Description

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g. CSS, JS, images). When static resources are served from a file system on Windows (as opposed to the classpath, or the ServletContext), a malicious user can send a request using a specially crafted URL that can lead a directory traversal attack.

Remediation

References

https://pivotal.io/security/cve-2018-1271

http://www.securityfocus.com/bid/103699

https://access.redhat.com/errata/RHSA-2018:1320

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

https://access.redhat.com/errata/RHSA-2018:2669

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

https://access.redhat.com/errata/RHSA-2018:2939

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

https://www.oracle.com/security-alerts/cpujul2020.html

https://www.oracle.com/security-alerts/cpuoct2021.html

Related Vulnerabilities

CVE-2023-46244 Vulnerability in maven package org.xwiki.platform:xwiki-platform-display-api

CVE-2013-4942 Vulnerability in maven package org.webjars:yui

CVE-2018-11039 Vulnerability in maven package org.springframework:spring-web

CVE-2021-26539 Vulnerability in maven package org.webjars.npm:sanitize-html

CVE-2020-2224 Vulnerability in maven package org.jenkins-ci.plugins:matrix-project

Severity

Medium

Classification

CWE-22 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Vendor Advisory Third Party Advisory VDB Entry Patch