Vulnerabilities > Vmware > Spring Framework > 5.3.27

DATE CVE VULNERABILITY TITLE RISK
2024-10-18 CVE-2024-38820 Unspecified vulnerability in VMWare Spring Framework
The fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive.
network
low complexity
vmware
5.3
2020-01-02 CVE-2016-1000027 Deserialization of Untrusted Data vulnerability in VMWare Spring Framework
Pivotal Spring Framework through 5.3.16 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data.
network
low complexity
vmware CWE-502
critical
9.8