CVE-2014-3625

Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 through 3.2.x before 3.2.12, 4.0.x before 4.0.8, and 4.1.x before 4.1.2 allows remote attackers to read arbitrary files via unspecified vectors, related to static resource handling.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:pivotal_software:spring_framework:*:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_framework:*:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_framework:*:*:*:*:*:*:*:*
cpe:2.3:a:pivotal_software:spring_framework:*:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*

History

11 Apr 2022, 17:16

Type Values Removed Values Added
First Time Vmware
Vmware spring Framework
CPE cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*

Information

Published : 2014-11-20 17:50

Updated : 2023-12-10 11:31


NVD link : CVE-2014-3625

Mitre link : CVE-2014-3625

CVE.ORG link : CVE-2014-3625


JSON object : View

Products Affected

pivotal_software

  • spring_framework

vmware

  • spring_framework
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')