uk.ac.ox.it.lti:lti-launch (>=1.5.0 <=1.6.0) potentially affected by CVE-2019-11269 via org.springframework.security.oauth:spring-security-oauth (=2.3.5.RELEASE)

org.springframework.security.oauth:spring-security-oauth MAVEN version =2.3.5.RELEASE is affected by a known vulnerability. The following packages have a transitive dependency on org.springframework.security.oauth:spring-security-oauth and may be impacted: - uk.ac.ox.it.lti:lti-launch =1.5.0,...

com.alexbt:springboot-autoconfigure-openid-oauth (=1.0.9), com.appdirect:service-integration-sdk (>=1.24 <=v11.129.7) +11 more potentially affected by CVE-2019-11269 via org.springframework.security.oauth:spring-security-oauth (>=2.0.10.RELEASE <=2.0.17.RELEASE)

org.springframework.security.oauth:spring-security-oauth MAVEN version =2.0.10.RELEASE, =1.24, =1.4.3, =2.7.4.7, =2.7.4.7, =2.7.4.7, =3.3.0.4, =3.3.0.4, =2.7.4.7, =4.4.0 Source cves: CVE-2019-11269 Source advisory: OSV:GHSA-MMF6-6597-3V6M...