4 matches found
CVE-2026-32939
DataEase (open-source data visualization tool) versions 2.10.19 and earlier suffer a locale-related input validation bug in JDBC URL handling. DataEase uses String.toUpperCase() without an explicit Locale, making its security checks depend on the JVM’s default locale, while H2 JDBC normalizes URL...
The vulnerability of the String.toUpperCase() function in Mozilla Firefox and the Thunderbird email client allows a hacker to execute arbitrary code.
The vulnerability of the String.toUpperCase function in Mozilla Firefox and the Thunderbird email client is related to access to an uninitialized pointer. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
GHSA-Q3V6-HM2V-PW99 Spring Framework has Authorization Bypass for Case Sensitive Comparisons
The usage of String.toLowerCase and String.toUpperCase has some Locale dependent exceptions that could potentially result in authorization rules not working properly...
CVE-2024-38827 Spring Security Authorization Bypass for Case Sensitive Comparisons
The usage of String.toLowerCase and String.toUpperCase has some Locale dependent exceptions that could potentially result in authorization rules not working properly...