Description
Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 through 3.2.x before 3.2.12, 4.0.x before 4.0.8, and 4.1.x before 4.1.2 allows remote attackers to read arbitrary files via unspecified vectors, related to static resource handling.
Remediation
References
https://jira.spring.io/browse/SPR-12354
http://www.pivotal.io/security/cve-2014-3625
http://rhn.redhat.com/errata/RHSA-2015-0236.html
http://rhn.redhat.com/errata/RHSA-2015-0720.html
https://lists.debian.org/debian-lts-announce/2019/07/msg00012.html
Related Vulnerabilities
CVE-2023-46122 Vulnerability in maven package org.scala-sbt:io_2.12
CVE-2020-2121 Vulnerability in maven package org.jenkins-ci.plugins:google-kubernetes-engine
CVE-2023-3691 Vulnerability in maven package org.webjars.npm:layui
CVE-2018-1000836 Vulnerability in maven package org.bedework.caleng:bw-calendar-engine-impl
CVE-2022-23458 Vulnerability in maven package org.webjars.bowergithub.nhn:tui.grid