Components Vulnerabilities Pricing MCP API

Find vulnerabilities. Fix fast with AI.

Search components by package, version, or CVE to get started.

org.trailsframework.examples/recipe 1.2.1… | Sonatype Guide

Get full component data and automated fixes with Sonatype Guide.

Sign up for free

org.trailsframework.examples

recipe

1.2.1

recipe 1.2.1

Latest

org.trailsframework.examples

PublishedSep 2, 2008•Policy

compliance

Developer Trust Score

Recommended Version:x.y.z

Recommended upgrade that meets your policy.

Compare Versions

Severity

Critical (0)

High (0)

Medium (9)

Low (0)

CVSS Score

0.010.0

EPSS Score

0.01.0

Malware

KEV StatusPublished

6.9CVE-2024-38828

Spring MVC controller methods with an @RequestBody byte[] method parameter are vulnerable to a DoS attack.

PublishedNov 15, 2024

5.3sonatype-2018-0705

commons-io - Path Traversal [CVE-2021-29425]

PublishedAug 19, 2020

5.3sonatype-2014-0173

Apache Commons FileUpload - Resource Leak

PublishedJul 30, 2018

5.1CVE-2011-2731

Race condition in the RunAsManager mechanism in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 stores the Authentication object in the shared security context, which allows attackers to gain privileges via a crafted thread.

PublishedJul 11, 2018

5.3sonatype-2008-0044

spring-security-web - SEC-966: Consider adding escapeXml attribute to security:authentication

PublishedJul 10, 2018

5.0sonatype-2017-0507

spring-security-web - Cross-Site Request Forgery

PublishedJun 27, 2018

5.3sonatype-2012-0050

commons-codec - Base32 would decode some invalid Base32 encoded string into arbitrary value

PublishedNov 22, 2017

5.4CVE-2013-6430

The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring Framework before 3.2.2 does not properly escape certain characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a (1) line separator or (2) paragraph separator Unicode character or (3) left or (4) right angle bracket.

PublishedMar 28, 2017

5.0CVE-2009-1190

Algorithmic complexity vulnerability in the java.util.regex.Pattern.compile method in Sun Java Development Kit (JDK) before 1.6, when used with spring.jar in SpringSource Spring Framework 1.1.0 through 2.5.6 and 3.0.0.M1 through 3.0.0.M2 and dm Server 1.0.0 through 1.0.2, allows remote attackers to cause a denial of service (CPU consumption) via serializable data with a long regex string containing multiple optional groups, a related issue to CVE-2004-2540.

PublishedMar 28, 2017