3 matches found
Improper Neutralization of Special Elements in Data Query Logic
Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the FilterExpressionConverter implementations. An attacker can alter underlying vector store queries by supplying crafted filter expressions, as keys and values are not...
org.springframework.ai:spring-ai-starter-vector-store-mariadb (>=1.1.0 <=1.1.2) potentially affected by CVE-2026-22730 via org.springframework.ai:spring-ai-mariadb-store (>=1.1.0-M1 <=1.1.2)
org.springframework.ai:spring-ai-mariadb-store MAVEN version =1.1.0-M1, =1.1.0, =1.1.2 Source cves: CVE-2026-22730 Source advisory: OSV:GHSA-C267-RFVC-MVPM...
org.springframework.ai:spring-ai-mariadb-store-spring-boot-starter (>=1.0.0-M5 <=1.0.0-M6), org.springframework.ai:spring-ai-starter-vector-store-mariadb (>=1.0.0 <=1.0.3) potentially affected by CVE-2026-22730 via org.springframework.ai:spring-ai-mariadb-store (>=1.0.0-M5 <=1.0.3)
org.springframework.ai:spring-ai-mariadb-store MAVEN version =1.0.0-M5, =1.0.0-M5, =1.0.0, =1.0.3 Source cves: CVE-2026-22730 Source advisory: OSV:GHSA-C267-RFVC-MVPM...