Spring Security Advisories

Description Affected Spring Products and Versions Mitigation Credit This issue was identified internally by the Spring Security Team. History 2018-05-09: Initial vulnerability report published 2018-07-30: Clarifications on impacted versions

Description Affected Spring Products and Versions Mitigation Credit This issue was identified and responsibly reported by Philippe Arteau from GoSecure. References Spring Security OAuth

Description Affected Spring Products and Versions Mitigation Credit This issue was identified and responsibly reported by the Snyk Security Research Team. History 2018-05-09: Initial vulnerability report published

Description Affected Spring Products and Versions Mitigation Credit This vulnerability was responsibly reported by the Pivotal SSO Service team. History 2018-04-30: Initial vulnerability report published

Description Affected Spring Products and Versions Mitigation Credit This issue was identified and responsibly reported by Philippe Arteau, GoSecure Inc. References https://jira.spring.io/browse/DATACMNS-1282 https://github.com/spring-projects/spring-data…

Description Affected Spring Products and Versions Mitigation Credit This issue was identified and responsibly reported by Yevhenii Hrushka (Yevgeniy Grushka), Fortify Webinspect. References https://jira.spring.io/browse/DATACMNS-1285 https://github.com/spring…

Description Affected Spring Products and Versions Mitigation Credit This original issue CVE-2018-1270 was identified and responsibly reported by Alvaro Muñoz (@pwntester), Micro Focus Fortify. The subsequent CVE-2018-1275 partial fix was identified and…

Description Affected Spring Products and Versions Mitigation Credit This issue was identified and responsibly reported by Orange Tsai (@orange_8361) from DEVCORE. References Example