CVE-2016-1000027 - Pivotal Spring Framework through 5.3.16 suffers from a potential remote code execution (RCE) issue i

CVE-2016-1000027

Summary

Pivotal Spring Framework through 5.3.16 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication may be required. NOTE: the vendor's position is that untrusted data is not an intended use case. The product's behavior will not be changed because some users rely on deserialization of trusted data.

References

Vulnerable Configurations

cpe:2.3:a:vmware:spring_framework:3.0.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.0:milestone3:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.0:milestone3:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.0:milestone4:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.0:milestone4:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.0:rc3:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.0:rc3:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.7:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.0.7:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.1.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.1.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.1.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.1.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.1.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.1.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.0:rc1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.0:rc1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.0:rc2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.0:rc2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.0:rc2-a:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.0:rc2-a:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.7:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.7:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.8:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.8:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.9:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.9:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.10:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.10:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.11:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.11:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.12:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.12:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.13:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.13:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.14:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.14:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.15:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.15:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.16:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.16:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.17:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.17:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.18:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:3.2.18:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.0:milestone3:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.0:milestone3:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.7:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.7:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.8:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.8:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.9:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.0.9:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.1.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.1.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.1.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.1.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.1.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.1.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.1.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.1.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.1.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.1.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.1.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.1.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.1.7:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.1.7:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.1.8:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.1.8:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.1.9:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.1.9:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.0:rc1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.0:rc1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.0:rc2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.0:rc2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.0:rc3:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.0:rc3:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.7:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.7:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.8:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.8:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.9:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.2.9:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.0:rc1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.0:rc1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.0:rc2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.0:rc2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.7:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.7:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.8:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.8:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.9:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.9:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.10:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.10:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.11:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.11:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.12:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.12:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.13:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.13:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.14:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.14:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.15:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.15:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.16:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.16:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.17:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.17:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.18:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.18:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.19:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.19:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.20:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.20:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.21:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.21:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.22:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.22:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.23:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.23:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.24:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.24:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.25:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.25:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.26:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.26:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.27:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.27:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.28:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.28:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.29:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.29:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.30:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:4.3.30:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.0:milestone3:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.0:milestone3:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.0:milestone4:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.0:milestone4:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.0:milestone5:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.0:milestone5:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.0:rc3:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.0:rc3:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.0:rc4:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.0:rc4:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.7:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.7:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.8:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.8:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.9:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.9:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.10:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.10:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.11:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.11:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.12:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.12:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.13:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.13:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.14:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.14:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.15:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.15:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.16:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.16:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.17:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.17:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.18:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.18:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.19:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.19:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.20:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.0.20:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.0:rc3:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.0:rc3:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.7:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.7:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.8:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.8:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.9:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.9:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.10:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.10:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.11:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.11:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.12:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.12:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.13:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.13:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.14:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.14:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.15:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.15:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.16:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.16:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.17:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.17:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.18:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.18:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.19:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.19:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.20:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.1.20:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.0:milestone3:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.0:milestone3:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.0:rc1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.0:rc1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.0:rc2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.0:rc2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.7:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.7:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.8:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.8:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.9:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.9:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.10:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.10:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.11:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.11:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.12:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.12:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.13:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.13:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.14:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.14:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.15:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.15:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.16:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.16:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.17:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.17:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.18:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.18:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.19:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.19:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.20:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.20:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.21:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.21:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.22:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.22:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.0:rc1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.0:rc1:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.0:rc2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.0:rc2:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.2:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.3:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.4:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.6:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.7:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.7:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.8:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.8:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.9:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.9:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.10:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.10:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.11:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.11:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.12:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.12:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.13:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.13:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.14:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.14:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.15:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.15:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.16:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.16:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.17:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.17:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.18:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.18:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.19:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.19:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.20:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.20:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.21:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.21:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.22:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.22:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.23:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.23:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.24:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.24:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.25:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.3.25:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 20-04-2023 - 09:15)
Impact:
Exploitability:

CWE

CWE-502

CAPEC

Object Injection
An adversary attempts to exploit an application by injecting additional, malicious content during its processing of serialized objects. Developers leverage serialization in order to convert data or state into a static, binary format for saving to disk or transferring over a network. These objects are then deserialized when needed to recover the data/state. By injecting a malformed object into a vulnerable application, an adversary can potentially compromise the application by manipulating the deserialization process. This can result in a number of unwanted outcomes, including remote code execution.

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

misc

Last major update

20-04-2023 - 09:15

Published

02-01-2020 - 23:15

Last modified

20-04-2023 - 09:15