Spring Security Advisories

This page lists Spring advisories.

CVE-2018-1272: Multipart Content Pollution with Spring Framework

LOW | APRIL 05, 2018 | CVE-2018-1272

Description Affected Spring Products and Versions Mitigation Credit This issue was identified and responsibly reported by Philippe Arteau from GoSecure. History 2018-04-05: Initial vulnerability report published

CVE-2018-1271: Directory Traversal with Spring MVC on Windows

HIGH | APRIL 05, 2018 | CVE-2018-1271

Description Affected Spring Products and Versions Mitigation Credit This issue was identified and responsibly reported by Orange Tsai (@orange_8361) from DEVCORE. References Example