Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2026/06/10 3:39 p.m.5 views

Spring Boot: Spring Boot: Arbitrary Code Execution and Session Hijacking via predictable temporary directory

A flaw was found in Spring Boot. A local attacker on the same host as the application may be able to take control of the ApplicationTemp directory due to predictable temporary directory handling. When the server.servlet.session.persistent setting is enabled and the attack persists across...

7CVSS5.8AI score0.00136EPSS
Exploits0References5
OSV
OSV
added 2026/04/28 12:31 a.m.7 views

GHSA-WWPQ-F5C3-7HVX Spring Boot accepts predictable temp directory without ownership verification

A local attacker on the same host as the application may be able to take control of the directory used by ApplicationTemp. When server.servlet.session.persistent is set to true and the attack persists across application restarts, this may allow the attacker to read session information and hijack...

7CVSS5.9AI score0.00136EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/04/28 12:31 a.m.8 views

Spring Boot accepts predictable temp directory without ownership verification

A local attacker on the same host as the application may be able to take control of the directory used by ApplicationTemp. When server.servlet.session.persistent is set to true and the attack persists across application restarts, this may allow the attacker to read session information and hijack...

7CVSS5.9AI score0.00136EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/04/28 12:16 a.m.9 views

CVE-2026-40973

A local attacker on the same host as the application may be able to take control of the directory used by ApplicationTemp. When server.servlet.session.persistent is set to true and the attack persists across application restarts, this may allow the attacker to read session information and hijack...

7CVSS0.00136EPSS
Exploits0References1
Rows per page
Query Builder