Maven package
org.springframework.ai/spring-ai-mariadb-store
pkg:maven/org.springframework.ai/spring-ai-mariadb-store
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-22730 | Hig | 8.8 | >= 1.1.0-M1, < 1.1.3 | 1.1.3 | Mar 18, 2026 | A critical SQL injection vulnerability in Spring AI's MariaDBFilterExpressionConverter allows attackers to bypass metadata-based access controls and execute arbitrary SQL commands. The vulnerability exists due to missing input sanitization. |
- affected >= 1.1.0-M1, < 1.1.3fixed 1.1.3
A critical SQL injection vulnerability in Spring AI's MariaDBFilterExpressionConverter allows attackers to bypass metadata-based access controls and execute arbitrary SQL commands. The vulnerability exists due to missing input sanitization.