CVE-2018-1274 vulnerability in Pivotal Software Products
Published on April 18, 2018

Spring Data Commons, versions 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property path parser vulnerability caused by unlimited resource allocation. An unauthenticated remote malicious user (or attacker) can issue requests against Spring Data REST endpoints or endpoints using property path parsing which can cause a denial of service (CPU and memory consumption).

NVD

Products Associated with CVE-2018-1274

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-1274 are published in these products:

Pivotal Software Spring Data Commons

Pivotal Software Spring Data Rest

Affected Versions

Spring by Pivotal Spring Framework Version Versions 1.13 to 1.13.10, 2.0 to 2.0.5 is affected by CVE-2018-1274

Exploit Probability

EPSS

0.97%

Percentile

76.25%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-1274 vulnerability in Pivotal Software ProductsPublished on April 18, 2018

Products Associated with CVE-2018-1274

Affected Versions

Exploit Probability

CVE-2018-1274 vulnerability in Pivotal Software Products
Published on April 18, 2018