GCVE - cpe:2.3:a:pivotal_software:spring_batch

Approved changes feed: RSS · Atom

cpe:2.3:a:pivotal_software:spring_batch_admin:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Pivotal Software (`a7eef617-cad9-5400-bbf0-2e56b16d90a7`)
Product	Spring Batch Admin (`f7d9ca2d-a174-50dc-b601-340134136ff7`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/spring-attic/spring-batch-admin`	purl2cpe	2026-06-01 10:11:00.337304

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2018-1230`	vulnerable	2026-06-03 14:38:30.577281	Details available Pivotal Spring Batch Admin, all versions, does not contain cross site request forgery protection. A remote unauthenticated user could craft a malicious site that executes requests to Spring Batch Admin. This issue has not been patched because Spring Batch Admin has reached end of life. Published: 2018-03-21T20:00:00.000Z Updated: 2024-09-16T19:24:07.571Z Open on db.gcve.eu Reference links https://pivotal.io/security/cve-2018-1230 http://www.securityfocus.com/bid/103463	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-1229`	vulnerable	2026-06-03 14:38:30.576861	Details available Pivotal Spring Batch Admin, all versions, contains a stored XSS vulnerability in the file upload feature. An unauthenticated malicious user with network access to Spring Batch Admin could store an arbitrary web script that would be executed by other users. This issue has not been patched because Spring Batch Admin has reached end of life. Published: 2018-03-21T20:00:00.000Z Updated: 2024-09-17T03:53:07.373Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/103462 https://pivotal.io/security/cve-2018-1229	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.