The following CVEs have been published today:
- CVE-2018-1257 for Spring Framework 5.0.6, 4.3.17.
- CVE-2018-1258 for Spring Security 5.0.5.
- CVE-2018-1259 for Spring Data Ingalls SR12, Kay SR7.
- CVE-2018-1260 for Spring Security OAuth 2.3.3, 2.2.2, 2.1.2, 2.0.15.
- CVE-2018-1261 for Spring Integration “Zip” extension 1.0.1.
Please, review the information in the CVE reports and upgrade immediately.