Lucene search
+L

4 matches found

OSV
OSV
added 2026/06/23 9:44 a.m.8 views

ROOT-APP-MAVEN-CVE-2024-38820 CVE-2024-38820 in io.root.org.springframework:spring-web - Patched by Root

Root has patched CVE-2024-38820 in the io.root.org.springframework:spring-web package for Root:Maven. Multiple fixed versions available...

5.3CVSS5.2AI score0.00631EPSS
Exploits1
Spring Security Advisories
Spring Security Advisories
added 2024/11/19 12:0 a.m.7 views

Spring Security Authorization Bypass for Case Sensitive Comparisons

The usage of String.toLowerCase and String.toUpperCase has some Locale dependent exceptions that could potentially result in authorization rules not working properly. Related to CVE-2024-38820...

4.8CVSS6.6AI score0.00631EPSS
Exploits1References1Affected Software1
vulnersOsv
vulnersOsv
added 2024/10/18 6:30 a.m.6 views

ai.optfor:spring-openai-api (>=0.1 <=0.3.25), am.ik.s3:simple-s3-client (>=0.1.0 <=0.1.1) +4187 more potentially affected by CVE-2024-38820 via org.springframework:spring-web (>=6.0.0 <=6.0.23)

org.springframework:spring-web MAVEN version =6.0.0, =0.1, =0.1.0, =0.2.3, =0.2.3, =0.0.6, =0.0.6, =4.6.18, =4.0.0, =1.5.0.RELEASE, =1.5.1.RELEASE, =1.5.0.RELEASE, =2.1.0.RELEASE, =1.5.0.RELEASE, =1.5.2.RELEASE and more Source cves: CVE-2024-38820 Source advisory: OSV:GHSA-4GC7-5J7H-4QPH...

5.3CVSS6.6AI score0.00631EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2024/10/18 6:30 a.m.9 views

ai.optfor:spring-openai-api (>=0.1.3 <=0.3.25), ai.timefold.solver:timefold-solver-spring-boot-autoconfigure (>=1.0.0 <=1.4.0) +7541 more potentially affected by CVE-2024-38820 via org.springframework:spring-context (>=6.0.0 <=6.0.23)

org.springframework:spring-context MAVEN version =6.0.0, =0.1.3, =1.0.0, =1.0.0, =0.1.6, =0.0.2, =0.0.6, =0.0.6, =1.3.0, =4.6.18, =4.0.0, =1.0.0, =2.1.0.RELEASE, =2.1.2.RELEASE and more Source cves: CVE-2024-38820 Source advisory: OSV:GHSA-4GC7-5J7H-4QPH...

5.3CVSS6.6AI score0.00631EPSS
Exploits1
Rows per page
Query Builder