GHSA-4487-x383-qpph

Source

https://github.com/advisories/GHSA-4487-x383-qpph

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/10/GHSA-4487-x383-qpph/GHSA-4487-x383-qpph.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-4487-x383-qpph

Aliases

CVE-2018-1272

Published

2018-10-17T20:27:47Z

Modified

2024-12-05T05:30:27.932883Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

Possible privilege escalation in org.springframework:spring-core

Details

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, provide client-side support for multipart requests. When Spring MVC or Spring WebFlux server application (server A) receives input from a remote client, and then uses that input to make a multipart request to another server (server B), it can be exposed to an attack, where an extra multipart is inserted in the content of the request from server A, causing server B to use the wrong value for a part it expects. This could to lead privilege escalation, for example, if the part content represents a username or user roles.

Database specific

{
    "nvd_published_at": "2018-04-06T13:29:00Z",
    "cwe_ids": [],
    "severity": "HIGH",
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T20:57:17Z"
}

References

Affected packages

Maven / org.springframework:spring-core

Package

Name: org.springframework:spring-core; View open source insights on deps.dev
Purl: pkg:maven/org.springframework/spring-core

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.3.15

Affected versions

1.*

1.0-rc1

1.0

1.0.1

1.1-rc1

1.1-rc2

1.1

1.1.1

1.1.2

1.1.3

1.1.4

1.1.5

1.2-rc1

1.2-rc2

1.2

1.2.1

1.2.2

1.2.3

1.2.4

1.2.5

1.2.6

1.2.7

1.2.8

1.2.9

2.*

2.0-m1

2.0-m2

2.0-m3

2.0-m4

2.0-m5

2.0-rc1

2.0-rc2

2.0

2.0.1

2.0.2

2.0.3

2.0.4

2.0.5

2.0.6

2.0.7

2.0.8

2.5

2.5.1

2.5.2

2.5.3

2.5.4

2.5.5

2.5.6

2.5.6.SEC01

2.5.6.SEC02

2.5.6.SEC03

3.*

3.0.0.RELEASE

3.0.1.RELEASE

3.0.2.RELEASE

3.0.3.RELEASE

3.0.4.RELEASE

3.0.5.RELEASE

3.0.6.RELEASE

3.0.7.RELEASE

3.1.0.RELEASE

3.1.1.RELEASE

3.1.2.RELEASE

3.1.3.RELEASE

3.1.4.RELEASE

3.2.0.RELEASE

3.2.1.RELEASE

3.2.2.RELEASE

3.2.3.RELEASE

3.2.4.RELEASE

3.2.5.RELEASE

3.2.6.RELEASE

3.2.7.RELEASE

3.2.8.RELEASE

3.2.9.RELEASE

3.2.10.RELEASE

3.2.11.RELEASE

3.2.12.RELEASE

3.2.13.RELEASE

3.2.14.RELEASE

3.2.15.RELEASE

3.2.16.RELEASE

3.2.17.RELEASE

3.2.18.RELEASE

4.*

4.0.0.RELEASE

4.0.1.RELEASE

4.0.2.RELEASE

4.0.3.RELEASE

4.0.4.RELEASE

4.0.5.RELEASE

4.0.6.RELEASE

4.0.7.RELEASE

4.0.8.RELEASE

4.0.9.RELEASE

4.1.0.RELEASE

4.1.1.RELEASE

4.1.2.RELEASE

4.1.3.RELEASE

4.1.4.RELEASE

4.1.5.RELEASE

4.1.6.RELEASE

4.1.7.RELEASE

4.1.8.RELEASE

4.1.9.RELEASE

4.2.0.RELEASE

4.2.1.RELEASE

4.2.2.RELEASE

4.2.3.RELEASE

4.2.4.RELEASE

4.2.5.RELEASE

4.2.6.RELEASE

4.2.7.RELEASE

4.2.8.RELEASE

4.2.9.RELEASE

4.3.0.RELEASE

4.3.1.RELEASE

4.3.2.RELEASE

4.3.3.RELEASE

4.3.4.RELEASE

4.3.5.RELEASE

4.3.6.RELEASE

4.3.7.RELEASE

4.3.8.RELEASE

4.3.9.RELEASE

4.3.10.RELEASE

4.3.11.RELEASE

4.3.12.RELEASE

4.3.13.RELEASE

4.3.14.RELEASE

Maven / org.springframework:spring-core

Package

Name: org.springframework:spring-core; View open source insights on deps.dev
Purl: pkg:maven/org.springframework/spring-core

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.0.0

Fixed

5.0.5

Affected versions

5.*

5.0.0.RELEASE

5.0.1.RELEASE

5.0.2.RELEASE

5.0.3.RELEASE

5.0.4.RELEASE