漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
<Issue Description> Spring Security OAuth versions 2.5.x prior to 2.5.2 and older unsupported versions are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client application. A malicious user or attacker can send multiple requests initiating the Authorization Request for the Authorization Code Grant, which has the potential of exhausting system resources using a single session. This vulnerability exposes OAuth 2.0 Client applications only.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Pivotal Spring Security OAuth 资源管理错误漏洞
Vulnerability Description
Pivotal Spring Security OAuth是美国Pivotal公司的一款为SpringWeb应用程序添加OAuth1和OAuth2功能提供支持的登录系统。 Pivotal Spring Security OAuth 2.5.2 版本之前的 2.5 版本存在资源管理错误漏洞。攻击者可以发送多个请求来启动授权代码授予的授权请求,这有可能使用单个会话耗尽系统资源。
CVSS Information
N/A
Vulnerability Type
N/A