CVE-2018-15801

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-15801

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-15801.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-15801

Aliases

GHSA-27xw-p8v6-9jjr

Withdrawn

2024-05-15T05:33:44.865569Z

Published

2018-12-19T22:29:00Z

Modified

2023-11-08T03:59:58.414090Z

Severity

7.4 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator

Summary

[none]

Details

Spring Security versions 5.1.x prior to 5.1.2 contain an authorization bypass vulnerability during JWT issuer validation. In order to be impacted, the same private key for an honest issuer and a malicious user must be used when signing JWTs. In that case, a malicious user could fashion signed JWTs with the malicious issuer URL that may be granted for the honest issuer.

References

https://pivotal.io/security/cve-2018-15801

Affected packages

Git / github.com/spring-projects/spring-framework

Affected ranges

Type: GIT
Repo: https://github.com/spring-projects/spring-framework
Events: Introduced

f07eed2b28b4b51e4f2167f2ec6cd4d8bd9295ad

Fixed

a0880f7ea97a0329aaf1b7dbe0877eca10f060f8