Spring Framework CVE-2018-15756 Denial-Of-Service Vulnerability

Bugtraq ID: 105703
Class: Input Validation Error
CVE: CVE-2018-15756
Remote: Yes
Local: No
Published: Oct 16 2018 12:00AM
Updated: Jul 17 2019 07:00AM
Credit: Nicholas Starke from Aruba Threat Labs.
Vulnerable: Pivotal Spring Framework 5.0.9
Pivotal Spring Framework 5.0.6
Pivotal Spring Framework 5.0.5
Pivotal Spring Framework 5.0.4
Pivotal Spring Framework 5.0.3
Pivotal Spring Framework 5.0.2
Pivotal Spring Framework 5.0.1
Pivotal Spring Framework 4.3.19
Pivotal Spring Framework 4.3.18
Pivotal Spring Framework 4.3.17
Pivotal Spring Framework 4.3.16
Pivotal Spring Framework 4.3.15
Pivotal Spring Framework 4.3.14
Pivotal Spring Framework 4.3
Pivotal Spring Framework 4.2.2
Pivotal Spring Framework 4.2.1
Pivotal Spring Framework 4.2
Pivotal Spring Framework 5.1
Pivotal Spring Framework 4.3
Oracle Weblogic Server 10.3.6 0
Oracle Weblogic Server 12.2.1.3.0
Oracle Weblogic Server 12.1.3.0
Oracle WebCenter Sites 12.2.1.3.0
Oracle Retail Order Broker 5.2
Oracle Retail Order Broker 5.1
Oracle Retail Order Broker 16.0
Oracle Retail Order Broker 15.0
Oracle Retail Invoice Matching 14.1
Oracle Retail Invoice Matching 14.0
Oracle Retail Invoice Matching 13.2
Oracle Retail Invoice Matching 13.1
Oracle Retail Invoice Matching 13.0
Oracle Retail Invoice Matching 12.0
Oracle Retail Financial Integration 16.0
Oracle Retail Financial Integration 15.0
Oracle Retail Financial Integration 14.1
Oracle Retail Financial Integration 14.0
Oracle Retail Advanced Inventory Planning 15.0
Oracle Primavera Gateway 18.8
Oracle Primavera Gateway 17.12
Oracle Primavera Gateway 16.2
Oracle Primavera Gateway 15.2
Oracle Primavera Analytics 18.8
Oracle MySQL Enterprise Monitor 8.0.14
Oracle MySQL Enterprise Monitor 8.0.13
Oracle MySQL Enterprise Monitor 4.0.9
Oracle MySQL Enterprise Monitor 4.0.8
Oracle MySQL Enterprise Monitor 4.0.7
Oracle Insurance Rules Palette 11.0
Oracle Insurance Rules Palette 10.2
Oracle Insurance Rules Palette 10.1
Oracle Insurance Rules Palette 10.0
Oracle Insurance Policy Administration J2EE 11.0
Oracle Insurance Policy Administration J2EE 10.1
Oracle Insurance Policy Administration J2EE 10.0
Oracle Insurance Calculation Engine 9.7
Oracle Insurance Calculation Engine 10.2
Oracle Insurance Calculation Engine 10.1
Oracle Insurance Calculation Engine 10.0
Oracle FLEXCUBE Private Banking 12.1
Oracle FLEXCUBE Private Banking 12.0.3
Oracle FLEXCUBE Private Banking 12.0.1
Oracle Financial Services Analytical Applications Infrastructure 8.0.8
Oracle Financial Services Analytical Applications Infrastructure 8.0.7
Oracle Financial Services Analytical Applications Infrastructure 8.0.6
Oracle Financial Services Analytical Applications Infrastructure 8.0.5
Oracle Financial Services Analytical Applications Infrastructure 8.0.4
Oracle Financial Services Analytical Applications Infrastructure 8.0.3
Oracle Financial Services Analytical Applications Infrastructure 8.0.2
Oracle Endeca Information Discovery Integrator 3.2
Oracle Communications Online Mediation Controller 6.1
Oracle Agile PLM 9.3.5
Oracle Agile PLM 9.3.3
Oracle Agile PLM 9.3.6
Oracle Agile PLM 9.3.4
Not Vulnerable: Pivotal Spring Framework 5.1.1
Pivotal Spring Framework 5.0.10
Pivotal Spring Framework 4.3.20


 

Privacy Statement
Copyright 2010, SecurityFocus