You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Affected versions of this package are vulnerable to Authorization Bypass due to the use of String.toLowerCase() and String.toUpperCase() that have Locale dependent exceptions, which results in authorization rules not working properly.
Remediation
Upgrade org.springframework.security:spring-security-config to version 5.7.14, 5.8.16, 6.2.8, 6.3.5 or higher.
Overview
org.springframework.security:spring-security-config is a security configuration package for Spring Framework.
Affected versions of this package are vulnerable to Authorization Bypass due to the use of
String.toLowerCase()
andString.toUpperCase()
that haveLocale
dependent exceptions, which results in authorization rules not working properly.Remediation
Upgrade
org.springframework.security:spring-security-config
to version 5.7.14, 5.8.16, 6.2.8, 6.3.5 or higher.References
The text was updated successfully, but these errors were encountered: