edit-icon download-icon

[Vulnerability notice] Remote command execution vulnerability in Java Spring Boot framework

Last Updated: Nov 23, 2017

Description

Spring Boot is a lightweight framework that takes most of the work out of configuring Spring-based applications.

Security experts pointed out that if custom handling is not performed for Spring Boot exceptions, attackers may construct malicious code to run any command remotely.

Affected versions

Spring Boot 1.1 - 1.3.0

Fix

Thank you! We've received your feedback.