5 matches found
EUVD-2026-24612
Vulnerability in Spring Spring Security. If an application uses to define the servlet path for computing a path matcher, then the servlet path is not included and the related authorization rules are not exercised. This can lead to an authorization bypass.This issue affects Spring Security: from...
GHSA-4VRC-J85C-598C Spring Security Doesn't Correctly Include Servlet Path in Path Matching of XML Authorization Rules
Vulnerability in Spring Spring Security. If an application uses to define the servlet path for computing a path matcher, then the servlet path is not included and the related authorization rules are not exercised. This can lead to an authorization bypass. This issue affects Spring Security: from...
CVE-2026-22754
Vulnerability in Spring Spring Security. If an application uses to define the servlet path for computing a path matcher, then the servlet path is not included and the related authorization rules are not exercised. This can lead to an authorization bypass.This issue affects Spring Security: from...
CVE-2026-22754 ervlet Path Not Correctly Included in Path Matching of XML Authorization Rules
Vulnerability in Spring Spring Security. If an application uses to define the servlet path for computing a path matcher, then the servlet path is not included and the related authorization rules are not exercised. This can lead to an authorization bypass.This issue affects Spring Security: from...
Spring Security 访问控制错误漏洞
Spring Security is a security framework developed by Spring OpenSource that includes authentication and authorization features. In versions 7.0.0 to 7.0.4 of Spring Security, there was an access control vulnerability. This vulnerability occurred when the servlet path defined using the tag did not...