CVE-2018-1258

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-1258

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-1258.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2018-1258

Aliases

GHSA-cxrj-66c5-9fmh

Withdrawn

2024-05-08T06:49:59.670817Z

Published

2018-05-11T20:29:00Z

Modified

2023-11-28T15:47:25.109004Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted.

References

Affected packages

Git / github.com/libfuse/libfuse

Affected ranges

Type: GIT
Repo: https://github.com/libfuse/libfuse
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

cfdca8c6a0f901f409d0a66dd158bd6c8b470bb6

Last affected

d2ed5539fc406008816e9c65b44e2f1d0554ffbe

Last affected

1186ccaa8d5f0fb3fed384781ec9e89dd8060202

Last affected

1ac9ca5636f3309b86eab007dfe863d14f52e329

Affected versions

Other

before_interruptible

debian_version_0_95-1

debian_version_1_0-1

fuse_0_9

fuse_0_95

fuse_1_1

fuse_1_1_pre2

fuse_1_9

fuse_2_2

fuse_2_2_pre1

fuse_2_2_pre4

fuse_2_2_pre5

fuse_2_2_pre6

fuse_2_3_0

fuse_2_3_pre1

fuse_2_3_pre2

fuse_2_3_pre3

fuse_2_3_pre4

fuse_2_3_pre5

fuse_2_3_pre6

fuse_2_3_pre7

fuse_2_3_rc1

fuse_2_4_0

fuse_2_4_0_pre2

fuse_2_4_0_rc1

fuse_2_4_1

fuse_2_5_0

fuse_2_5_0_pre1

fuse_2_5_0_pre2

fuse_2_6_0

fuse_2_6_0_pre1

fuse_2_6_0_pre2

fuse_2_6_0_pre3

fuse_2_6_0_rc1

fuse_2_6_0_rc2

fuse_2_6_0_rc3

fuse_2_6_1

fuse_2_7_0

fuse_2_7_0_rc1

fuse_2_7_1

fuse_2_7_2

fuse_2_7_2_before_indent

fuse_2_8_0

fuse_2_8_0_pre2

fuse_2_8_1

fuse_2_8_2

fuse_2_8_3

fuse_2_8_4

fuse_2_8_start

fuse_2_9_0

fuse_2_9_1

fuse_2_9_2

fuse_2_9_3

fuse_2_9_start

fuse_3_0_start

start

fuse-3.*

fuse-3.0.0

fuse-3.0.0pre0

fuse-3.0.0rc1

fuse-3.0.0rc2

fuse-3.0.0rc3

fuse-3.0.1

fuse-3.0.2

fuse-3.1.0

fuse-3.1.1

fuse-3.2.0