Lucene search
F5F5:K10520421HistoryMay 29, 2018 - 12:00 a.m.
K10520421 : Spring Security OAuth vulnerability CVE-2018-1260
2018-05-2900:00:00
my.f5.com
12
Security Advisory Description
Spring Security OAuth, versions 2.3 prior to 2.3.3, 2.2 prior to 2.2.2, 2.1 prior to 2.1.2, 2.0 prior to 2.0.15 and older unsupported versions contains a remote code execution vulnerability. A malicious user or attacker can craft an authorization request to the authorization endpoint that can lead to remote code execution when the resource owner is forwarded to the approval endpoint. (CVE-2018-1260)
Impact
There is no impact; F5 products are not affected by this vulnerability.
Related
redhatcve
redhatcve
CVE-2018-1260
2018-05-30 19:19:20
nvd
nvd
CVE-2018-1260
2018-05-11 20:29:00
osv
osv
Spring Security OAuth vulnerable to remote code execution (RCE)
2018-10-18 18:05:34
CVE-2018-1260
2018-05-11 20:29:00
prion
prion
Remote code execution
2018-05-11 20:29:00
github
github
Spring Security OAuth vulnerable to remote code execution (RCE)
2018-10-18 18:05:34
cvelist
cvelist
CVE-2018-1260
2018-05-09 00:00:00
cve
cve
CVE-2018-1260
2018-05-11 20:29:00
veracode
veracode
Remote Code Execution (RCE)
2018-05-10 06:42:48
seebug
seebug
RCE with spring-security-oauth2 分析(CVE-2018-1260)
2018-05-11 00:00:00
ibm
ibm
redhat
redhat
impervablog
impervablog
Imperva Protects from New Spring Framework Zero-Day Vulnerabilities
2022-03-31 15:20:03