org.springframework.data:spring-data-commons (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package org.springframework.data:spring-data-commons, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVE-2018-1259 — CVSS 7.5 (high): Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 prior to 2.0.7, used in combination with XMLBeam 1.4.14 or earlier versions…
CVE-2018-1274 — CVSS 7.5 (high): Spring Data Commons, versions 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property path parser vulnerability…