CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-22950 – spring-expression: Denial of service via specially crafted SpEL expression
https://notcve.org/view.php?id=CVE-2022-22950
n Spring Framework versions 5.3.0 - 5.3.16 and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial of service condition. En Spring Framework versiones 5.3.0 - 5.3.16 y en las versiones anteriores no soportadas, es posible que un usuario proporcione una expresión SpEL especialmente diseñada que puede causar una condición de denegación de servicio A flaw was found in the Spring Framework. This flaw allows an attacker to craft a special Spring Expression, causing a denial of service. • https://tanzu.vmware.com/security/cve-2022-22950 https://access.redhat.com/security/cve/CVE-2022-22950 https://bugzilla.redhat.com/show_bug.cgi?id=2069414 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.8EPSS: 97%CPEs: 97EXPL: 24CVE-2022-22965 – Spring Framework JDK 9+ Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-22965
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it. Una aplicación Spring MVC o Spring WebFlux que es ejecutada en JDK 9+ puede ser vulnerable a la ejecución de código remota (RCE) por medio de una vinculación de datos. • https://github.com/0zvxr/CVE-2022-22965 https://github.com/alt3kx/CVE-2022-22965 https://github.com/zangcc/CVE-2022-22965-rexbb https://github.com/Kirill89/CVE-2022-22965-PoC https://github.com/tangxiaofeng7/CVE-2022-22965-Spring-Core-Rce https://github.com/p1ckzi/CVE-2022-22965 https://github.com/me2nuk/CVE-2022-22965 https://github.com/light-Life/CVE-2022-22965-GUItools https://github.com/viniciuspereiras/CVE-2022-22965-poc https://github.com/itsecurityco/CVE-2022-2 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-22060 – springframework: Additional Log Injection in Spring Framework (follow-up to CVE-2021-22096)
https://notcve.org/view.php?id=CVE-2021-22060
In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. This is a follow-up to CVE-2021-22096 that protects against additional types of input and in more places of the Spring Framework codebase. En Spring Framework versiones 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, y en las versiones anteriores no soportadas, es posible que un usuario proporcione una entrada maliciosa que cause una inserción de entradas de registro adicionales. Se trata de un seguimiento de CVE-2021-22096 que protege contra tipos adicionales de entrada y en más lugares de la base de código de Spring Framework • https://tanzu.vmware.com/security/cve-2021-22060 https://www.oracle.com/security-alerts/cpuapr2022.html https://access.redhat.com/security/cve/CVE-2021-22060 https://bugzilla.redhat.com/show_bug.cgi?id=2055480 •
CVSS: 4.3EPSS: 0%CPEs: 11EXPL: 0CVE-2021-22096 – springframework: malicious input leads to insertion of additional log entries
https://notcve.org/view.php?id=CVE-2021-22096
In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. En Spring Framework versiones 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, y en versiones anteriores no soportadas, es posible para un usuario proporcionar una entrada maliciosa para causar una inserción de entradas de registro adicionales • https://security.netapp.com/advisory/ntap-20211125-0005 https://tanzu.vmware.com/security/cve-2021-22096 https://www.oracle.com/security-alerts/cpuapr2022.html https://access.redhat.com/security/cve/CVE-2021-22096 https://bugzilla.redhat.com/show_bug.cgi?id=2034584 • CWE-117: Improper Output Neutralization for Logs •
CVSS: 7.8EPSS: 0%CPEs: 49EXPL: 0CVE-2021-22118 – spring-web: (re)creating the temporary storage directory could result in a privilege escalation within WebFlux application
https://notcve.org/view.php?id=CVE-2021-22118
In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFlux application, or overwrite arbitrary files with multipart request data. En Spring Framework, versiones 5.2.x anteriores a 5.2.15 y versiones 5.3.x anteriores a 5.3.7, una aplicación WebFlux es vulnerable a una escalada de privilegios: al (re)crear el directorio de almacenamiento temporal, un usuario malicioso autenticado localmente puede leer o modificar archivos que han sido subidos a la aplicación WebFlux, o sobrescribir archivos arbitrarios con petición de datos de múltiples partes • https://security.netapp.com/advisory/ntap-20210713-0005 https://tanzu.vmware.com/security/cve-2021-22118 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujan2022.html https://www.oracle.com/security-alerts/cpujul2022.html https://www.oracle.com/security-alerts/cpuoct2021.html https://access.redhat.com/security/cve/CVE-2021-22118 https://bugzilla.redhat.com/show_bug.cgi?id=1974854 • CWE-269: Improper Privilege Management CWE-281: Improper Preservation of Permissions CWE-668: Exposure of Resource to Wrong Sphere •