Home

CVE-2014-3625

Description

Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 through 3.2.x before 3.2.12, 4.0.x before 4.0.8, and 4.1.x before 4.1.2 allows remote attackers to read arbitrary files via unspecified vectors, related to static resource handling.

Risk Information

Base Score
8.6
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
EPSS Score
Exploitation Probability
18.932

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2014-3625 are fixed in Spring-webmvc 3.2.12Windows
Vulnerabilities CVE-2014-3625 are fixed in Spring-webmvc 4.0.8Windows
Vulnerabilities CVE-2014-3625 are fixed in Spring-webmvc 4.1.2Windows
Vulnerabilities CVE-2014-3625 are fixed in Spring-webmvc for Linux 3.2.12Linux
Vulnerabilities CVE-2014-3625 are fixed in Spring-webmvc for Linux 4.0.8Linux
Vulnerabilities CVE-2014-3625 are fixed in Spring-webmvc for Linux 4.1.2Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234