CVE-2018-1259
- EPSS 10.29%
- Published 11.05.2018 20:29:00
- Last modified 21.11.2024 03:59:29
Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 prior to 2.0.7, used in combination with XMLBeam 1.4.14 or earlier versions, contains a property binder vulnerability caused by improper restriction of XML external entity references as unde...
CVE-2018-1274
- EPSS 0.97%
- Published 18.04.2018 16:29:00
- Last modified 12.09.2025 19:46:05
Spring Data Commons, versions 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property path parser vulnerability caused by unlimited resource allocation. An unauthenticated remote malicious user (or attacker) can issue reques...
CVE-2018-1273
- EPSS 94.19%
- Published 11.04.2018 13:29:00
- Last modified 30.07.2025 19:04:54
Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker...