Browse all 9 CVE security advisories affecting Spring by Pivotal. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Spring is an open-source Java framework primarily used for building enterprise applications. Historically, it has been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often through misconfigurations or insecure default settings. The framework's extensive ecosystem and widespread adoption have made it a target for attackers. Notable security characteristics include its dependency on third-party libraries and frequent security updates. While no major incidents have been widely documented, the 9 CVEs on record highlight potential risks, particularly in versions prior to recent security hardening efforts. Proper configuration and timely patching remain critical for secure deployment.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2018-1229 | Pivotal Spring Batch Admin 跨站脚本漏洞 — Spring Batch AdminCWE-79 | 6.1 | - | 2018-03-21 |
| CVE-2018-1230 | Pivotal Spring Batch Admin 跨站请求伪造漏洞 — Spring Batch AdminCWE-352 | 8.8 | - | 2018-03-21 |
This page lists every published CVE security advisory associated with Spring by Pivotal. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.