3 matches found
K29042031: Multiple Spring Framework vulnerabilities
Security Advisory Description On April 5th, 2018, three new vulnerabilities were published in the popular Java web framework called Spring. Details on these vulnerabilities and exploit code are not yet available, and mitigation details may change if and when the exploit code is available. You can...
CVE-2018-1274
Spring Data Commons, versions 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property path parser vulnerability caused by unlimited resource allocation. An unauthenticated remote malicious user or attacker can issue requests against Spring Data REST endpoints or endpoint...
CVE-2018-1274
Spring Data Commons contains a property path parser vulnerability caused by unlimited resource allocation. Affected versions are 1.13 to 1.13.10 and 2.0 to 2.0.5 (and older unsupported versions). An unauthenticated remote attacker can issue requests against Spring Data REST endpoints or endpoints...