From 169a0633c003757a9e4eb0acada9122a09deec59 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcel=20St=C3=B6r?= Date: Wed, 17 Jun 2026 08:14:07 +0200 Subject: [PATCH] Improve GHSA-293q-567p-wmwq --- .../GHSA-293q-567p-wmwq.json | 25 +++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) diff --git a/advisories/unreviewed/2026/06/GHSA-293q-567p-wmwq/GHSA-293q-567p-wmwq.json b/advisories/unreviewed/2026/06/GHSA-293q-567p-wmwq/GHSA-293q-567p-wmwq.json index bd34e0de11506..08e839bbb1a78 100644 --- a/advisories/unreviewed/2026/06/GHSA-293q-567p-wmwq/GHSA-293q-567p-wmwq.json +++ b/advisories/unreviewed/2026/06/GHSA-293q-567p-wmwq/GHSA-293q-567p-wmwq.json @@ -1,11 +1,12 @@ { "schema_version": "1.4.0", "id": "GHSA-293q-567p-wmwq", - "modified": "2026-06-10T00:31:53Z", + "modified": "2026-06-10T00:32:00Z", "published": "2026-06-10T00:31:53Z", "aliases": [ "CVE-2026-47838" ], + "summary": "Unauthorized User Impersonation when Using X.509 Client Certificates", "details": "SubjectDnX509PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the username. In a carefully crafted certificate, this can lead to an attacker impersonating another user.\n\nAffected versions:\nSpring Security 5.7.0 through 5.7.24; 5.8.0 through 5.8.26; 6.3.0 through 6.3.17; 6.4.0 through 6.4.17; 6.5.0 through 6.5.10.", "severity": [ { @@ -13,7 +14,27 @@ "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], - "affected": [], + "affected": [ + { + "package": { + "ecosystem": "Maven", + "name": "org.springframework.security:spring-security-web" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "6.5.11" + } + ] + } + ] + } + ], "references": [ { "type": "ADVISORY",