إرسال #798600: baomidou dynamic-datasource 2.5.0+ SpEL Injectionالمعلومات

عنوانbaomidou dynamic-datasource 2.5.0+ SpEL Injection
الوصفdynamic-datasource evaluates @DS values as SpEL expressions in DsSpelExpressionProcessor#doDetermineDatasource using StandardEvaluationContext and SpelExpressionParser without input restriction. When applications use patterns like @DS("#tenant") and bind tenant from untrusted request input, attacker-controlled expressions can be evaluated at runtime. This enables expression injection and can lead to remote code execution depending on runtime exposure and expression payload.
المصدر⚠️ https://github.com/baomidou/dynamic-datasource/issues/766
المستخدم
 Winegee (UID 96308)
ارسال07/04/2026 09:39 AM (20 أيام منذ)
الاعتدال25/04/2026 06:10 PM (18 days later)
الحالةتمت الموافقة
إدخال VulDB359624 [baomidou dynamic-datasource 2.5.0 StandardEvaluationContext/SpelExpressionParser DsSpelExpressionProcessor.java DsSpelExpressionProcessor#doDetermineDatasource تجاوز الصلاحيات]
النقاط20

التالي نظرة عامة السابق

Do you need the next level of professionalism?

Upgrade your account now!