UNKNOWNCVE-2026-22744

Spring AI Redis Store has TAG Field Query Injection Through Improper Neutralization of Special Characters

Platform

java

Component

org.springframework.ai:spring-ai-redis-store

Fixed in

1.0.5

In RedisFilterExpressionConverter of spring-ai-redis-store, when a user-controlled string is passed as a filter value for a TAG field, stringValue() inserts the value directly into the @field:{VALUE} RediSearch TAG block without escaping characters. This issue affects Spring AI: from 1.0.0 before 1.0.5, from 1.1.0 before 1.1.4.

How to fix

Actualice la biblioteca Spring AI Redis Store a la versión 1.0.5 o superior si está utilizando la rama 1.0.x, o a la versión 1.1.4 o superior si está utilizando la rama 1.1.x. Esto corregirá la vulnerabilidad de inyección en la expresión de filtro Redis.

Monitor your dependencies automatically

Get notified when new vulnerabilities affect your projects. Free forever.

Start free