Vulnerabilities > Vmware > Spring Framework > 5.3.27
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-18 | CVE-2024-38820 | Unspecified vulnerability in VMWare Spring Framework The fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive. | 5.3 |
2020-01-02 | CVE-2016-1000027 | Deserialization of Untrusted Data vulnerability in VMWare Spring Framework Pivotal Spring Framework through 5.3.16 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. | 9.8 |