Org.springframework.data:spring-data-commons
This hub aggregates every CVE we track for Org.springframework.data:spring-data-commons, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
3
CVEs tracked
1
Critical
2
High
1
In CISA KEV
Severity distribution
HIGH2CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 3 most recently published vulnerabilities affecting Org.springframework.data:spring-data-commons.
- CVE-2018-1259Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 prior to 2.0.7, used in combination with XMLBeam 1.4.14 or earlier versions, contains a property binder vulnerability caused by improper ...7.5
- CVE-2018-1274Spring Data Commons, versions 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property path parser vulnerability caused by unlimited resource allocation. An unauthenticated...7.5
- CVE-2018-1273Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. ...KEV9.8
Product normalization is registry-driven with AI assist and human review. How it works