VMware offers training and certification to turbo-charge your progress.Learn more
We have released Spring Security OAuth 2.3.5, 2.2.4, 2.1.4 and 2.0.17 to address CVE-2019-3778: Open Redirector in spring-security-oauth2. Please review the information in the CVE report and upgrade immediately.
For additional changes included in each release, please refer to:
NOTE: For users of Spring Boot 1.5.x and Spring IO Platform Cairo, it is highly recommended to override the
spring-security-oauth version to the latest version containing the fix for the CVE. Please see the Mitigation section in the CVE report for detailed instructions on how to override the version.
Project Page | GitHub | Documentation | Help