Description
Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 through 3.2.x before 3.2.12, 4.0.x before 4.0.8, and 4.1.x before 4.1.2 allows remote attackers to read arbitrary files via unspecified vectors, related to static resource handling.
Remediation
References
http://rhn.redhat.com/errata/RHSA-2015-0236.html
http://rhn.redhat.com/errata/RHSA-2015-0720.html
http://www.pivotal.io/security/cve-2014-3625
https://jira.spring.io/browse/SPR-12354
https://lists.debian.org/debian-lts-announce/2019/07/msg00012.html
Related Vulnerabilities
CVE-2019-16538 Vulnerability in maven package org.jenkins-ci.plugins:script-security
CVE-2021-41183 Vulnerability in maven package org.webjars:jquery-ui
CVE-2019-1003010 Vulnerability in maven package org.jenkins-ci.plugins:git
CVE-2023-44487 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core
CVE-2022-31197 Vulnerability in maven package org.postgresql:postgresql