{"id":"UBUNTU-CVE-2018-1270","details":"Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack.","modified":"2025-07-16T08:22:15.696367Z","published":"2018-04-06T13:29:00Z","upstream":["CVE-2018-1270"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2018-1270"},{"type":"REPORT","url":"https://pivotal.io/security/cve-2018-1270"},{"type":"REPORT","url":"https://bugs.launchpad.net/ubuntu/+source/saaj/+bug/1814133"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2018-1270"}],"affected":[{"package":{"name":"libspring-java","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/libspring-java@4.3.22-1~18.04?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.3.22-1~18.04"}]}],"versions":["4.3.11-1","4.3.12-1","4.3.13-2","4.3.14-1"],"ecosystem_specific":{"binaries":[{"binary_name":"libspring-aop-java","binary_version":"4.3.22-1~18.04"},{"binary_name":"libspring-beans-java","binary_version":"4.3.22-1~18.04"},{"binary_name":"libspring-context-java","binary_version":"4.3.22-1~18.04"},{"binary_name":"libspring-context-support-java","binary_version":"4.3.22-1~18.04"},{"binary_name":"libspring-core-java","binary_version":"4.3.22-1~18.04"},{"binary_name":"libspring-expression-java","binary_version":"4.3.22-1~18.04"},{"binary_name":"libspring-instrument-java","binary_version":"4.3.22-1~18.04"},{"binary_name":"libspring-jdbc-java","binary_version":"4.3.22-1~18.04"},{"binary_name":"libspring-jms-java","binary_version":"4.3.22-1~18.04"},{"binary_name":"libspring-messaging-java","binary_version":"4.3.22-1~18.04"},{"binary_name":"libspring-orm-java","binary_version":"4.3.22-1~18.04"},{"binary_name":"libspring-oxm-java","binary_version":"4.3.22-1~18.04"},{"binary_name":"libspring-test-java","binary_version":"4.3.22-1~18.04"},{"binary_name":"libspring-transaction-java","binary_version":"4.3.22-1~18.04"},{"binary_name":"libspring-web-java","binary_version":"4.3.22-1~18.04"},{"binary_name":"libspring-web-portlet-java","binary_version":"4.3.22-1~18.04"},{"binary_name":"libspring-web-servlet-java","binary_version":"4.3.22-1~18.04"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-1270.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"high"}]}