2 matches found
CVE-2018-1270
creationtimestamp| type| source ---|---|--- 2018-11-15 11:16:14+00:00| seen| https://t.me/cRyPtHoNINFOSECDE/144 2023-12-06 12:28:09+00:00| seen| https://t.me/arpsyndicate/1480 2025-01-31 19:15:57+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/3675...
spring-framework: Address partial fix for CVE-2018-1270
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user or attacker can craft a message to...