Spring Integration Zip
Monthly
Addresses partial fix in CVE-2018-1263. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Addresses partial fix in CVE-2018-1261. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.
Spring-integration-zip versions prior to 1.0.1 exposes an arbitrary file write vulnerability, which can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar,. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.
Addresses partial fix in CVE-2018-1263. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Addresses partial fix in CVE-2018-1261. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.
Spring-integration-zip versions prior to 1.0.1 exposes an arbitrary file write vulnerability, which can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar,. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.