There is a vulnerability in Spring Framework 4.2.3.RELEASE,upgrade recommended

QiAnXinCodeSafe opened this issue 3 years ago · comments

奇安信CodeSafe commented 3 years ago

qmq/pom.xml

Line 87 in a285a88

<spring.version>4.2.3.RELEASE</spring.version>

CVE-2018-1270 CVE-2016-5007 CVE-2018-15756 CVE-2018-1272 CVE-2018-1271 CVE-2020-5421

Recommended upgrade version：4.3.28-1