Security vulnerability in spring-core-3.2.18.RELEASE.jar with CVSS 2 Score 5.0

Description

GroupId

org.springframework

ArtifactId

spring-core

Version

3.2.18.RELEASE

WhiteSource link: https://saas.whitesourcesoftware.com/Wss/WSS.html#!libraryDetails;uuid=9f6ca365-d663-45a3-84f2-96594883d0e3;project=1339941

Vulnerability list:

Medium

CVE-2014-3578

-

5.0

Medium

CVE-2018-1199

5.3

5.0

Activity

Show:
All Replies
February 26, 2020, 3:56 AM
Edited

[This comment has been reassigned to allreplies@alfresco.com as part of the Alfresco cloud migration project. The author of this comment was mdiachenko] Vulnerability CVE-2014-3578
Looks like incorrect data in whitesource. spring-core versions from 3.2.9 already have this fixed

All Replies
October 31, 2020, 9:50 AM

[This issue has been reassigned to allreplies@alfresco.com as part of the Alfresco cloud migration project. The reporter of this issue was afelix]

Done

Assignee

Unassigned

Reporter

All Replies

Labels

None

Release Train

None

Delivery Team

Feature Teams

Time remaining

0m

Components

Sprint

None

Fix versions

Priority