Home > 정보마당 > 공개SW 보안취약점

공개SW 보안취약점

컴포넌트 명 : Spring Data Commons
컴포넌트에 대한 취약점 정보
버전 정보 취약점 ID 취약점 최종 보고일 심각도
1.8.4.RELEASE CVE-2018-1273 2019/10/10 7.5 (High)
취약점 ID : CVE-2018-1273
취약점 상세정보
취약점 설명 Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack.
대응 방안 2.0.10 RELEASE 버전으로 업데이트 필요
기타 -
공개SW 보안취약점 게시물 리스트 표
번호 컴포넌트 명 및 버전 취약점ID 심각도 취약점
최종 보고일
대응방안
108 Apache Xerces2 J 2.10.0 CVE-2012-0881 7.8 (High) 2019/10/18
107 fop 1.1 CVE-2017-5661 7.9 (High) 2017/11/04
106 Elasticsearch 0.17.8 CVE-2015-1427 7.5 (High) 2018/10/10
105 Bouncy Castle 1.54 CVE-2018-1000613 7.5 (High) 2019/04/24
104 Spring Batch Test 2.1.8.RELEASE CVE-2019-3774 7.5 (High) 2019/10/10
103 Infrastructure 2.1.8.RELEASE CVE-2019-3774 7.5 (High) 2019/10/10
102 Apache Struts 1.0.2 CVE-2006-1547 7.8 (High) 2017/07/20
101 Spring Data Commons 1.8.4.RELEASE CVE-2018-1273 7.5 (High) 2019/10/10
100 Spring Data Commons 1.6.1.RELEASE CVE-2018-1273 7.5 (High) 2019/10/10
99 libplexus-utils 2.0.5 CVE-2017-1000487 7.5 (High) 2019/10/03
맨 위로
맨 위로