Lucene search
K

4 matches found

OSV
OSV
added 2024/12/04 9:30 p.m.2 views

GHSA-MQVR-2RP8-J7H4 Spring LDAP data exposure vulnerability

A vulnerability in Spring LDAP allows data exposure for case sensitive comparisons.This issue affects Spring LDAP: from 2.4.0 through 2.4.3, from 3.0.0 through 3.0.9, from 3.1.0 through 3.1.7, from 3.2.0 through 3.2.7, AND all versions prior to 2.4.0. The usage of String.toLowerCase and...

6.3CVSS6.8AI score0.00379EPSS
Exploits0References3
OSV
OSV
added 2024/12/04 9:15 p.m.2 views

UBUNTU-CVE-2024-38829

A vulnerability in Spring LDAP allows data exposure for case sensitive comparisons.This issue affects Spring LDAP: from 2.4.0 through 2.4.3, from 3.0.0 through 3.0.9, from 3.1.0 through 3.1.7, from 3.2.0 through 3.2.7, AND all versions prior to 2.4.0. The usage of String.toLowerCase and...

3.7CVSS6.5AI score0.00379EPSS
Exploits0References3
OSV
OSV
added 2024/12/02 3:31 p.m.2 views

GHSA-Q3V6-HM2V-PW99 Spring Framework has Authorization Bypass for Case Sensitive Comparisons

The usage of String.toLowerCase and String.toUpperCase has some Locale dependent exceptions that could potentially result in authorization rules not working properly...

6.3CVSS5.9AI score0.00385EPSS
Exploits0References7
Spring Security Advisories
Spring Security Advisories
added 2024/11/19 12:0 a.m.7 views

Spring Security Authorization Bypass for Case Sensitive Comparisons

The usage of String.toLowerCase and String.toUpperCase has some Locale dependent exceptions that could potentially result in authorization rules not working properly. Related to CVE-2024-38820...

4.8CVSS6.6AI score0.00631EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder