Skip to content

Commit fe2fe44

Browse files
Advisory Database Sync
1 parent 66a4b9e commit fe2fe44

56 files changed

Lines changed: 2047 additions & 0 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.
Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-293q-567p-wmwq",
4+
"modified": "2026-06-10T00:31:53Z",
5+
"published": "2026-06-10T00:31:53Z",
6+
"aliases": [
7+
"CVE-2026-47838"
8+
],
9+
"details": "SubjectDnX509PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the username. In a carefully crafted certificate, this can lead to an attacker impersonating another user.\n\nAffected versions:\nSpring Security 5.7.0 through 5.7.24; 5.8.0 through 5.8.26; 6.3.0 through 6.3.17; 6.4.0 through 6.4.17; 6.5.0 through 6.5.10.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47838"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://spring.io/security/cve-2026-47838"
25+
}
26+
],
27+
"database_specific": {
28+
"cwe_ids": [
29+
"CWE-287"
30+
],
31+
"severity": "MODERATE",
32+
"github_reviewed": false,
33+
"github_reviewed_at": null,
34+
"nvd_published_at": "2026-06-10T00:16:54Z"
35+
}
36+
}
Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-2q7c-5gjm-7q23",
4+
"modified": "2026-06-10T00:31:51Z",
5+
"published": "2026-06-10T00:31:51Z",
6+
"aliases": [
7+
"CVE-2026-40993"
8+
],
9+
"details": "An attacker with write permissions to the database table managed by JdbcAssertingPartyMetadataRepository (saml2_asserting_party_metadata) may be able to store malicious serialized payloads in the columns containing the collection of verification or encryption credentials (verification_credentials and encryption_credentials, respectively).\n\nAffected versions:\nSpring Security 7.0.0 through 7.0.5.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40993"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://spring.io/security/cve-2026-40993"
25+
}
26+
],
27+
"database_specific": {
28+
"cwe_ids": [
29+
"CWE-502"
30+
],
31+
"severity": "HIGH",
32+
"github_reviewed": false,
33+
"github_reviewed_at": null,
34+
"nvd_published_at": "2026-06-10T00:16:50Z"
35+
}
36+
}
Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-3pjj-qpw6-5fcm",
4+
"modified": "2026-06-10T00:31:51Z",
5+
"published": "2026-06-10T00:31:51Z",
6+
"aliases": [
7+
"CVE-2026-41003"
8+
],
9+
"details": "An attacker able to influence values in RelyingPartyRegistration may be able to run arbitrary code on HTML forms generated by Spring Security filters.\n\nAffected versions:\nSpring Security 5.7.0 through 5.7.23; 5.8.0 through 5.8.25; 6.3.0 through 6.3.16; 6.4.0 through 6.4.16; 6.5.0 through 6.5.10; 7.0.0 through 7.0.5.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41003"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://spring.io/security/cve-2026-41003"
25+
}
26+
],
27+
"database_specific": {
28+
"cwe_ids": [
29+
"CWE-79"
30+
],
31+
"severity": "HIGH",
32+
"github_reviewed": false,
33+
"github_reviewed_at": null,
34+
"nvd_published_at": "2026-06-10T00:16:50Z"
35+
}
36+
}
Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-43fh-5xpm-3q9m",
4+
"modified": "2026-06-10T00:31:50Z",
5+
"published": "2026-06-10T00:31:50Z",
6+
"aliases": [
7+
"CVE-2026-9747"
8+
],
9+
"details": "Adding fromRouter:true and runtimeConstants.userRoles could cause aggregations to crash mongodb server.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
18+
}
19+
],
20+
"affected": [],
21+
"references": [
22+
{
23+
"type": "ADVISORY",
24+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9747"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://jira.mongodb.org/browse/SERVER-123918"
29+
}
30+
],
31+
"database_specific": {
32+
"cwe_ids": [
33+
"CWE-617"
34+
],
35+
"severity": "HIGH",
36+
"github_reviewed": false,
37+
"github_reviewed_at": null,
38+
"nvd_published_at": "2026-06-09T23:17:04Z"
39+
}
40+
}
Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-47r4-q5f4-x2qv",
4+
"modified": "2026-06-10T00:31:49Z",
5+
"published": "2026-06-10T00:31:49Z",
6+
"aliases": [
7+
"CVE-2026-34711"
8+
],
9+
"details": "CAI Content Credentials versions c2pa-web@0.7.1, c2pa-v0.80.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34711"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://helpx.adobe.com/security/products/content-authenticity-sdk/apsb26-61.html"
25+
}
26+
],
27+
"database_specific": {
28+
"cwe_ids": [
29+
"CWE-190"
30+
],
31+
"severity": "HIGH",
32+
"github_reviewed": false,
33+
"github_reviewed_at": null,
34+
"nvd_published_at": "2026-06-09T22:16:24Z"
35+
}
36+
}
Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-4r8w-73jc-3m7q",
4+
"modified": "2026-06-10T00:31:51Z",
5+
"published": "2026-06-10T00:31:51Z",
6+
"aliases": [
7+
"CVE-2026-41008"
8+
],
9+
"details": "Spring Security Authorization Server's authorization endpoint performs insufficient validation of the request_uri parameter. An attacker can craft a malicious authorization request containing an invalid request_uri and an arbitrary, unvalidated redirect_uri, which can lead to an Open Redirect vulnerability.\n\nAffected versions:\nSpring Security 7.0.0 through 7.0.5.\nSpring Authorization Server 1.5.0 through 1.5.7.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41008"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://spring.io/security/cve-2026-41008"
25+
}
26+
],
27+
"database_specific": {
28+
"cwe_ids": [
29+
"CWE-601"
30+
],
31+
"severity": "MODERATE",
32+
"github_reviewed": false,
33+
"github_reviewed_at": null,
34+
"nvd_published_at": "2026-06-10T00:16:50Z"
35+
}
36+
}
Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-52qm-pr2g-7h6x",
4+
"modified": "2026-06-10T00:31:51Z",
5+
"published": "2026-06-10T00:31:50Z",
6+
"aliases": [
7+
"CVE-2026-9751"
8+
],
9+
"details": "The ldapQueryPassword parameter, when set through the runtime setParameter command, will log the new password to the mongod.log file in plain text.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
18+
}
19+
],
20+
"affected": [],
21+
"references": [
22+
{
23+
"type": "ADVISORY",
24+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-9751"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://jira.mongodb.org/browse/SERVER-123370"
29+
}
30+
],
31+
"database_specific": {
32+
"cwe_ids": [
33+
"CWE-532"
34+
],
35+
"severity": "MODERATE",
36+
"github_reviewed": false,
37+
"github_reviewed_at": null,
38+
"nvd_published_at": "2026-06-09T23:17:04Z"
39+
}
40+
}
Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-53w6-v7cv-fc9h",
4+
"modified": "2026-06-10T00:31:52Z",
5+
"published": "2026-06-10T00:31:52Z",
6+
"aliases": [
7+
"CVE-2026-41727"
8+
],
9+
"details": "Spring Kafka's retry topic infrastructure did not sufficiently validate user-controlled header values before acting on them. A producer could send a record with a crafted retry_topic-attempts header to supply an out-of-range attempt count and cause the retry topic router to misidentify where the message was in the retry sequence.\n\nAffected versions:\nSpring for Apache Kafka 4.0.0 through 4.0.5; 3.3.0 through 3.3.15; 3.2.0 through 3.2.13; 2.9.0 through 2.9.13; 2.8.0 through 2.8.11.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41727"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://spring.io/security/cve-2026-41727"
25+
}
26+
],
27+
"database_specific": {
28+
"cwe_ids": [
29+
"CWE-20"
30+
],
31+
"severity": "MODERATE",
32+
"github_reviewed": false,
33+
"github_reviewed_at": null,
34+
"nvd_published_at": "2026-06-10T00:16:52Z"
35+
}
36+
}
Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-5m4m-73w9-8433",
4+
"modified": "2026-06-10T00:31:52Z",
5+
"published": "2026-06-10T00:31:52Z",
6+
"aliases": [
7+
"CVE-2026-41721"
8+
],
9+
"details": "Spring Data Commons contains a vulnerability that can lead to a Denial of Service (DoS) condition if Spring Data Web Support is enabled in conjunction with a Controller method using @ProjectedPayload, when an attacker sends a specially crafted HTTP request that causes the application to allocate lots of memory.\n\nAffected versions:\nSpring Data Commons 4.0.0 through 4.0.5; 3.5.0 through 3.5.11; 3.4.0 through 3.4.14; 3.3.0 through 3.3.16; 3.2.0 through 3.2.15; 3.1.0 through 3.1.14; 3.0.0 through 3.0.15; 2.7.0 through 2.7.19.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41721"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://spring.io/security/cve-2026-41721"
25+
}
26+
],
27+
"database_specific": {
28+
"cwe_ids": [
29+
"CWE-400"
30+
],
31+
"severity": "MODERATE",
32+
"github_reviewed": false,
33+
"github_reviewed_at": null,
34+
"nvd_published_at": "2026-06-10T00:16:51Z"
35+
}
36+
}
Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-5vpf-xvv7-c8vh",
4+
"modified": "2026-06-10T00:31:51Z",
5+
"published": "2026-06-10T00:31:51Z",
6+
"aliases": [
7+
"CVE-2026-41711"
8+
],
9+
"details": "Applications using Spring Data Commons may be vulnerable to a Denial of Service (DoS) attack leading to a StackOverflowException when parsing Sort parameters.\n\nAffected versions:\nSpring Data Commons 4.0.0 through 4.0.5; 3.5.0 through 3.5.11; 3.4.0 through 3.4.14; 3.3.0 through 3.3.16; 3.2.0 through 3.2.15; 3.1.0 through 3.1.14; 3.0.0 through 3.0.15; 2.7.0 through 2.7.19.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41711"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://spring.io/security/cve-2026-41711"
25+
}
26+
],
27+
"database_specific": {
28+
"cwe_ids": [
29+
"CWE-400"
30+
],
31+
"severity": "MODERATE",
32+
"github_reviewed": false,
33+
"github_reviewed_at": null,
34+
"nvd_published_at": "2026-06-10T00:16:51Z"
35+
}
36+
}

0 commit comments

Comments
 (0)