Search CVE reports

Toggle filters

101 – 110 of 1351 results

CVE-2018-1275

Medium priority
Ignored

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through...

1 affected package

libspring-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libspring-java Not affected
Show less packages

CVE-2018-1272

Medium priority
Ignored

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, provide client-side support for multipart requests. When Spring MVC or Spring WebFlux server application (server A)...

1 affected package

libspring-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libspring-java Not affected
Show less packages

CVE-2018-1271

Negligible priority
Ignored

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g. CSS, JS, images). When static resources are...

1 affected package

libspring-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libspring-java Not affected
Show less packages

CVE-2018-1270

High priority

Some fixes available 2 of 3

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through...

1 affected package

libspring-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libspring-java Fixed
Show less packages

CVE-2018-1258

Medium priority

Not in release

Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that...

1 affected package

libspring-security-2.0-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libspring-security-2.0-java Not in release
Show less packages

CVE-2018-1257

Low priority
Vulnerable

Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through...

1 affected package

libspring-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libspring-java Not affected Not affected Not affected Not affected
Show less packages

CVE-2018-1199

Medium priority
Vulnerable

Spring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14 and 5.0.x before 5.0.3) does not consider URL path parameters when processing security...

1 affected package

libspring-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libspring-java Not affected Not affected Not affected Not affected
Show less packages

CVE-2018-11040

Medium priority
Vulnerable

Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding)...

1 affected package

libspring-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libspring-java Not affected Not affected Not affected Not affected
Show less packages

CVE-2018-11039

Medium priority
Vulnerable

Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applications to change the HTTP request method to any HTTP method (including TRACE) using...

1 affected package

libspring-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libspring-java Not affected Not affected Not affected Not affected
Show less packages

CVE-2018-1066

Medium priority

Some fixes available 10 of 17

The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted,...

96 affected packages

linux-azure-edge, linux-euclid, linux-flo, linux-goldfish, linux-hwe...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
linux-azure-edge Not in release Not in release Not in release Not affected
linux-euclid Not in release
linux-flo Not in release
linux-goldfish Not in release
linux-hwe Not in release Not in release Not in release Not affected
linux-hwe-edge Not in release Not in release Not in release Not affected
linux-mako Not in release
linux Not affected Not affected Not affected Not affected
linux-lts-quantal Not in release
linux-lts-raring Not in release
linux-lts-saucy Not in release
linux-lts-trusty Not in release
linux-grouper Not in release
linux-maguro Not in release
linux-manta Not in release
linux-raspi2 Not in release Not in release Ignored Not affected
linux-lts-utopic Not in release
linux-lts-vivid Not in release
linux-lts-wily Not in release
linux-lts-xenial Not in release Not in release Not in release Not in release
linux-snapdragon Not in release Not in release Not in release Not affected
linux-aws Not affected Not affected Not affected Not affected
linux-gke Not affected Not affected Ignored Not in release
linux-azure Not affected Not affected Not affected Not affected
linux-gcp Not affected Not affected Not affected Not affected
linux-kvm Not in release Not affected Not affected Not affected
linux-oem Not in release Not in release Not in release Not affected
linux-gcp-edge Not affected
linux-aws-hwe Not in release Not in release Not in release Not in release
linux-oracle Not affected Not affected Not affected Not affected
linux-hwe-5.4 Not in release Not in release Not in release Not affected
linux-hwe-5.15 Not in release Not in release Not affected Not in release
linux-hwe-6.8 Not in release Not affected Not in release Not in release
linux-aws-5.4 Not in release Not in release Not in release Not affected
linux-aws-5.15 Not in release Not in release Not affected Not in release
linux-azure-4.15 Not in release Not in release Not in release Not affected
linux-azure-5.4 Not in release Not in release Not in release Not affected
linux-azure-5.15 Not in release Not in release Not affected Not in release
linux-azure-fde Not in release Not affected Ignored Not in release
linux-azure-fde-5.15 Not in release Not in release Ignored Not in release
linux-bluefield Not in release Not in release Not affected Not in release
linux-fips Not in release Not affected Not affected Not affected
linux-aws-fips Not in release Not affected Not affected Not affected
linux-azure-fips Not in release Not affected Not affected Not affected
linux-gcp-fips Not in release Not affected Not affected Not affected
linux-gcp-4.15 Not in release Not in release Not in release Not affected
linux-gcp-5.4 Not in release Not in release Not in release Not affected
linux-gcp-5.15 Not in release Not in release Not affected Not in release
linux-gkeop Not affected Not affected Not affected Not in release
linux-gkeop-5.15 Not in release Not in release Not affected Not in release
linux-ibm Not affected Not affected Not affected Not in release
linux-ibm-5.4 Not in release Not in release Not in release Not affected
linux-ibm-5.15 Not in release Not in release Not affected Not in release
linux-intel Not affected Not in release Not in release Not in release
linux-intel-iotg Not in release Not affected Not in release Not in release
linux-intel-iotg-5.15 Not in release Not in release Not affected Not in release
linux-iot Not in release Not in release Not affected Not in release
linux-intel-iot-realtime Not in release Not affected Not in release Not in release
linux-lowlatency Not affected Not affected Not in release Not in release
linux-lowlatency-hwe-5.15 Not in release Not in release Not affected Not in release
linux-lowlatency-hwe-6.8 Not in release Not affected Not in release Not in release
linux-nvidia Not affected Not affected Not in release Not in release
linux-nvidia-6.5 Not in release Not affected Not in release Not in release
linux-nvidia-6.8 Not in release Not affected Not in release Not in release
linux-nvidia-lowlatency Not affected Not in release Not in release Not in release
linux-oracle-5.4 Not in release Not in release Not in release Not affected
linux-oracle-5.15 Not in release Not in release Not affected Not in release
linux-oem-6.8 Not affected Not in release Not in release Not in release
linux-raspi Not affected Not affected Not affected Not in release
linux-raspi-5.4 Not in release Not in release Not in release Not affected
linux-raspi-realtime Not affected Not in release Not in release Not in release
linux-realtime Not affected Not affected Not in release Not in release
linux-riscv Not affected Ignored Ignored Not in release
linux-riscv-5.15 Not in release Not in release Not affected Not in release
linux-riscv-6.8 Not in release Not affected Not in release Not in release
linux-xilinx-zynqmp Not in release Not affected Not affected Not in release
linux-aws-6.8 Not in release Not affected Not in release Not in release
linux-gcp-6.8 Not in release Not affected Not in release Not in release
linux-oracle-6.8 Not in release Not affected Not in release Not in release
linux-azure-6.8 Not in release Not affected Not in release Not in release
linux-oem-6.11 Not affected Not in release Not in release Not in release
linux-hwe-6.11 Ignored Not in release Not in release Not in release
linux-hwe-6.14 Not affected Not in release Not in release Not in release
linux-aws-6.14 Not affected Not in release Not in release Not in release
linux-azure-6.11 Ignored Not in release Not in release Not in release
linux-azure-nvidia Not affected Not in release Not in release Not in release
linux-gcp-6.11 Ignored Not in release Not in release Not in release
linux-gcp-6.14 Not affected Not in release Not in release Not in release
linux-ibm-6.8 Not in release Not affected Not in release Not in release
linux-lowlatency-hwe-6.11 Ignored Not in release Not in release Not in release
linux-nvidia-tegra Not affected Not affected Not in release Not in release
linux-nvidia-tegra-5.15 Not in release Not in release Not affected Not in release
linux-nvidia-tegra-igx Not in release Not affected Not in release Not in release
linux-oracle-6.14 Not affected Not in release Not in release Not in release
linux-oem-6.14 Not affected Not in release Not in release Not in release
linux-riscv-6.14 Not affected Not in release Not in release Not in release
Show all 96 packages Show less packages
  1. Previous page
  2. 9
  3. 10
  4. 11
  5. 12
  6. 13
  7. Next page
Export to JSON