Vulnerabilities > Pivotal > Spring Flex
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-06-11 | CVE-2017-3203 | Deserialization of Untrusted Data vulnerability in Pivotal Spring-Flex The Java implementations of AMF3 deserializers in Pivotal/Spring Spring-flex derive class instances from java.io.Externalizable rather than the AMF3 specification's recommendation of flash.utils.IExternalizable. | 8.1 |