An application using spring-security-saml2-service-provider and the REDIRECT binding for SAML 2.0 Login or Logout may be vulnerable to a denial of service by way of an unbounded writer that inflates the compressed SAML payload into memory. Affected versions: Spring Security 5.7.0 through 5.7.23; 5.8.0 through 5.8.25; 6.3.0 through 6.3.16; 6.4.0 through 6.4.16; 6.5.0 through 6.5.10; 7.0.0 through 7.0.5.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HVMware Spring Security
APPVmware5.7.0 – 5.7.24 (bez)5.8.0 – 5.8.26 (bez)6.3.0 – 6.3.17 (bez)6.4.0 – 6.4.17 (bez)6.5.0 – 6.5.11 (bez)7.0.0 – 7.0.6 (bez)
Related vulnerabilities
VMware Spring Security — brak zapisu nagłówków HTTP odpowiedzi
Using "**" as a pattern in Spring Security configuration for WebFlux creates a mismatch in pattern matching b...
Spring Security, versions 5.7 prior to 5.7.5 and 5.6 prior to 5.6.9 could be susceptible to authorization rule...
In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+ and older unsupported versions, RegexRequestMatc...
When using the CAS Proxy ticket authentication from Spring Security 3.1 to 3.2.4 a malicious CAS Service could...