Skip to content

Vulnerabilites fixes on spring security for azure & ibm and oauth2 for azure

Jayesh Bagul requested to merge az/jb_vulnerabilities_147 into master

Vulnerabilities fixes on spring security for azure & ibm and oauth2 for azure.

-- Issue: Spring Security authorization rules can be bypassed via forward or include dispatcher types in org.springframework.security/spring-security-web
https://community.opengroup.org/osdu/platform/data-flow/ingestion/ingestion-workflow/-/security/vulnerabilities/27105
https://community.opengroup.org/osdu/platform/data-flow/ingestion/ingestion-workflow/-/security/vulnerabilities/27106

-- Issue: # Spring Security authorization rules can be bypassed via forward or include dispatcher types in org.springframework.security/spring-security-web
https://community.opengroup.org/osdu/platform/data-flow/ingestion/ingestion-workflow/-/security/vulnerabilities/25074

Non-vulnerable versions are updated.

Edited by Jayesh Bagul

Merge request reports

Loading