VYPR
Medium severity4.8GHSA Advisory· Published Dec 2, 2024· Updated Apr 15, 2026

CVE-2024-38827

CVE-2024-38827

Description

The usage of String.toLowerCase() and String.toUpperCase() has some Locale dependent exceptions that could potentially result in authorization rules not working properly.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.springframework.security:spring-security-coreMaven
< 5.7.145.7.14
org.springframework.security:spring-security-coreMaven
>= 5.8.0, < 5.8.165.8.16
org.springframework.security:spring-security-coreMaven
>= 6.0.0, < 6.0.146.0.14
org.springframework.security:spring-security-coreMaven
>= 6.1.0, < 6.1.126.1.12
org.springframework.security:spring-security-coreMaven
>= 6.2.0, < 6.2.86.2.8
org.springframework.security:spring-security-coreMaven
>= 6.3.0, < 6.3.56.3.5

Affected products

14

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.