CVE-2019-3799: Directory Traversal with spring-cloud-config-server
Description Affected Spring Products and Versions Mitigation Credit This issue was identified and responsibly reported by Vern ([email protected] from PingAn Galaxy Lab). References
CVE-2018-15756: DoS Attack via Range Requests
Description Affected Spring Products and Versions Mitigation Credit This issue was identified and responsibly reported by Nicholas Starke from Aruba Threat Labs. History 2018-10-16: Initial vulnerability report published.
CVE-2018-15758: Privilege Escalation in spring-security-oauth2
Description Affected Spring Products and Versions Mitigation Credit This issue was identified and responsibly reported by Alvaro Muñoz (@pwntester) from Micro Focus. References Spring Security OAuth Read more
