Spring Project Vulnerability Reports Published
The following CVEs have been published today:
- CVE-2018-1257 for Spring Framework 5.0.6, 4.3.17 .
- CVE-2018-1258 for Spring Security 5.0.5 .
- CVE-2018-1259 for Spring Data Ingalls SR12, Kay SR7 .
- CVE-2018-1260 for Spring Security OAuth 2.3.3, 2.2.2, 2.1.2, 2.0.15 .
- CVE-2018-1261 for Spring Integration “Zip” extension 1.0.1 .
Please, review the information in the CVE reports and upgrade immediately.