Vulnerabilities > Pivotal > Spring Flex > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-11 | CVE-2017-3203 | Deserialization of Untrusted Data vulnerability in Pivotal Spring-Flex The Java implementations of AMF3 deserializers in Pivotal/Spring Spring-flex derive class instances from java.io.Externalizable rather than the AMF3 specification's recommendation of flash.utils.IExternalizable. | 6.8 |