Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for sa-token by dromara

    CVE-2025-15222 (GCVE-0-2025-15222)

    Vulnerability from nvd – Published: 2025-12-30 05:32 – Updated: 2025-12-30 14:56
    VLAI
    Title
    Dromara Sa-Token SaSerializerTemplateForJdkUseBase64.java ObjectInputStream.readObject deserialization
    Summary
    A vulnerability has been found in Dromara Sa-Token up to 1.44.0. This issue affects the function ObjectInputStream.readObject of the file SaSerializerTemplateForJdkUseBase64.java. Such manipulation leads to deserialization. The attack can be executed remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.338607 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.338607 signaturepermissions-required
    https://vuldb.com/?submit.717703 third-party-advisory
    https://github.com/Yohane-Mashiro/satoken-deseria… exploit
    Impacted products
    Vendor Product Version
    Dromara Sa-Token Affected: 1.0
    Affected: 1.1
    Affected: 1.2
    Affected: 1.3
    Affected: 1.4
    Affected: 1.5
    Affected: 1.6
    Affected: 1.7
    Affected: 1.8
    Affected: 1.9
    Affected: 1.10
    Affected: 1.11
    Affected: 1.12
    Affected: 1.13
    Affected: 1.14
    Affected: 1.15
    Affected: 1.16
    Affected: 1.17
    Affected: 1.18
    Affected: 1.19
    Affected: 1.20
    Affected: 1.21
    Affected: 1.22
    Affected: 1.23
    Affected: 1.24
    Affected: 1.25
    Affected: 1.26
    Affected: 1.27
    Affected: 1.28
    Affected: 1.29
    Affected: 1.30
    Affected: 1.31
    Affected: 1.32
    Affected: 1.33
    Affected: 1.34
    Affected: 1.35
    Affected: 1.36
    Affected: 1.37
    Affected: 1.38
    Affected: 1.39
    Affected: 1.40
    Affected: 1.41
    Affected: 1.42
    Affected: 1.43
    Affected: 1.44.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-15222",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-30T14:56:24.666723Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-30T14:56:32.958Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Sa-Token",
              "vendor": "Dromara",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0"
                },
                {
                  "status": "affected",
                  "version": "1.1"
                },
                {
                  "status": "affected",
                  "version": "1.2"
                },
                {
                  "status": "affected",
                  "version": "1.3"
                },
                {
                  "status": "affected",
                  "version": "1.4"
                },
                {
                  "status": "affected",
                  "version": "1.5"
                },
                {
                  "status": "affected",
                  "version": "1.6"
                },
                {
                  "status": "affected",
                  "version": "1.7"
                },
                {
                  "status": "affected",
                  "version": "1.8"
                },
                {
                  "status": "affected",
                  "version": "1.9"
                },
                {
                  "status": "affected",
                  "version": "1.10"
                },
                {
                  "status": "affected",
                  "version": "1.11"
                },
                {
                  "status": "affected",
                  "version": "1.12"
                },
                {
                  "status": "affected",
                  "version": "1.13"
                },
                {
                  "status": "affected",
                  "version": "1.14"
                },
                {
                  "status": "affected",
                  "version": "1.15"
                },
                {
                  "status": "affected",
                  "version": "1.16"
                },
                {
                  "status": "affected",
                  "version": "1.17"
                },
                {
                  "status": "affected",
                  "version": "1.18"
                },
                {
                  "status": "affected",
                  "version": "1.19"
                },
                {
                  "status": "affected",
                  "version": "1.20"
                },
                {
                  "status": "affected",
                  "version": "1.21"
                },
                {
                  "status": "affected",
                  "version": "1.22"
                },
                {
                  "status": "affected",
                  "version": "1.23"
                },
                {
                  "status": "affected",
                  "version": "1.24"
                },
                {
                  "status": "affected",
                  "version": "1.25"
                },
                {
                  "status": "affected",
                  "version": "1.26"
                },
                {
                  "status": "affected",
                  "version": "1.27"
                },
                {
                  "status": "affected",
                  "version": "1.28"
                },
                {
                  "status": "affected",
                  "version": "1.29"
                },
                {
                  "status": "affected",
                  "version": "1.30"
                },
                {
                  "status": "affected",
                  "version": "1.31"
                },
                {
                  "status": "affected",
                  "version": "1.32"
                },
                {
                  "status": "affected",
                  "version": "1.33"
                },
                {
                  "status": "affected",
                  "version": "1.34"
                },
                {
                  "status": "affected",
                  "version": "1.35"
                },
                {
                  "status": "affected",
                  "version": "1.36"
                },
                {
                  "status": "affected",
                  "version": "1.37"
                },
                {
                  "status": "affected",
                  "version": "1.38"
                },
                {
                  "status": "affected",
                  "version": "1.39"
                },
                {
                  "status": "affected",
                  "version": "1.40"
                },
                {
                  "status": "affected",
                  "version": "1.41"
                },
                {
                  "status": "affected",
                  "version": "1.42"
                },
                {
                  "status": "affected",
                  "version": "1.43"
                },
                {
                  "status": "affected",
                  "version": "1.44.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been found in Dromara Sa-Token up to 1.44.0. This issue affects the function ObjectInputStream.readObject of the file SaSerializerTemplateForJdkUseBase64.java. Such manipulation leads to deserialization. The attack can be executed remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 2.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.6,
                "vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-502",
                  "description": "Deserialization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-30T05:32:05.705Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-338607 | Dromara Sa-Token SaSerializerTemplateForJdkUseBase64.java ObjectInputStream.readObject deserialization",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.338607"
            },
            {
              "name": "VDB-338607 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.338607"
            },
            {
              "name": "Submit #717703 | https://github.com/dromara/sa-token Sa-Token \u003c=1.44.0 Deserialization",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.717703"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/Yohane-Mashiro/satoken-deserialization"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-12-28T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2025-12-28T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2025-12-28T17:05:34.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Dromara Sa-Token SaSerializerTemplateForJdkUseBase64.java ObjectInputStream.readObject deserialization"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2025-15222",
        "datePublished": "2025-12-30T05:32:05.705Z",
        "dateReserved": "2025-12-28T16:00:29.649Z",
        "dateUpdated": "2025-12-30T14:56:32.958Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-15117 (GCVE-0-2025-15117)

    Vulnerability from nvd – Published: 2025-12-28 02:32 – Updated: 2025-12-29 16:39
    VLAI
    Title
    Dromara Sa-Token SaJdkSerializer.java ObjectInputStream.readObject deserialization
    Summary
    A weakness has been identified in Dromara Sa-Token up to 1.44.0. This affects the function ObjectInputStream.readObject of the file SaJdkSerializer.java. Executing manipulation can lead to deserialization. The attack may be launched remotely. This attack is characterized by high complexity. It is indicated that the exploitability is difficult. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.338495 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.338495 signaturepermissions-required
    https://vuldb.com/?submit.711750 third-party-advisory
    https://github.com/Yohane-Mashiro/Sa-Token-cve related
    Impacted products
    Vendor Product Version
    Dromara Sa-Token Affected: 1.0
    Affected: 1.1
    Affected: 1.2
    Affected: 1.3
    Affected: 1.4
    Affected: 1.5
    Affected: 1.6
    Affected: 1.7
    Affected: 1.8
    Affected: 1.9
    Affected: 1.10
    Affected: 1.11
    Affected: 1.12
    Affected: 1.13
    Affected: 1.14
    Affected: 1.15
    Affected: 1.16
    Affected: 1.17
    Affected: 1.18
    Affected: 1.19
    Affected: 1.20
    Affected: 1.21
    Affected: 1.22
    Affected: 1.23
    Affected: 1.24
    Affected: 1.25
    Affected: 1.26
    Affected: 1.27
    Affected: 1.28
    Affected: 1.29
    Affected: 1.30
    Affected: 1.31
    Affected: 1.32
    Affected: 1.33
    Affected: 1.34
    Affected: 1.35
    Affected: 1.36
    Affected: 1.37
    Affected: 1.38
    Affected: 1.39
    Affected: 1.40
    Affected: 1.41
    Affected: 1.42
    Affected: 1.43
    Affected: 1.44.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-15117",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-29T16:39:02.612264Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-29T16:39:15.402Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Sa-Token",
              "vendor": "Dromara",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0"
                },
                {
                  "status": "affected",
                  "version": "1.1"
                },
                {
                  "status": "affected",
                  "version": "1.2"
                },
                {
                  "status": "affected",
                  "version": "1.3"
                },
                {
                  "status": "affected",
                  "version": "1.4"
                },
                {
                  "status": "affected",
                  "version": "1.5"
                },
                {
                  "status": "affected",
                  "version": "1.6"
                },
                {
                  "status": "affected",
                  "version": "1.7"
                },
                {
                  "status": "affected",
                  "version": "1.8"
                },
                {
                  "status": "affected",
                  "version": "1.9"
                },
                {
                  "status": "affected",
                  "version": "1.10"
                },
                {
                  "status": "affected",
                  "version": "1.11"
                },
                {
                  "status": "affected",
                  "version": "1.12"
                },
                {
                  "status": "affected",
                  "version": "1.13"
                },
                {
                  "status": "affected",
                  "version": "1.14"
                },
                {
                  "status": "affected",
                  "version": "1.15"
                },
                {
                  "status": "affected",
                  "version": "1.16"
                },
                {
                  "status": "affected",
                  "version": "1.17"
                },
                {
                  "status": "affected",
                  "version": "1.18"
                },
                {
                  "status": "affected",
                  "version": "1.19"
                },
                {
                  "status": "affected",
                  "version": "1.20"
                },
                {
                  "status": "affected",
                  "version": "1.21"
                },
                {
                  "status": "affected",
                  "version": "1.22"
                },
                {
                  "status": "affected",
                  "version": "1.23"
                },
                {
                  "status": "affected",
                  "version": "1.24"
                },
                {
                  "status": "affected",
                  "version": "1.25"
                },
                {
                  "status": "affected",
                  "version": "1.26"
                },
                {
                  "status": "affected",
                  "version": "1.27"
                },
                {
                  "status": "affected",
                  "version": "1.28"
                },
                {
                  "status": "affected",
                  "version": "1.29"
                },
                {
                  "status": "affected",
                  "version": "1.30"
                },
                {
                  "status": "affected",
                  "version": "1.31"
                },
                {
                  "status": "affected",
                  "version": "1.32"
                },
                {
                  "status": "affected",
                  "version": "1.33"
                },
                {
                  "status": "affected",
                  "version": "1.34"
                },
                {
                  "status": "affected",
                  "version": "1.35"
                },
                {
                  "status": "affected",
                  "version": "1.36"
                },
                {
                  "status": "affected",
                  "version": "1.37"
                },
                {
                  "status": "affected",
                  "version": "1.38"
                },
                {
                  "status": "affected",
                  "version": "1.39"
                },
                {
                  "status": "affected",
                  "version": "1.40"
                },
                {
                  "status": "affected",
                  "version": "1.41"
                },
                {
                  "status": "affected",
                  "version": "1.42"
                },
                {
                  "status": "affected",
                  "version": "1.43"
                },
                {
                  "status": "affected",
                  "version": "1.44.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A weakness has been identified in Dromara Sa-Token up to 1.44.0. This affects the function ObjectInputStream.readObject of the file SaJdkSerializer.java. Executing manipulation can lead to deserialization. The attack may be launched remotely. This attack is characterized by high complexity. It is indicated that the exploitability is difficult. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 2.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 3.1,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 3.1,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 2.1,
                "vectorString": "AV:N/AC:H/Au:S/C:N/I:N/A:P/E:ND/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-502",
                  "description": "Deserialization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-28T02:32:05.652Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-338495 | Dromara Sa-Token SaJdkSerializer.java ObjectInputStream.readObject deserialization",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.338495"
            },
            {
              "name": "VDB-338495 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.338495"
            },
            {
              "name": "Submit #711750 | github.com/dromara/Sa-Token Sa-Token \u003c=1.44.0 Deserialization",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.711750"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/Yohane-Mashiro/Sa-Token-cve"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-12-27T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2025-12-27T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2025-12-27T09:50:51.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Dromara Sa-Token SaJdkSerializer.java ObjectInputStream.readObject deserialization"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2025-15117",
        "datePublished": "2025-12-28T02:32:05.652Z",
        "dateReserved": "2025-12-27T08:45:42.246Z",
        "dateUpdated": "2025-12-29T16:39:15.402Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-44794 (GCVE-0-2023-44794)

    Vulnerability from nvd – Published: 2023-10-25 00:00 – Updated: 2024-09-12 14:31
    VLAI
    Summary
    An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-284 - Improper Access Control
    Assigner
    References
    Impacted products
    Vendor Product Version
    dromara sa-token Affected: 0 , ≤ 1.36.0 (custom)
        cpe:2.3:a:dromara:sa-token:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T20:07:33.450Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/dromara/Sa-Token/issues/515"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:dromara:sa-token:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sa-token",
                "vendor": "dromara",
                "versions": [
                  {
                    "lessThanOrEqual": "1.36.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-44794",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-11T19:20:51.886391Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-284",
                    "description": "CWE-284 Improper Access Control",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-12T14:31:44.414Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-25T05:34:54.056Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/dromara/Sa-Token/issues/515"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-44794",
        "datePublished": "2023-10-25T00:00:00.000Z",
        "dateReserved": "2023-10-02T00:00:00.000Z",
        "dateUpdated": "2024-09-12T14:31:44.414Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-43961 (GCVE-0-2023-43961)

    Vulnerability from nvd – Published: 2023-10-25 00:00 – Updated: 2024-09-11 19:34
    VLAI
    Summary
    An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-863 - Incorrect Authorization
    Assigner
    References
    Impacted products
    Vendor Product Version
    dromara sa-token Affected: 0 , ≤ 1.3.50rc (custom)
        cpe:2.3:a:dromara:sa-token:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T19:52:11.892Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/dromara/Sa-Token/issues/511"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:dromara:sa-token:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sa-token",
                "vendor": "dromara",
                "versions": [
                  {
                    "lessThanOrEqual": "1.3.50rc",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-43961",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-11T19:32:02.630223Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-863",
                    "description": "CWE-863 Incorrect Authorization",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-11T19:34:53.071Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-25T05:34:56.153Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/dromara/Sa-Token/issues/511"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-43961",
        "datePublished": "2023-10-25T00:00:00.000Z",
        "dateReserved": "2023-09-25T00:00:00.000Z",
        "dateUpdated": "2024-09-11T19:34:53.071Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-15222 (GCVE-0-2025-15222)

    Vulnerability from cvelistv5 – Published: 2025-12-30 05:32 – Updated: 2025-12-30 14:56
    VLAI
    Title
    Dromara Sa-Token SaSerializerTemplateForJdkUseBase64.java ObjectInputStream.readObject deserialization
    Summary
    A vulnerability has been found in Dromara Sa-Token up to 1.44.0. This issue affects the function ObjectInputStream.readObject of the file SaSerializerTemplateForJdkUseBase64.java. Such manipulation leads to deserialization. The attack can be executed remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.338607 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.338607 signaturepermissions-required
    https://vuldb.com/?submit.717703 third-party-advisory
    https://github.com/Yohane-Mashiro/satoken-deseria… exploit
    Impacted products
    Vendor Product Version
    Dromara Sa-Token Affected: 1.0
    Affected: 1.1
    Affected: 1.2
    Affected: 1.3
    Affected: 1.4
    Affected: 1.5
    Affected: 1.6
    Affected: 1.7
    Affected: 1.8
    Affected: 1.9
    Affected: 1.10
    Affected: 1.11
    Affected: 1.12
    Affected: 1.13
    Affected: 1.14
    Affected: 1.15
    Affected: 1.16
    Affected: 1.17
    Affected: 1.18
    Affected: 1.19
    Affected: 1.20
    Affected: 1.21
    Affected: 1.22
    Affected: 1.23
    Affected: 1.24
    Affected: 1.25
    Affected: 1.26
    Affected: 1.27
    Affected: 1.28
    Affected: 1.29
    Affected: 1.30
    Affected: 1.31
    Affected: 1.32
    Affected: 1.33
    Affected: 1.34
    Affected: 1.35
    Affected: 1.36
    Affected: 1.37
    Affected: 1.38
    Affected: 1.39
    Affected: 1.40
    Affected: 1.41
    Affected: 1.42
    Affected: 1.43
    Affected: 1.44.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-15222",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-30T14:56:24.666723Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-30T14:56:32.958Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Sa-Token",
              "vendor": "Dromara",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0"
                },
                {
                  "status": "affected",
                  "version": "1.1"
                },
                {
                  "status": "affected",
                  "version": "1.2"
                },
                {
                  "status": "affected",
                  "version": "1.3"
                },
                {
                  "status": "affected",
                  "version": "1.4"
                },
                {
                  "status": "affected",
                  "version": "1.5"
                },
                {
                  "status": "affected",
                  "version": "1.6"
                },
                {
                  "status": "affected",
                  "version": "1.7"
                },
                {
                  "status": "affected",
                  "version": "1.8"
                },
                {
                  "status": "affected",
                  "version": "1.9"
                },
                {
                  "status": "affected",
                  "version": "1.10"
                },
                {
                  "status": "affected",
                  "version": "1.11"
                },
                {
                  "status": "affected",
                  "version": "1.12"
                },
                {
                  "status": "affected",
                  "version": "1.13"
                },
                {
                  "status": "affected",
                  "version": "1.14"
                },
                {
                  "status": "affected",
                  "version": "1.15"
                },
                {
                  "status": "affected",
                  "version": "1.16"
                },
                {
                  "status": "affected",
                  "version": "1.17"
                },
                {
                  "status": "affected",
                  "version": "1.18"
                },
                {
                  "status": "affected",
                  "version": "1.19"
                },
                {
                  "status": "affected",
                  "version": "1.20"
                },
                {
                  "status": "affected",
                  "version": "1.21"
                },
                {
                  "status": "affected",
                  "version": "1.22"
                },
                {
                  "status": "affected",
                  "version": "1.23"
                },
                {
                  "status": "affected",
                  "version": "1.24"
                },
                {
                  "status": "affected",
                  "version": "1.25"
                },
                {
                  "status": "affected",
                  "version": "1.26"
                },
                {
                  "status": "affected",
                  "version": "1.27"
                },
                {
                  "status": "affected",
                  "version": "1.28"
                },
                {
                  "status": "affected",
                  "version": "1.29"
                },
                {
                  "status": "affected",
                  "version": "1.30"
                },
                {
                  "status": "affected",
                  "version": "1.31"
                },
                {
                  "status": "affected",
                  "version": "1.32"
                },
                {
                  "status": "affected",
                  "version": "1.33"
                },
                {
                  "status": "affected",
                  "version": "1.34"
                },
                {
                  "status": "affected",
                  "version": "1.35"
                },
                {
                  "status": "affected",
                  "version": "1.36"
                },
                {
                  "status": "affected",
                  "version": "1.37"
                },
                {
                  "status": "affected",
                  "version": "1.38"
                },
                {
                  "status": "affected",
                  "version": "1.39"
                },
                {
                  "status": "affected",
                  "version": "1.40"
                },
                {
                  "status": "affected",
                  "version": "1.41"
                },
                {
                  "status": "affected",
                  "version": "1.42"
                },
                {
                  "status": "affected",
                  "version": "1.43"
                },
                {
                  "status": "affected",
                  "version": "1.44.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been found in Dromara Sa-Token up to 1.44.0. This issue affects the function ObjectInputStream.readObject of the file SaSerializerTemplateForJdkUseBase64.java. Such manipulation leads to deserialization. The attack can be executed remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 2.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4.6,
                "vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-502",
                  "description": "Deserialization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-30T05:32:05.705Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-338607 | Dromara Sa-Token SaSerializerTemplateForJdkUseBase64.java ObjectInputStream.readObject deserialization",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.338607"
            },
            {
              "name": "VDB-338607 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.338607"
            },
            {
              "name": "Submit #717703 | https://github.com/dromara/sa-token Sa-Token \u003c=1.44.0 Deserialization",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.717703"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/Yohane-Mashiro/satoken-deserialization"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-12-28T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2025-12-28T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2025-12-28T17:05:34.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Dromara Sa-Token SaSerializerTemplateForJdkUseBase64.java ObjectInputStream.readObject deserialization"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2025-15222",
        "datePublished": "2025-12-30T05:32:05.705Z",
        "dateReserved": "2025-12-28T16:00:29.649Z",
        "dateUpdated": "2025-12-30T14:56:32.958Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-15117 (GCVE-0-2025-15117)

    Vulnerability from cvelistv5 – Published: 2025-12-28 02:32 – Updated: 2025-12-29 16:39
    VLAI
    Title
    Dromara Sa-Token SaJdkSerializer.java ObjectInputStream.readObject deserialization
    Summary
    A weakness has been identified in Dromara Sa-Token up to 1.44.0. This affects the function ObjectInputStream.readObject of the file SaJdkSerializer.java. Executing manipulation can lead to deserialization. The attack may be launched remotely. This attack is characterized by high complexity. It is indicated that the exploitability is difficult. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.338495 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.338495 signaturepermissions-required
    https://vuldb.com/?submit.711750 third-party-advisory
    https://github.com/Yohane-Mashiro/Sa-Token-cve related
    Impacted products
    Vendor Product Version
    Dromara Sa-Token Affected: 1.0
    Affected: 1.1
    Affected: 1.2
    Affected: 1.3
    Affected: 1.4
    Affected: 1.5
    Affected: 1.6
    Affected: 1.7
    Affected: 1.8
    Affected: 1.9
    Affected: 1.10
    Affected: 1.11
    Affected: 1.12
    Affected: 1.13
    Affected: 1.14
    Affected: 1.15
    Affected: 1.16
    Affected: 1.17
    Affected: 1.18
    Affected: 1.19
    Affected: 1.20
    Affected: 1.21
    Affected: 1.22
    Affected: 1.23
    Affected: 1.24
    Affected: 1.25
    Affected: 1.26
    Affected: 1.27
    Affected: 1.28
    Affected: 1.29
    Affected: 1.30
    Affected: 1.31
    Affected: 1.32
    Affected: 1.33
    Affected: 1.34
    Affected: 1.35
    Affected: 1.36
    Affected: 1.37
    Affected: 1.38
    Affected: 1.39
    Affected: 1.40
    Affected: 1.41
    Affected: 1.42
    Affected: 1.43
    Affected: 1.44.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-15117",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-12-29T16:39:02.612264Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-12-29T16:39:15.402Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Sa-Token",
              "vendor": "Dromara",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.0"
                },
                {
                  "status": "affected",
                  "version": "1.1"
                },
                {
                  "status": "affected",
                  "version": "1.2"
                },
                {
                  "status": "affected",
                  "version": "1.3"
                },
                {
                  "status": "affected",
                  "version": "1.4"
                },
                {
                  "status": "affected",
                  "version": "1.5"
                },
                {
                  "status": "affected",
                  "version": "1.6"
                },
                {
                  "status": "affected",
                  "version": "1.7"
                },
                {
                  "status": "affected",
                  "version": "1.8"
                },
                {
                  "status": "affected",
                  "version": "1.9"
                },
                {
                  "status": "affected",
                  "version": "1.10"
                },
                {
                  "status": "affected",
                  "version": "1.11"
                },
                {
                  "status": "affected",
                  "version": "1.12"
                },
                {
                  "status": "affected",
                  "version": "1.13"
                },
                {
                  "status": "affected",
                  "version": "1.14"
                },
                {
                  "status": "affected",
                  "version": "1.15"
                },
                {
                  "status": "affected",
                  "version": "1.16"
                },
                {
                  "status": "affected",
                  "version": "1.17"
                },
                {
                  "status": "affected",
                  "version": "1.18"
                },
                {
                  "status": "affected",
                  "version": "1.19"
                },
                {
                  "status": "affected",
                  "version": "1.20"
                },
                {
                  "status": "affected",
                  "version": "1.21"
                },
                {
                  "status": "affected",
                  "version": "1.22"
                },
                {
                  "status": "affected",
                  "version": "1.23"
                },
                {
                  "status": "affected",
                  "version": "1.24"
                },
                {
                  "status": "affected",
                  "version": "1.25"
                },
                {
                  "status": "affected",
                  "version": "1.26"
                },
                {
                  "status": "affected",
                  "version": "1.27"
                },
                {
                  "status": "affected",
                  "version": "1.28"
                },
                {
                  "status": "affected",
                  "version": "1.29"
                },
                {
                  "status": "affected",
                  "version": "1.30"
                },
                {
                  "status": "affected",
                  "version": "1.31"
                },
                {
                  "status": "affected",
                  "version": "1.32"
                },
                {
                  "status": "affected",
                  "version": "1.33"
                },
                {
                  "status": "affected",
                  "version": "1.34"
                },
                {
                  "status": "affected",
                  "version": "1.35"
                },
                {
                  "status": "affected",
                  "version": "1.36"
                },
                {
                  "status": "affected",
                  "version": "1.37"
                },
                {
                  "status": "affected",
                  "version": "1.38"
                },
                {
                  "status": "affected",
                  "version": "1.39"
                },
                {
                  "status": "affected",
                  "version": "1.40"
                },
                {
                  "status": "affected",
                  "version": "1.41"
                },
                {
                  "status": "affected",
                  "version": "1.42"
                },
                {
                  "status": "affected",
                  "version": "1.43"
                },
                {
                  "status": "affected",
                  "version": "1.44.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A weakness has been identified in Dromara Sa-Token up to 1.44.0. This affects the function ObjectInputStream.readObject of the file SaJdkSerializer.java. Executing manipulation can lead to deserialization. The attack may be launched remotely. This attack is characterized by high complexity. It is indicated that the exploitability is difficult. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 2.3,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 3.1,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 3.1,
                "baseSeverity": "LOW",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:X/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 2.1,
                "vectorString": "AV:N/AC:H/Au:S/C:N/I:N/A:P/E:ND/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-502",
                  "description": "Deserialization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-12-28T02:32:05.652Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-338495 | Dromara Sa-Token SaJdkSerializer.java ObjectInputStream.readObject deserialization",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.338495"
            },
            {
              "name": "VDB-338495 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.338495"
            },
            {
              "name": "Submit #711750 | github.com/dromara/Sa-Token Sa-Token \u003c=1.44.0 Deserialization",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.711750"
            },
            {
              "tags": [
                "related"
              ],
              "url": "https://github.com/Yohane-Mashiro/Sa-Token-cve"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-12-27T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2025-12-27T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2025-12-27T09:50:51.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "Dromara Sa-Token SaJdkSerializer.java ObjectInputStream.readObject deserialization"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2025-15117",
        "datePublished": "2025-12-28T02:32:05.652Z",
        "dateReserved": "2025-12-27T08:45:42.246Z",
        "dateUpdated": "2025-12-29T16:39:15.402Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-43961 (GCVE-0-2023-43961)

    Vulnerability from cvelistv5 – Published: 2023-10-25 00:00 – Updated: 2024-09-11 19:34
    VLAI
    Summary
    An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-863 - Incorrect Authorization
    Assigner
    References
    Impacted products
    Vendor Product Version
    dromara sa-token Affected: 0 , ≤ 1.3.50rc (custom)
        cpe:2.3:a:dromara:sa-token:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T19:52:11.892Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/dromara/Sa-Token/issues/511"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:dromara:sa-token:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sa-token",
                "vendor": "dromara",
                "versions": [
                  {
                    "lessThanOrEqual": "1.3.50rc",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-43961",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-11T19:32:02.630223Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-863",
                    "description": "CWE-863 Incorrect Authorization",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-11T19:34:53.071Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue in Dromara SaToken version 1.3.50RC and before when using Spring dynamic controllers, a specially crafted request may cause an authentication bypass."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-25T05:34:56.153Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/dromara/Sa-Token/issues/511"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-43961",
        "datePublished": "2023-10-25T00:00:00.000Z",
        "dateReserved": "2023-09-25T00:00:00.000Z",
        "dateUpdated": "2024-09-11T19:34:53.071Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-44794 (GCVE-0-2023-44794)

    Vulnerability from cvelistv5 – Published: 2023-10-25 00:00 – Updated: 2024-09-12 14:31
    VLAI
    Summary
    An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-284 - Improper Access Control
    Assigner
    References
    Impacted products
    Vendor Product Version
    dromara sa-token Affected: 0 , ≤ 1.36.0 (custom)
        cpe:2.3:a:dromara:sa-token:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T20:07:33.450Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/dromara/Sa-Token/issues/515"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:dromara:sa-token:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "sa-token",
                "vendor": "dromara",
                "versions": [
                  {
                    "lessThanOrEqual": "1.36.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-44794",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-11T19:20:51.886391Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-284",
                    "description": "CWE-284 Improper Access Control",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-12T14:31:44.414Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-25T05:34:54.056Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/dromara/Sa-Token/issues/515"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2023-44794",
        "datePublished": "2023-10-25T00:00:00.000Z",
        "dateReserved": "2023-10-02T00:00:00.000Z",
        "dateUpdated": "2024-09-12T14:31:44.414Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }