Apex

**Name of the Vulnerable Software and Affected Versions** Spring AI versions 1.0.0 through 1.0.5 Spring AI versions 1.1.0 through 1.1.4 **Description** Various `FilterExpressionConverter` implementations fail to properly escape keys and values when translating filter expression objects into specific vector store query languages. This improper escaping allows for query injection, which can enable attackers to alter vector store queries, potentially leading to data exposure and tampering. **Recommendations** Update versions 1.0.0 through 1.0.5 to 1.0.6. Update versions 1.1.0 through 1.1.4 to 1.1.5.