CVE-2023-20862 – spring-security: Empty SecurityContext Is Not Properly Saved Upon Logout
https://notcve.org/view.php?id=CVE-2023-20862
In Spring Security, versions 5.7.x prior to 5.7.8, versions 5.8.x prior to 5.8.3, and versions 6.0.x prior to 6.0.3, the logout support does not properly clean the security context if using serialized versions. Additionally, it is not possible to explicitly save an empty security context to the HttpSessionSecurityContextRepository. This vulnerability can keep users authenticated even after they performed logout. Users of affected versions should apply the following mitigation. 5.7.x users should upgrade to 5.7.8. 5.8.x users should upgrade to 5.8.3. 6.0.x users should upgrade to 6.0.3. A flaw was found in Spring Security. • https://security.netapp.com/advisory/ntap-20230526-0002 https://spring.io/security/cve-2023-20862 https://access.redhat.com/security/cve/CVE-2023-20862 https://bugzilla.redhat.com/show_bug.cgi?id=2227788 • CWE-459: Incomplete Cleanup •
CVE-2023-20863 – springframework: Spring Expression DoS Vulnerability
https://notcve.org/view.php?id=CVE-2023-20863
In spring framework versions prior to 5.2.24 release+ ,5.3.27+ and 6.0.8+ , it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition. A flaw was found in Spring Framework. Certain versions of Spring Framework's Expression Language were not restricting the size of Spring Expressions. This could allow an attacker to craft a malicious Spring Expression to cause a denial of service on the server. • https://security.netapp.com/advisory/ntap-20240524-0015 https://spring.io/security/cve-2023-20863 https://access.redhat.com/security/cve/CVE-2023-20863 https://bugzilla.redhat.com/show_bug.cgi?id=2187742 • CWE-400: Uncontrolled Resource Consumption CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') •
CVE-2023-20866
https://notcve.org/view.php?id=CVE-2023-20866
In Spring Session version 3.0.0, the session id can be logged to the standard output stream. This vulnerability exposes sensitive information to those who have access to the application logs and can be used for session hijacking. Specifically, an application is vulnerable if it is using HeaderHttpSessionIdResolver. • https://spring.io/security/cve-2023-20866 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2023-0198
https://notcve.org/view.php?id=CVE-2023-0198
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where improper restriction of operations within the bounds of a memory buffer can lead to denial of service, information disclosure, and data tampering. • https://nvidia.custhelp.com/app/answers/detail/a_id/5452 https://security.gentoo.org/glsa/202310-02 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2023-0197
https://notcve.org/view.php?id=CVE-2023-0197
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious user in a guest VM can cause a NULL-pointer dereference, which may lead to denial of service. • https://nvidia.custhelp.com/app/answers/detail/a_id/5452 • CWE-476: NULL Pointer Dereference •