Description
Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 through 3.2.x before 3.2.12, 4.0.x before 4.0.8, and 4.1.x before 4.1.2 allows remote attackers to read arbitrary files via unspecified vectors, related to static resource handling.
Remediation
References
http://rhn.redhat.com/errata/RHSA-2015-0236.html
http://rhn.redhat.com/errata/RHSA-2015-0720.html
http://www.pivotal.io/security/cve-2014-3625
https://jira.spring.io/browse/SPR-12354
https://lists.debian.org/debian-lts-announce/2019/07/msg00012.html
Related Vulnerabilities
CVE-2020-6449 Vulnerability in npm package electron
CVE-2020-4045 Vulnerability in npm package ssb-db
CVE-2023-37963 Vulnerability in maven package io.jenkins.plugins:benchmark-evaluator
CVE-2017-2652 Vulnerability in maven package org.jvnet.hudson.plugins:distfork
CVE-2017-7667 Vulnerability in maven package org.apache.nifi:nifi