Security vulnerabilities in Spring v2.5.6 and v3.2.4 [SPR-10912] #15540
Assignees
Labels
status: backported
An issue that has been backported to maintenance branches
type: bug
A general bug
Milestone
Comments
spring-projects-issues
added
type: bug
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Nick Bletzer opened SPR-10912 and commented
I am part of IBM's security team. As an industry service, we have an ongoing project to security scan the Open Source Software components that are regularly used by IBM teams and pass details of any security vulnerabilities found back to the OSS community in question.
I have recently scanned Spring v.2.5.6 and v3.2.4 and have produced some reports.
Can someone get in touch with me so I can securely pass these reports to the Spring community.
Thanks,
Nick Bletzer
IBM Security Specialist
Affects: 3.2.4
Backported to: 3.2.6
The text was updated successfully, but these errors were encountered: