Spring Security OAuth2 Client is vulnerable to Privilege Escalation. The vulnerability exists in the getTokenResponse
function in multiple files due to the authorization server responding with an OAuth2 access token response containing an empty scope list which allows an attacker to modify requests initiated by clients.
github.com/advisories/GHSA-32vj-v39g-jh23
github.com/spring-projects/spring-security/commit/2915a70bf786e2bd0780d686d432b9ba85617522
github.com/spring-projects/spring-security/commit/75004587a419a96d18909030b20c6b16b226ecbe
github.com/spring-projects/spring-security/issues/12101
github.com/spring-projects/spring-security/issues/12112
github.com/spring-projects/spring-security/releases/tag/5.6.9
github.com/spring-projects/spring-security/releases/tag/5.7.5
security.netapp.com/advisory/ntap-20221215-0010/
tanzu.vmware.com/security/cve-2022-31690