{"id":"CVE-2018-15801","details":"Spring Security versions 5.1.x prior to 5.1.2 contain an authorization bypass vulnerability during JWT issuer validation. In order to be impacted, the same private key for an honest issuer and a malicious user must be used when signing JWTs. In that case, a malicious user could fashion signed JWTs with the malicious issuer URL that may be granted for the honest issuer.","aliases":["GHSA-27xw-p8v6-9jjr"],"modified":"2026-03-14T09:28:05.091786Z","published":"2018-12-19T22:29:00.593Z","references":[{"type":"ADVISORY","url":"https://pivotal.io/security/cve-2018-15801"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/spring-projects/spring-framework","events":[{"introduced":"f07eed2b28b4b51e4f2167f2ec6cd4d8bd9295ad"},{"fixed":"a0880f7ea97a0329aaf1b7dbe0877eca10f060f8"}],"database_specific":{"versions":[{"introduced":"5.1.0"},{"fixed":"5.1.2"}]}}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-15801.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}]}