2 matches found
at.molindo.social:spring-social-openid (=1.1.0.RELEASE), cn.jhc:spring-social-qq (>=0.0.2 <=0.0.5) +72 more potentially affected by CVE-2015-5258 via org.springframework.social:spring-social-core (>=1.0.0.RELEASE <=1.1.2.RELEASE)
org.springframework.social:spring-social-core MAVEN version =1.0.0.RELEASE, =0.0.2, =1.31.1, =1.19.2, =0.0.1, =1.0.1, =1.0.0, =1.0, =1.6-RELEASE and more Source cves: CVE-2015-5258 Source advisory: OSV:GHSA-W5R6-GX3Q-HMXJ...
Pivotal Software Spring Social Core Cross-Site Request Forgery Vulnerability
Pivotal Software Spring Social Core is a set of APIs for connecting social services from Pivotal Software, USA. A cross-site request forgery vulnerability exists in Pivotal Software Spring Social Core versions 1.0.0 to 1.0.3 and 1.1.0 to 1.1.2, which stems from the program failing to properly...