Bug#769698: libspring-java: CVE-2014-3625 Directory Traversal in Spring Framework

bastien ROUCARIÈS Sat, 15 Nov 2014 08:57:53 -0800

Source: libspring-java
Version: 3.0.0
Severity: serious
Tags: security
Justification: must




According to https://github.com/spring-projects/spring-framework/commit/3f68cd 
versions affected include 3.0.0 to 3.2.11

The feature of '<mvc:resources/> ' seems to be introduced in 3.0.4 ( 
http://docs.spring.io/spring/d... ).

Bastien


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#769698: libspring-java: CVE-2014-3625 Directory Traversal in Spring Framework

Reply via email to