[SWF-1700] CVE-2017-4971: Avoid use of SpEL parser for empty value expressions Created: 31/May/17  Updated: 15/Sep/17  Resolved: 31/May/17

Status: Resolved
Project: Spring Web Flow
Component/s: Core: View Selection Rendering
Affects Version/s: 2.4.4
Fix Version/s: 2.4.5, 2.5.RC1

Type: Improvement Priority: Minor
Reporter: Rossen Stoyanchev Assignee: Rossen Stoyanchev
Resolution: Complete Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Relate
is related to SWF-1711 CVE-2017-8039: Validate data binding ... Resolved

 Description   

This ticket is for fixing CVE-2017-4971.


Generated at Tue Feb 25 19:06:16 UTC 2020 using Jira 7.13.8#713008-sha1:1606a5c1e7006e1ab135aac81f7a9566b2dbc3a6.