Search for packages
| purl | pkg:maven/org.springframework.data/spring-data-commons@2.0.RELEASE |
| Tags | Ghost |
| Next non-vulnerable version | 2.0.7.RELEASE |
| Latest non-vulnerable version | 2.0.7.RELEASE |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-dam4-ygz5-aaaj
Aliases: CVE-2018-1273 GHSA-4fq3-mr56-cg6r |
Remote code injection vulnerability in org.springframework.data:spring-data-commons |
Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-wt73-58ea-aaac
Aliases: CVE-2018-1274 GHSA-5q8m-mqmx-pxp9 |
Spring Data Commons contain a property path parser vulnerability caused by unlimited resource allocation |
Affected by 0 other vulnerabilities. Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2024-09-17T22:42:13.944279+00:00 | GitLab Importer | Affected by | VCID-dam4-ygz5-aaaj | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1273.yml | 34.0.1 |
| 2024-01-03T18:04:23.629690+00:00 | GitLab Importer | Affected by | VCID-wt73-58ea-aaac | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1274.yml | 34.0.0rc1 |
| 2024-01-03T18:04:23.583789+00:00 | GitLab Importer | Affected by | VCID-dam4-ygz5-aaaj | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework.data/spring-data-commons/CVE-2018-1273.yml | 34.0.0rc1 |