Vulnerabilities (CVE)
| CVE | Vendors | Products | Updated | CVSS |
|---|---|---|---|---|
| CVE-2018-11040 | 2 Pivotal Software, Oracle | 17 Spring Framework, Agile Product Lifecycle Management, Application Testing Suite and 14 more | 2019-10-03 | 4.3 |
| Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through AbstractJsonpResponseBodyAdvice for REST... | ||||
| CVE-2019-2817 | 1 Oracle | 2 Agile Product Life Management, Agile Product Lifecycle Management | 2019-07-30 | 3.6 |
| Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Folders, Files & Attachments). Supported versions that are affected are 9.3.3, 9.3.4, 9.3.5 and 9.3.6. Difficult to exploit vulnerability allows... | ||||
| CVE-2018-1257 | 3 Pivotal Software, Redhat, Oracle | 27 Spring Framework, Openshift, Agile Product Lifecycle Management and 24 more | 2019-07-23 | 4.0 |
| Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging... | ||||