CRITICAL9.8CVE-2018-1273⚠ KEVSpring Data Commons remote code injection vulnerability
>= 1.13.0, < 1.13.11
HIGH7.5CVE-2018-1274Spring Data Commons contain a property path parser vulnerability caused by unlimited resource allocation
from 0, < 1.13.11
HIGH7.5CVE-2018-1259Spring Data Commons, used in combination with XMLBeam, contains a property binder vulnerability caused by improper restriction of XML external entity references