PT-2026-25939 · Vmware · Spring Ai
Blackf0G
·
Publicado
2026-03-17
·
Atualizado
2026-04-10
·
CVE-2026-22729
CVSS v3.1
8.6
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Spring AI versions prior to 1.0.4 and 1.1.3
Description
A JSONPath injection issue exists in Spring AI’s
AbstractFilterExpressionConverter. Authenticated users can bypass metadata-based access controls by using crafted filter expressions. User-controlled input provided to FilterExpressionBuilder is incorporated into JSONPath queries without sufficient sanitization. This allows attackers to inject arbitrary JSONPath logic, potentially granting access to unauthorized documents. The issue arises because special characters, such as ", ||, and &&, are not properly escaped before being included in JSONPath queries, enabling manipulation of the query’s intended behavior. The vulnerability impacts applications utilizing vector stores that extend AbstractFilterExpressionConverter for multi-tenant isolation, role-based access control, or document filtering based on metadata.Recommendations
Update Spring AI to version 1.0.4 or 1.1.3.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Spring Ai