A Bootiful Podcast: Mr. Spring in Action, Craig Walls

Hi, Spring fans! This week, I'm joined by one of my longtime heroes and fellow Disney fans, Craig Walls @habuma. He wrote the most popular book on Spring, Spring in Action, while helping the world stay connected with efforts like Spring Social. This episode was recorded live at SpringOne 2023, in...

at.molindo.social:spring-social-openid (=1.1.0.RELEASE), cn.jhc:spring-social-qq (>=0.0.2 <=0.0.5) +72 more potentially affected by CVE-2015-5258 via org.springframework.social:spring-social-core (>=1.0.0.RELEASE <=1.1.2.RELEASE)

org.springframework.social:spring-social-core MAVEN version =1.0.0.RELEASE, =0.0.2, =1.31.1, =1.19.2, =0.0.1, =1.0.1, =1.0.0, =1.0, =1.6-RELEASE and more Source cves: CVE-2015-5258 Source advisory: OSV:GHSA-W5R6-GX3Q-HMXJ...

Pivotal Software Spring Social Core Cross-Site Request Forgery Vulnerability

Pivotal Software Spring Social Core is a set of APIs for connecting social services from Pivotal Software, USA. A cross-site request forgery vulnerability exists in Pivotal Software Spring Social Core versions 1.0.0 to 1.0.3 and 1.1.0 to 1.1.2, which stems from the program failing to properly...

[SECURITY] Fedora 23 Update: springframework-social-1.0.3-3.fc23

The Spring Social project allows you to integrate the APIs exposed by Software-as-a-Service SaaS providers such as Facebook and Twitter into your applications. It consists of a service provider 'connect' framework, sign-in support, and strongly-typed Java API bindings...

Spring Social Java Library Social Authentication Vulnerability

A nasty cross-site request forgery vulnerability was patched Thursday in the Spring Social core library, one of the most pervasive Java application libraries. Spring Social facilitates social authentication between applications and online services, and the vulnerability allowed attackers to bypas...