search

vipshop / Saturn

The vip.com's distributed job scheduling platform.
Apache License 2.0
2.27k stars 698 forks source link

There is a vulnerability in springframework 4.3.2.RELEASE,upgrade recommended #728

Open QiAnXinCodeSafe opened 3 years ago

QiAnXinCodeSafe commented 3 years ago

https://github.com/vipshop/Saturn/blob/032796b7036d53f09a75de0a13808e48dce210f7/pom.xml#L44

CVE-2018-1270 CVE-2018-1275 CVE-2016-9878 CVE-2018-1272

Recommended upgrade version:4.3.28-1