A short article to announce that Pivotal has announced a bunch of security fixes on its products.
List of vulnerabilities
The 09th may, Pivotal has announced a set of vulnerabilities impacting several core components.
Here is the list of patches announced :
- Pivotal Application service (cve-2018-1278) : https://pivotal.io/security/cve-2018-1278
- Spring XMLBeans https://pivotal.io/security/cve-2018-1259
- Spring OAuth2 vulnerability https://pivotal.io/security/cve-2018-1260
- Spring security : https://pivotal.io/security/cve-2018-1258
- Spring messaging REDOS : https://pivotal.io/security/cve-2018-1258
- Spring integration unsafe unzip : https://pivotal.io/security/cve-2018-1261
- PHP vulnerabilities : https://pivotal.io/security/cve-2018-1261
More to follow…