-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe vulnerable functions are identified based on their relation to the LifecycleAwareSessionManager class and the process of token revocation. The destroy method is directly mentioned in the vulnerability description, making it a primary candidate. Other methods within LifecycleAwareSessionManager related to token revocation are also considered vulnerable due to their potential involvement in logging sensitive information.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.springframework.vault:spring-vault-core | maven | >= 3.0.0, < 3.0.2 | 3.0.2 |
| org.springframework.vault:spring-vault-core | maven | < 2.3.3 | 2.3.3 |