OSV-2024-335

See a problem?

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/spring-data-mongodb/OSV-2024-335.yaml

JSON Data

https://api.osv.dev/v1/vulns/OSV-2024-335

Withdrawn

2024-08-19T07:10:45.623052Z

Published

2024-04-30T00:01:28.135379Z

Modified

2024-04-30T00:01:28.135746Z

Summary

Security exception in org.springframework.expression.spel.standard.InternalSpelExpressionParser.eatExp

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67978

Crash type: Security exception
Crash state:
org.springframework.expression.spel.standard.InternalSpelExpressionParser.eatExp
java.base/java.nio.charset.CharsetEncoder.replaceWith
java.base/java.nio.charset.CharsetEncoder.<init>

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67978

Affected packages

OSS-Fuzz / spring-data-mongodb

Package

Name: spring-data-mongodb
Purl: pkg:generic/spring-data-mongodb

Affected ranges

Ecosystem specific

{
    "severity": "LOW"
}

Database specific

source

"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/spring-data-mongodb/OSV-2024-335.yaml"