Description

Spring Security may not correctly locate method security annotations on parameterized types or methods. This may cause an authorization bypass.

Your application may be affected by this if the following are true:

1. You are using @EnableMethodSecurity, and
2. You have a method security annotation on a parameterized superclass, interface, or overridden method and no annotation on the target method
…

Description

BCryptPasswordEncoder.matches(CharSequence,String) will incorrectly return true for passwords larger than 72 characters as long as the first 72 characters are the same.

Affected Spring Products and Versions

Spring Security:

• 5.7.0 - 5.7.15
• 5.8.0 - 5.8.17
• 6.0.0 - 6.0.15
• 6.1.0 - 6.1.13
• 6.2.0 - 6.2.9
• 6.3.0 - 6.3.7
• 6.4.0 - 6.4.3
• Older, unsupported versions are also affected
…

Description

The usage of String.toLowerCase() and String.toUpperCase() has some Locale dependent exceptions that could potentially result in authorization rules not working properly.

Related to CVE-2024-38820

Affected Spring Products and Versions

Spring…

Description

The usage of String.toLowerCase() and String.toUpperCase() has some Locale dependent exceptions that could potentially result in unintended columns from being queried

Related to CVE-2024-38820

Affected Spring Products and Versions

Spring LDAP:

• 2.4.0 - 2.4.3
• 3.0.0 - 3.0.9
• 3.1.0 - 3.1.7
• 3.2.0 - 3.2.7
• Older, unsupported versions are also affected
…

Description

Spring MVC controller methods with an @RequestBody byte[] method parameter are vulnerable to a DoS attack.

Affected Spring Products and Versions

Spring Framework:

• 5.3.0 - 5.3.41
• Older, unsupported versions are also affected

Mitigation

Users of…

Description

Spring WebFlux applications that have Spring Security authorization rules on static resources can be bypassed under certain circumstances.

For this to impact an application, all of the following must be true:

• It must be a WebFlux application
• It must be using Spring's static resources support
• It must have a non-permitAll authorization rule applied to the static resources support
…

Description

Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also…

Description

The fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive. However, String.toLowerCase() has some Locale dependent exceptions that could potentially result in fields not protected as expected.

Affected Spring Products…

Description

Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also…

Description

Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one…