pkg:maven/org.springframework.data/spring-data-commons
Type
maven
Namespace
org.springframework.data
Name
spring-data-commons
Known advisories, vulnerabilities and fixes for org.springframework.data/spring-data-commons package.
Critical
1
High
2
Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
---|---|---|---|---|---|---|---|
Affected | >= 2.0.0, < 2.0.6 >= 1.13.0, < 1.13.11 |
CVE-2018-1273
|
MAVEN:GHSA-4FQ3-MR56-CG6R | Spring Data Commons remote code injection vulnerability | critical |
2018-10-17T17:23:24
(6 years ago) |
|
Fixed | = 2.0.6 = 1.13.11 |
CVE-2018-1273
|
MAVEN:GHSA-4FQ3-MR56-CG6R | Spring Data Commons remote code injection vulnerability | critical |
2018-10-17T17:23:24
(6 years ago) |
|
Affected | >= 2.0.0, < 2.0.6 < 1.13.11 |
CVE-2018-1274
|
MAVEN:GHSA-5Q8M-MQMX-PXP9 | Spring Data Commons contain a property path parser vulnerability caused by unlimited resource allocation | high |
2018-10-17T17:23:44
(6 years ago) |
|
Fixed | = 2.0.6 = 1.13.11 |
CVE-2018-1274
|
MAVEN:GHSA-5Q8M-MQMX-PXP9 | Spring Data Commons contain a property path parser vulnerability caused by unlimited resource allocation | high |
2018-10-17T17:23:44
(6 years ago) |
|
Affected | >= 2.0.0, < 2.0.7 >= 1.13.0, < 1.13.12 |
CVE-2018-1259
|
MAVEN:GHSA-M929-7FR6-CVJG | Spring Data Commons, used in combination with XMLBeam, contains a property binder vulnerability caused by improper restriction of XML external entity references | high |
2018-10-17T17:23:36
(6 years ago) |
|
Fixed | = 2.0.7 = 1.13.12 |
CVE-2018-1259
|
MAVEN:GHSA-M929-7FR6-CVJG | Spring Data Commons, used in combination with XMLBeam, contains a property binder vulnerability caused by improper restriction of XML external entity references | high |
2018-10-17T17:23:36
(6 years ago) |