admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2024/CVE-2024-38827.md
0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00

18 lines
851 B
Markdown
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

### [CVE-2024-38827](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38827)
![](https://img.shields.io/static/v1?label=Product&message=Spring%20Security&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=5.7.0%20-%205.7.13%2C%205.8.0%20-%205.8.15%2C%206.0.0%20-%206.0.13%2C%206.1.0%20-%206.1.11%2C%206.2.0%20-%206.2.7%2C%206.3.0%20-%206.3.4%2C%20Older%20unsupported%20versions%20are%20also%20affected%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-639&color=brightgreen)
### Description
The usage of String.toLowerCase() and String.toUpperCase() has some Locale dependent exceptions that could potentially result in authorization rules not working properly.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/zhanpengliu-tencent/medium-cve
Reference in New Issue View Git Blame Copy Permalink