Multiple CVE reports published for the Spring Framework
随机文章安全研究人员发现 Spring Framework 存在多个漏洞,其中有 RCE 漏洞!有用到相关 framework 的同学请尽快更新补丁。
CVE-2018-1270: Remote Code Execution with spring-messaging, it is rated as “Critical”. CVE-2018-1271: Directory Traversal with Spring MVC on Windows, it is rated as “High”. CVE-2018-1272: Multipart Content Pollution with Spring Framework, it is rated as “Low”.