CVE-2018-1270
Spring Framework allows applications to expose STOMP over
WebSocket endpoints with a simple, in-memory STOMP broker through
the spring-messaging module. A malicious user (or attacker) can
craft a message to the broker that can lead to a remote code
execution attack.
CVE-2018-11039
Spring Framework allows web applications to change the HTTP
request method to any HTTP method (including TRACE) using the
HiddenHttpMethodFilter in Spring MVC. If an application has a
pre-existing XSS vulnerability, a malicious user (or attacker) can
use this filter to escalate to an XST (Cross Site Tracing) attack.
CVE-2018-11040
Spring Framework allows web applications to enable cross-domain
requests via JSONP (JSON with Padding) through
AbstractJsonpResponseBodyAdvice for REST controllers and
MappingJackson2JsonView for browser requests. Both are not enabled
by default in Spring Framework nor Spring Boot, however, when
Get the latest Linux and open source security news straight to your inbox.