Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdxOWMtaDIzeC02NWZx
Spring Security OAuth vulnerable to remote code execution (RCE) via specially crafted request using whitelabel views
When processing authorization requests using the whitelabel views in Spring Security OAuth 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5, the response_type parameter value was executed as Spring SpEL which enabled a malicious user to trigger remote code execution via the crafting of the value for response_type.
Permalink: https://github.com/advisories/GHSA-7q9c-h23x-65fqJSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdxOWMtaDIzeC02NWZx
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: over 5 years ago
Updated: over 1 year ago
CVSS Score: 8.8
CVSS vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Identifiers: GHSA-7q9c-h23x-65fq, CVE-2016-4977
References:
- https://nvd.nist.gov/vuln/detail/CVE-2016-4977
- https://github.com/advisories/GHSA-7q9c-h23x-65fq
- https://lists.apache.org/thread.html/0841d849c23418c473ccb9183cbf41a317cb0476e44be48022ce3488@%3Cdev.fineract.apache.org%3E
- https://lists.apache.org/thread.html/37d7e820fc65a768de3e096e98382d5529a52a039f093e59357d0bc0@%3Cdev.fineract.apache.org%3E
- https://lists.apache.org/thread.html/5e6dd946635bbcc9e1f2591599ad0fab54f2dc3714196af3b17893f2@%3Cannounce.apache.org%3E
- https://lists.apache.org/thread.html/96c017115069408cec5e82ce1e6293facab398011f6db7e1befbe274@%3Cdev.fineract.apache.org%3E
- https://pivotal.io/security/cve-2016-4977
- http://www.openwall.com/lists/oss-security/2019/10/16/1
Affected Packages
maven:org.springframework.security.oauth:spring-security-oauth2
Dependent packages: 461Dependent repositories: 9,309
Downloads:
Affected Version Ranges: < 2.0.10
Fixed in: 2.0.10
All affected versions:
All unaffected versions: