Medium
Patched
29.11.2023
SB2023042742: Multiple vulnerabilities in Spring Framework Medium
Patched
27.04.2023
SB2023042131: Denial of service in Spring Framework Medium
Patched
21.04.2023
SB2022051201: Multiple vulnerabilities in VMware Spring Framework Medium
Patched Public exploit
12.05.2022
SB2022041405: Security restrictions bypass in Spring Framework Medium
Patched Public exploit
14.04.2022
SB2022033110: Denial of service in Spring Framework Medium
Patched
31.03.2022


Showing elements 1 - 20 out of 30