WebLogic Vulnerability - CVE-2018-1257

Spring Framework versions 5.0.x prior to 5.0.6 versions 4.3.x prior to 4.3.17 and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a regular expression denial of service attack.