Home
HIGH: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HDefault status
unaffected
5.7.0 (custom) before 5.7.24
affected
5.8.0 (custom) before 5.8.26
affected
6.3.0 (custom) before 6.3.17
affected
6.4.0 (custom) before 6.4.17
affected
6.5.0 (custom) before 6.5.11
affected
7.0.0 (custom) before 7.0.6
affected
Description
An application using spring-security-saml2-service-provider and the REDIRECT binding for SAML 2.0 Login or Logout may be vulnerable to a denial of service by way of an unbounded writer that inflates the compressed SAML payload into memory. Affected versions: Spring Security 5.7.0 through 5.7.23; 5.8.0 through 5.8.25; 6.3.0 through 6.3.16; 6.4.0 through 6.4.16; 6.5.0 through 6.5.10; 7.0.0 through 7.0.5.
Problem types
CWE-400: Uncontrolled Resource Consumption
Product status
5.7.0 (custom) before 5.7.24
5.8.0 (custom) before 5.8.26
6.3.0 (custom) before 6.3.17
6.4.0 (custom) before 6.4.17
6.5.0 (custom) before 6.5.11
7.0.0 (custom) before 7.0.6
References
spring.io/security/cve-2026-40988