9 CVEs

1 in CISA KEV

Spring by Pivotal Vulnerabilities

CVE security advisories and vulnerability history for Spring by Pivotal.

9

Total CVEs

Published

1

In CISA KEV

Exploited in the wild

2

Public exploits

With known exploit

6.3

Avg CVSS

2018–2018

Overview

Spring by Pivotal has 9 published CVE records since 2018, of which 1 are in CISA's Known Exploited Vulnerabilities catalog and 2 have a known public exploit. The average CVSS base score across scored CVEs is 6.3.

This page aggregates every publicly disclosed vulnerability (CVE) affecting Spring by Pivotal products, with severity breakdowns, the most-affected products, the most common weakness types, and the latest disclosures.

Severity and exploitation

How the CVSS severity of Spring by Pivotal's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical1

High0

Medium0

Low1

7 additional CVEs have no CVSS severity score.

In CISA’s Known Exploited Vulnerabilities catalog

1

One of Spring by Pivotal's CVEs is confirmed exploited in the wild.

Public exploits

2

2 of Spring by Pivotal's CVEs have a known public exploit available.

Most affected products

The Spring by Pivotal products with the most published CVEs.

Spring Framework7 CVEs
spring-framework5 CVEs
application testing suite4 CVEs
communications performance intelligence center4 CVEs
communications converged application server4 CVEs
communications services gatekeeper4 CVEs
communications diameter signaling router4 CVEs
big data discovery4 CVEs

Common weakness types

The CWE weakness categories most often found in Spring by Pivotal CVEs. Follow any weakness for its full explanation.

CNAs that assign these CVEs

The CVE Numbering Authorities that publish Spring by Pivotal CVE records.

dell9 CVEs

Latest Spring by Pivotal CVEs

The most recently disclosed vulnerabilities affecting Spring by Pivotal.

Low vulnerability · 2018-12-19
Low · CVSS 3.3
EPSS 0.1%2018-12-19
Vulnerability vulnerability · 2018-04-18
Unscored
EPSS 0.8%2018-04-18
Vulnerability vulnerability · 2018-04-11
CWE-94
Unscored
EPSS 38.1%2018-04-11
Critical vulnerability · 2018-04-11
CISA KEV
CWE-94
Critical · CVSS 9.3
EPSS 94.3%2018-04-11
Vulnerability vulnerability · 2018-04-06
Unscored
EPSS 2.2%2018-04-06
Vulnerability vulnerability · 2018-04-06
CWE-94
Unscored
EPSS 90.0%2018-04-06
Vulnerability vulnerability · 2018-04-06
CWE-22
Unscored
EPSS 91.0%2018-04-06
Vulnerability vulnerability · 2018-03-21
CWE-79
Unscored
EPSS 0.3%2018-03-21
Vulnerability vulnerability · 2018-03-21
CWE-352
Unscored
EPSS 0.1%2018-03-21

Track new Spring by Pivotal CVEs as they are disclosed and get AI-written analysis and remediation guidance.

Monitor Spring by Pivotal CVEs

Other vendors

Browse vulnerabilities for other tracked vendors.

microsoft24,097 CVEs Linux19,131 CVEs google14,281 CVEs apple14,019 CVEs oracle10,440 CVEs debian10,201 CVEs IBM8,265 CVEs Adobe7,222 CVEs

Browse all vendors

Frequently asked questions

Common questions about Spring by Pivotal vulnerabilities.

How many CVEs does Spring by Pivotal have?

Spring by Pivotal has 9 published CVE records since 2018, including 0 in the last two years.

How many Spring by Pivotal CVEs are in CISA KEV?

Yes — 1 of Spring by Pivotal's CVEs are listed in CISA's Known Exploited Vulnerabilities catalog, confirmed exploited in the wild and carrying a CISA remediation deadline.

Which Spring by Pivotal products have the most CVEs?

The Spring by Pivotal products with the most published CVEs are Spring Framework, spring-framework, application testing suite, communications performance intelligence center, communications converged application server.

What are the most common weakness types in Spring by Pivotal CVEs?

Spring by Pivotal's CVEs most often map to these CWE weakness types: CWE-94 (Improper Control of Generation of Code ('Code Injection')), CWE-22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')), CWE-352 (Cross-Site Request Forgery (CSRF)), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')).

Are there public exploits for Spring by Pivotal vulnerabilities?

Yes — 2 of Spring by Pivotal's CVEs have a known public exploit.

How many critical Spring by Pivotal vulnerabilities are there?

Spring by Pivotal has 1 critical and 0 high-severity CVEs.

What is the average severity of Spring by Pivotal CVEs?

The average CVSS base score across Spring by Pivotal's scored CVEs is 6.3.

References

Vulnerability data is sourced from the CVE Program; severity, KEV, and exploit signals are aggregated by RadicalNotion.AI.

Track Spring by Pivotal vulnerabilities

Monitor new Spring by Pivotal vulnerabilities as they are disclosed, with AI-written analysis and remediation guidance.

Start free See pricing