{"id":"CVE-2018-1272","details":"Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, provide client-side support for multipart requests. When Spring MVC or Spring WebFlux server application (server A) receives input from a remote client, and then uses that input to make a multipart request to another server (server B), it can be exposed to an attack, where an extra multipart is inserted in the content of the request from server A, causing server B to use the wrong value for a part it expects. This could to lead privilege escalation, for example, if the part content represents a username or user roles.","aliases":["GHSA-4487-x383-qpph"],"modified":"2026-04-10T04:05:00.950295Z","published":"2018-04-06T13:29:00.563Z","references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:2669"},{"type":"ADVISORY","url":"https://pivotal.io/security/cve-2018-1272"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:1320"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/103697"},{"type":"FIX","url":"https://www.oracle.com/security-alerts/cpuoct2021.html"},{"type":"FIX","url":"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"},{"type":"FIX","url":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"type":"FIX","url":"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"},{"type":"FIX","url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"},{"type":"FIX","url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/spring-projects/spring-framework","events":[{"introduced":"b49d801f241fb8088a5b7514db93fda32c58731c"},{"fixed":"89932891ec67df1f716e65f09826f2647baf2f17"},{"introduced":"f4f990b2c900a9b325fd0770d9064a188d073253"},{"fixed":"4b9bc50fd057bb20278dc137820159f600cce324"},{"introduced":"0"},{"fixed":"3767abea3a9ec4b76257c1f98d65bd9da57afd28"},{"introduced":"0"},{"last_affected":"30604ae861d378669a9719918f3068dadcc5aed5"},{"introduced":"0"},{"last_affected":"30604ae861d378669a9719918f3068dadcc5aed5"},{"introduced":"0"},{"last_affected":"299f8b15ad1f74ca769b396d915e8369623279f2"},{"introduced":"0"},{"last_affected":"5acffaa72da10ba42fe547eeea44d8615cbf99b9"},{"introduced":"0"},{"last_affected":"5a30a43b753a971ac8bf4005a8ccddeaff439d7e"},{"introduced":"0"},{"last_affected":"9d37de186ce38a24bff1132c02a4007335639c1b"},{"introduced":"0"},{"last_affected":"f07eed2b28b4b51e4f2167f2ec6cd4d8bd9295ad"},{"introduced":"0"},{"last_affected":"927b8c15ef20eaaa4002d4b2170cc536a6d6aa35"}],"database_specific":{"versions":[{"introduced":"4.3.0"},{"fixed":"4.3.15"},{"introduced":"5.0"},{"fixed":"5.0.5"},{"introduced":"0"},{"fixed":"7.0.0.1"},{"introduced":"0"},{"last_affected":"3.0"},{"introduced":"0"},{"last_affected":"3.0"},{"introduced":"0"},{"last_affected":"4.0"},{"introduced":"0"},{"last_affected":"5.3.0"},{"introduced":"0"},{"last_affected":"6.0.0"},{"introduced":"0"},{"last_affected":"6.0.1"},{"introduced":"0"},{"last_affected":"5.1"},{"introduced":"0"},{"last_affected":"5.2"}]}}],"versions":["v3.0.0.RELEASE","v3.2.0.M1","v3.2.0.M2","v3.2.0.RC1","v3.2.0.RC2-A","v3.2.0.RELEASE","v4.0.0.M1","v4.0.0.M2","v4.0.0.M3","v4.0.0.RC1","v4.0.0.RC2","v4.0.0.RELEASE","v5.1.0.RELEASE","v5.2.0.RELEASE","v5.3.0","v6.0.0","v6.0.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1272.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"12.5.0.3"}]},{"events":[{"introduced":"0"},{"last_affected":"13.1.0.1"}]},{"events":[{"introduced":"0"},{"last_affected":"13.2.0.1"}]},{"events":[{"introduced":"0"},{"last_affected":"13.3.0.1"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.0"}]},{"events":[{"introduced":"0"},{"fixed":"8.3"}]},{"events":[{"introduced":"0"},{"fixed":"10.2.1"}]},{"events":[{"introduced":"0"},{"fixed":"6.1.0.4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"12.2.2"}]},{"events":[{"introduced":"0"},{"last_affected":"12.3.3"}]},{"events":[{"introduced":"0"},{"last_affected":"12.2.0.1"}]},{"events":[{"introduced":"0"},{"last_affected":"12.3.1.1"}]},{"events":[{"introduced":"0"},{"last_affected":"12.3.2.1"}]},{"events":[{"introduced":"0"},{"last_affected":"10.1.1"}]},{"events":[{"introduced":"0"},{"last_affected":"10.2"}]},{"events":[{"introduced":"0"},{"last_affected":"10.2.1"}]},{"events":[{"introduced":"0"},{"last_affected":"10.0"}]},{"events":[{"introduced":"0"},{"last_affected":"10.1"}]},{"events":[{"introduced":"0"},{"last_affected":"10.2"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0"}]},{"events":[{"introduced":"0"},{"last_affected":"11.1"}]},{"events":[{"introduced":"0"},{"last_affected":"15.2"}]},{"events":[{"introduced":"0"},{"last_affected":"16.2"}]},{"events":[{"introduced":"0"},{"last_affected":"17.12"}]},{"events":[{"introduced":"0"},{"last_affected":"14.0"}]},{"events":[{"introduced":"0"},{"last_affected":"14.1"}]},{"events":[{"introduced":"0"},{"last_affected":"14.0"}]},{"events":[{"introduced":"0"},{"last_affected":"14.1"}]},{"events":[{"introduced":"0"},{"last_affected":"15.0"}]},{"events":[{"introduced":"0"},{"last_affected":"16.0"}]},{"events":[{"introduced":"0"},{"last_affected":"14.0.1"}]},{"events":[{"introduced":"0"},{"last_affected":"14.0.2"}]},{"events":[{"introduced":"0"},{"last_affected":"14.0.3"}]},{"events":[{"introduced":"0"},{"last_affected":"14.0.4"}]},{"events":[{"introduced":"0"},{"last_affected":"14.1.1"}]},{"events":[{"introduced":"0"},{"last_affected":"14.1.2"}]},{"events":[{"introduced":"0"},{"last_affected":"14.1.3"}]},{"events":[{"introduced":"0"},{"last_affected":"15.0.0.1"}]},{"events":[{"introduced":"0"},{"last_affected":"15.0.1"}]},{"events":[{"introduced":"0"},{"last_affected":"15.0.2"}]},{"events":[{"introduced":"0"},{"last_affected":"16.0"}]},{"events":[{"introduced":"0"},{"last_affected":"16.0.1"}]},{"events":[{"introduced":"0"},{"last_affected":"16.0.2"}]},{"events":[{"introduced":"0"},{"last_affected":"15.0"}]},{"events":[{"introduced":"0"},{"last_affected":"16.0"}]},{"events":[{"introduced":"0"},{"last_affected":"14.0"}]},{"events":[{"introduced":"0"},{"last_affected":"14.1"}]},{"events":[{"introduced":"0"},{"last_affected":"14.0"}]},{"events":[{"introduced":"0"},{"last_affected":"14.1"}]},{"events":[{"introduced":"0"},{"last_affected":"15.0"}]},{"events":[{"introduced":"0"},{"last_affected":"16.0"}]},{"events":[{"introduced":"0"},{"last_affected":"14.0"}]},{"events":[{"introduced":"0"},{"last_affected":"14.1"}]},{"events":[{"introduced":"0"},{"last_affected":"12.1.3.0.0"}]},{"events":[{"introduced":"0"},{"last_affected":"12.2.2.0.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.4"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}