Multiple Pivotal Products CVE-2017-8046 Remote Code Execution Vulnerability

Bugtraq ID: 100948
Class: Input Validation Error
CVE: CVE-2017-8046
Remote: Yes
Local: No
Published: Sep 21 2017 12:00AM
Updated: Sep 21 2017 12:00AM
Credit: Man Yue Mo from Semmle and lgtm.com.
Vulnerable: Pivotal Spring Data REST 2.6.6
Pivotal Spring Data REST 2.6
Pivotal Spring Data REST 2.5.11
Pivotal Spring Data REST 2.5
Pivotal Spring Data REST 3.0 RC2
Pivotal Spring Data REST 3.0 RC1
Pivotal Spring Data Ingalls-SR7
Pivotal Spring Data Hopper-SR11
Pivotal Spring Boot 2.0
Pivotal Spring Boot 1.5.7
Pivotal Spring Boot 1.4.7
Not Vulnerable: Pivotal Spring Data REST 2.6.7
Pivotal Spring Data REST 2.5.12
Pivotal Spring Data REST 3.0 RC3
Pivotal Spring Data Kay-RC3
Pivotal Spring Boot 2.0.0.M4


 

Privacy Statement
Copyright 2010, SecurityFocus