CVE-2024-38820
CVE-2024-38820
Description
CVE-2024-38820 is a vulnerability in Spring Framework's DataBinder that could potentially allow attackers to bypass property access restrictions through manipulation of allowed fields.
Severity
Low - After thorough code analysis across rundeck
, rundeckpro
, and rundeck-plugins
repositories, no direct or indirect usage of DataBinder, disallowedFields, or setDisallowedFields was identified. The only matches found were in binary files, which does not indicate active use of the vulnerable functionality.
Affected Versions
Since the vulnerable component is not used in Rundeck codebases, no versions are directly affected by this vulnerability.