Directory traversal vulnerability in Pivotal Spring Framework 3.x before 3.2.9 and 4.0 before 4.0.5 allows remote attackers to read arbitrary files via a crafted URL.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
DLA-1853-1 | libspring-java security update |
![]() |
EUVD-2022-5175 | Directory traversal vulnerability in Pivotal Spring Framework 3.x before 3.2.9 and 4.0 before 4.0.5 allows remote attackers to read arbitrary files via a crafted URL. |
![]() |
GHSA-rhcg-rwhx-qj3j | Improper Limitation of a Pathname to a Restricted Directory in Spring Framework |
![]() |
USN-4774-1 | Spring Framework vulnerabilities |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-06T10:50:18.031Z
Reserved: 2014-05-14T00:00:00
Link: CVE-2014-3578

No data.

Status : Deferred
Published: 2015-02-19T20:59:00.047
Modified: 2025-04-12T10:46:40.837
Link: CVE-2014-3578


No data.