Vulnerabilities > Pivotal > Spring Flex > High

DATE CVE VULNERABILITY TITLE RISK
2018-06-11 CVE-2017-3203 Deserialization of Untrusted Data vulnerability in Pivotal Spring-Flex
The Java implementations of AMF3 deserializers in Pivotal/Spring Spring-flex derive class instances from java.io.Externalizable rather than the AMF3 specification's recommendation of flash.utils.IExternalizable.
network
high complexity
pivotal CWE-502
8.1