⌘K

We have released Spring Security 5.3.2, 5.2.4, 5.1.10, 5.0.16 and 4.2.16 to address the following CVE reports:

CVE-2020-5407: Signature Wrapping Vulnerability with spring-security-saml2-service-provider
CVE-2020-5408: Dictionary attack with Spring Security queryable text encryptor

#spring

spring.io

CVE reports published for Spring Security

We have released Spring Security 5.3.2, 5.2.4, 5.1.10, 5.0.16 and 4.2.16 to address the following CVE reports: CVE-2020-5407: Signature Wrapping Vulnerability with spring-security-saml2-service-provider CVE-2020-5408: Dictionary attack with Spring Security queryable text encryptor

1.65 GEEK