VulnerableCode Package Details - pkg:maven/org.springframework.data/spring-data-commons@1.13.0.RELEASE

Vulnerability	Summary	Fixed by
VCID-dam4-ygz5-aaaj Aliases: CVE-2018-1273 GHSA-4fq3-mr56-cg6r	Remote code injection vulnerability in org.springframework.data:spring-data-commons	1.13.11 Affected by 0 other vulnerabilities. 1.13.11.RELEASE Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 2.0.6 Affected by 0 other vulnerabilities. 2.0.6.RELEASE Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-t5ah-yp4n-aaag Aliases: CVE-2018-1259 GHSA-m929-7fr6-cvjg	Spring Data Commons, used in combination with XMLBeam, contains a property binder vulnerability caused by improper restriction of XML external entity references	1.13.12 Affected by 0 other vulnerabilities. 1.13.12.RELEASE Affected by 0 other vulnerabilities. 2.0.7 Affected by 0 other vulnerabilities. 2.0.7.RELEASE Affected by 0 other vulnerabilities.
VCID-wt73-58ea-aaac Aliases: CVE-2018-1274 GHSA-5q8m-mqmx-pxp9	Spring Data Commons contain a property path parser vulnerability caused by unlimited resource allocation	1.13.11 Affected by 0 other vulnerabilities. 1.13.11.RELEASE Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} 2.0.6 Affected by 0 other vulnerabilities. 2.0.6.RELEASE Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-20T14:17:39.641600+00:00	GitLab Importer	Affected by	VCID-t5ah-yp4n-aaag	None	36.1.3
2025-06-20T14:17:32.626417+00:00	GitLab Importer	Affected by	VCID-t5ah-yp4n-aaag	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1259.yml	36.1.3
2025-06-20T14:02:04.490997+00:00	GitLab Importer	Affected by	VCID-wt73-58ea-aaac	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1274.yml	36.1.3
2025-06-20T14:02:01.462695+00:00	GitLab Importer	Affected by	VCID-wt73-58ea-aaac	None	36.1.3
2025-06-20T14:01:56.585180+00:00	GitLab Importer	Affected by	VCID-dam4-ygz5-aaaj	None	36.1.3
2025-06-20T14:01:55.802658+00:00	GitLab Importer	Affected by	VCID-dam4-ygz5-aaaj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1273.yml	36.1.3
2025-06-03T21:03:52.767490+00:00	GitLab Importer	Affected by	VCID-t5ah-yp4n-aaag	None	36.1.0
2025-06-03T21:03:45.904896+00:00	GitLab Importer	Affected by	VCID-t5ah-yp4n-aaag	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1259.yml	36.1.0
2025-06-03T20:54:05.500841+00:00	GitLab Importer	Affected by	VCID-wt73-58ea-aaac	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1274.yml	36.1.0
2025-06-03T20:54:02.207448+00:00	GitLab Importer	Affected by	VCID-wt73-58ea-aaac	None	36.1.0
2025-06-03T20:53:57.313374+00:00	GitLab Importer	Affected by	VCID-dam4-ygz5-aaaj	None	36.1.0
2025-06-03T20:53:56.350200+00:00	GitLab Importer	Affected by	VCID-dam4-ygz5-aaaj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1273.yml	36.1.0
2025-06-02T20:43:36.616955+00:00	GitLab Importer	Affected by	VCID-t5ah-yp4n-aaag	None	36.1.2
2025-06-02T20:43:28.699717+00:00	GitLab Importer	Affected by	VCID-t5ah-yp4n-aaag	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1259.yml	36.1.2
2025-06-02T20:33:51.460737+00:00	GitLab Importer	Affected by	VCID-wt73-58ea-aaac	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1274.yml	36.1.2
2025-06-02T20:33:48.115814+00:00	GitLab Importer	Affected by	VCID-wt73-58ea-aaac	None	36.1.2
2025-06-02T20:33:43.040517+00:00	GitLab Importer	Affected by	VCID-dam4-ygz5-aaaj	None	36.1.2
2025-06-02T20:33:42.103029+00:00	GitLab Importer	Affected by	VCID-dam4-ygz5-aaaj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1273.yml	36.1.2
2025-04-03T17:04:34.632796+00:00	GitLab Importer	Affected by	VCID-t5ah-yp4n-aaag	None	36.0.0
2025-04-03T17:04:16.368225+00:00	GitLab Importer	Affected by	VCID-t5ah-yp4n-aaag	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1259.yml	36.0.0
2025-04-03T16:51:02.199990+00:00	GitLab Importer	Affected by	VCID-wt73-58ea-aaac	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1274.yml	36.0.0
2025-04-03T16:50:55.256719+00:00	GitLab Importer	Affected by	VCID-wt73-58ea-aaac	None	36.0.0
2025-04-03T16:50:45.502446+00:00	GitLab Importer	Affected by	VCID-dam4-ygz5-aaaj	None	36.0.0
2025-04-03T16:50:43.744958+00:00	GitLab Importer	Affected by	VCID-dam4-ygz5-aaaj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1273.yml	36.0.0
2025-02-18T06:56:04.701227+00:00	GitLab Importer	Affected by	VCID-t5ah-yp4n-aaag	None	35.1.0
2025-02-18T06:56:04.317133+00:00	GitLab Importer	Affected by	VCID-t5ah-yp4n-aaag	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1259.yml	35.1.0
2025-02-17T22:54:48.308955+00:00	GitLab Importer	Affected by	VCID-wt73-58ea-aaac	None	35.1.0
2025-02-17T22:54:48.127958+00:00	GitLab Importer	Affected by	VCID-wt73-58ea-aaac	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1274.yml	35.1.0
2025-02-17T22:54:47.580435+00:00	GitLab Importer	Affected by	VCID-dam4-ygz5-aaaj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1273.yml	35.1.0
2025-02-17T22:54:47.172264+00:00	GitLab Importer	Affected by	VCID-dam4-ygz5-aaaj	None	35.1.0
2024-11-21T02:40:42.830086+00:00	GitLab Importer	Affected by	VCID-t5ah-yp4n-aaag	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1259.yml	35.0.0
2024-11-20T22:14:18.416086+00:00	GitLab Importer	Affected by	VCID-wt73-58ea-aaac	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1274.yml	35.0.0
2024-11-20T22:14:18.200599+00:00	GitLab Importer	Affected by	VCID-dam4-ygz5-aaaj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1273.yml	35.0.0
2024-11-19T02:30:52.538181+00:00	GitLab Importer	Affected by	VCID-t5ah-yp4n-aaag	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1259.yml	34.3.2
2024-11-18T22:10:10.364140+00:00	GitLab Importer	Affected by	VCID-wt73-58ea-aaac	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1274.yml	34.3.2
2024-11-18T22:10:10.167333+00:00	GitLab Importer	Affected by	VCID-dam4-ygz5-aaaj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1273.yml	34.3.2
2024-10-08T03:05:51.863824+00:00	GitLab Importer	Affected by	VCID-t5ah-yp4n-aaag	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1259.yml	34.0.2
2024-10-07T23:10:30.069897+00:00	GitLab Importer	Affected by	VCID-wt73-58ea-aaac	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1274.yml	34.0.2
2024-10-07T23:10:29.856461+00:00	GitLab Importer	Affected by	VCID-dam4-ygz5-aaaj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1273.yml	34.0.2
2024-10-07T17:40:05.869491+00:00	GHSA Importer	Affected by	VCID-wt73-58ea-aaac	https://github.com/advisories/GHSA-5q8m-mqmx-pxp9	34.0.2
2024-10-07T17:40:05.275675+00:00	GHSA Importer	Affected by	VCID-dam4-ygz5-aaaj	https://github.com/advisories/GHSA-4fq3-mr56-cg6r	34.0.2
2024-10-07T17:40:00.230484+00:00	GHSA Importer	Affected by	VCID-t5ah-yp4n-aaag	https://github.com/advisories/GHSA-m929-7fr6-cvjg	34.0.2
2024-09-23T03:02:19.742733+00:00	GitLab Importer	Affected by	VCID-t5ah-yp4n-aaag	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1259.yml	34.0.1
2024-09-22T23:25:14.589759+00:00	GitLab Importer	Affected by	VCID-dam4-ygz5-aaaj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1273.yml	34.0.1
2024-09-22T18:11:51.991857+00:00	GHSA Importer	Affected by	VCID-wt73-58ea-aaac	https://github.com/advisories/GHSA-5q8m-mqmx-pxp9	34.0.1
2024-09-22T18:11:51.367140+00:00	GHSA Importer	Affected by	VCID-dam4-ygz5-aaaj	https://github.com/advisories/GHSA-4fq3-mr56-cg6r	34.0.1
2024-09-22T18:11:45.961282+00:00	GHSA Importer	Affected by	VCID-t5ah-yp4n-aaag	https://github.com/advisories/GHSA-m929-7fr6-cvjg	34.0.1
2024-09-17T22:42:13.984414+00:00	GitLab Importer	Affected by	VCID-wt73-58ea-aaac	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1274.yml	34.0.1
2024-04-24T05:37:05.954520+00:00	GitLab Importer	Affected by	VCID-t5ah-yp4n-aaag	None	34.0.0rc4
2024-04-24T05:37:05.723651+00:00	GitLab Importer	Affected by	VCID-t5ah-yp4n-aaag	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1259.yml	34.0.0rc4
2024-04-24T01:21:10.094105+00:00	GitLab Importer	Affected by	VCID-wt73-58ea-aaac	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1274.yml	34.0.0rc4
2024-04-24T01:21:09.888379+00:00	GitLab Importer	Affected by	VCID-wt73-58ea-aaac	None	34.0.0rc4
2024-04-24T01:21:09.679711+00:00	GitLab Importer	Affected by	VCID-dam4-ygz5-aaaj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1273.yml	34.0.0rc4
2024-04-24T01:21:09.245882+00:00	GitLab Importer	Affected by	VCID-dam4-ygz5-aaaj	None	34.0.0rc4
2024-04-23T19:01:14.703208+00:00	GHSA Importer	Affected by	VCID-wt73-58ea-aaac	None	34.0.0rc4
2024-04-23T19:01:14.189958+00:00	GHSA Importer	Affected by	VCID-wt73-58ea-aaac	https://github.com/advisories/GHSA-5q8m-mqmx-pxp9	34.0.0rc4
2024-04-23T19:01:12.737267+00:00	GHSA Importer	Affected by	VCID-dam4-ygz5-aaaj	https://github.com/advisories/GHSA-4fq3-mr56-cg6r	34.0.0rc4
2024-04-23T19:01:12.096186+00:00	GHSA Importer	Affected by	VCID-dam4-ygz5-aaaj	None	34.0.0rc4
2024-04-23T19:00:48.862444+00:00	GHSA Importer	Affected by	VCID-t5ah-yp4n-aaag	https://github.com/advisories/GHSA-m929-7fr6-cvjg	34.0.0rc4
2024-04-23T19:00:48.689040+00:00	GHSA Importer	Affected by	VCID-t5ah-yp4n-aaag	None	34.0.0rc4
2024-01-10T08:08:48.059838+00:00	GitLab Importer	Affected by	VCID-t5ah-yp4n-aaag	None	34.0.0rc2
2024-01-10T08:08:47.822103+00:00	GitLab Importer	Affected by	VCID-t5ah-yp4n-aaag	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1259.yml	34.0.0rc2
2024-01-10T03:49:59.868239+00:00	GitLab Importer	Affected by	VCID-wt73-58ea-aaac	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1274.yml	34.0.0rc2
2024-01-10T03:49:59.663472+00:00	GitLab Importer	Affected by	VCID-wt73-58ea-aaac	None	34.0.0rc2
2024-01-10T03:49:59.448802+00:00	GitLab Importer	Affected by	VCID-dam4-ygz5-aaaj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1273.yml	34.0.0rc2
2024-01-10T03:49:59.022400+00:00	GitLab Importer	Affected by	VCID-dam4-ygz5-aaaj	None	34.0.0rc2
2024-01-09T20:53:19.579217+00:00	GHSA Importer	Affected by	VCID-wt73-58ea-aaac	https://github.com/advisories/GHSA-5q8m-mqmx-pxp9	34.0.0rc2
2024-01-09T20:53:19.004913+00:00	GHSA Importer	Affected by	VCID-wt73-58ea-aaac	None	34.0.0rc2
2024-01-09T20:53:17.896937+00:00	GHSA Importer	Affected by	VCID-dam4-ygz5-aaaj	https://github.com/advisories/GHSA-4fq3-mr56-cg6r	34.0.0rc2
2024-01-09T20:53:17.274188+00:00	GHSA Importer	Affected by	VCID-dam4-ygz5-aaaj	None	34.0.0rc2
2024-01-09T20:53:00.023958+00:00	GHSA Importer	Affected by	VCID-t5ah-yp4n-aaag	https://github.com/advisories/GHSA-m929-7fr6-cvjg	34.0.0rc2
2024-01-09T20:52:59.850059+00:00	GHSA Importer	Affected by	VCID-t5ah-yp4n-aaag	None	34.0.0rc2
2024-01-04T00:54:10.092793+00:00	GitLab Importer	Affected by	VCID-t5ah-yp4n-aaag	None	34.0.0rc1
2024-01-04T00:54:09.858132+00:00	GitLab Importer	Affected by	VCID-t5ah-yp4n-aaag	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1259.yml	34.0.0rc1
2024-01-03T20:27:14.178134+00:00	GitLab Importer	Affected by	VCID-wt73-58ea-aaac	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1274.yml	34.0.0rc1
2024-01-03T20:27:13.967182+00:00	GitLab Importer	Affected by	VCID-wt73-58ea-aaac	None	34.0.0rc1
2024-01-03T20:27:13.738507+00:00	GitLab Importer	Affected by	VCID-dam4-ygz5-aaaj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1273.yml	34.0.0rc1
2024-01-03T20:27:13.299856+00:00	GitLab Importer	Affected by	VCID-dam4-ygz5-aaaj	None	34.0.0rc1
2024-01-03T16:03:35.027445+00:00	GHSA Importer	Affected by	VCID-wt73-58ea-aaac	None	34.0.0rc1
2024-01-03T16:03:33.654854+00:00	GHSA Importer	Affected by	VCID-dam4-ygz5-aaaj	None	34.0.0rc1
2024-01-03T16:03:21.331219+00:00	GHSA Importer	Affected by	VCID-t5ah-yp4n-aaag	None	34.0.0rc1

Next non-vulnerable version	1.13.12.RELEASE
Latest non-vulnerable version	2.0.7.RELEASE
Risk	10.0