CVSS: 5.3EPSS: 0%CPEs: 12EXPL: 0CVE-2022-22968 – Framework: Data Binding Rules Vulnerability
https://notcve.org/view.php?id=CVE-2022-22968
In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not effectively protected unless it is listed with both upper and lower case for the first character of the field, including upper and lower case for the first character of all nested fields within the property path. En Spring Framework versiones 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, y en las versiones anteriores no soportadas, los patrones para disallowedFields en un DataBinder distinguen entre mayúsculas y minúsculas, lo que significa que un campo no está efectivamente protegido a menos que aparezca con mayúsculas y minúsculas para el primer carácter del campo, incluyendo mayúsculas y minúsculas para el primer carácter de todos los campos anidados dentro de la ruta de la propiedad • https://security.netapp.com/advisory/ntap-20220602-0004 https://tanzu.vmware.com/security/cve-2022-22968 https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2022-22968 https://bugzilla.redhat.com/show_bug.cgi?id=2075441 • CWE-20: Improper Input Validation CWE-178: Improper Handling of Case Sensitivity •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-22950 – spring-expression: Denial of service via specially crafted SpEL expression
https://notcve.org/view.php?id=CVE-2022-22950
n Spring Framework versions 5.3.0 - 5.3.16 and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial of service condition. En Spring Framework versiones 5.3.0 - 5.3.16 y en las versiones anteriores no soportadas, es posible que un usuario proporcione una expresión SpEL especialmente diseñada que puede causar una condición de denegación de servicio A flaw was found in the Spring Framework. This flaw allows an attacker to craft a special Spring Expression, causing a denial of service. • https://tanzu.vmware.com/security/cve-2022-22950 https://access.redhat.com/security/cve/CVE-2022-22950 https://bugzilla.redhat.com/show_bug.cgi?id=2069414 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.8EPSS: 97%CPEs: 97EXPL: 24CVE-2022-22965 – Spring Framework JDK 9+ Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-22965
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it. Una aplicación Spring MVC o Spring WebFlux que es ejecutada en JDK 9+ puede ser vulnerable a la ejecución de código remota (RCE) por medio de una vinculación de datos. • https://github.com/0zvxr/CVE-2022-22965 https://github.com/alt3kx/CVE-2022-22965 https://github.com/zangcc/CVE-2022-22965-rexbb https://github.com/Kirill89/CVE-2022-22965-PoC https://github.com/tangxiaofeng7/CVE-2022-22965-Spring-Core-Rce https://github.com/p1ckzi/CVE-2022-22965 https://github.com/me2nuk/CVE-2022-22965 https://github.com/light-Life/CVE-2022-22965-GUItools https://github.com/viniciuspereiras/CVE-2022-22965-poc https://github.com/itsecurityco/CVE-2022-2 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-22060 – springframework: Additional Log Injection in Spring Framework (follow-up to CVE-2021-22096)
https://notcve.org/view.php?id=CVE-2021-22060
In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. This is a follow-up to CVE-2021-22096 that protects against additional types of input and in more places of the Spring Framework codebase. En Spring Framework versiones 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, y en las versiones anteriores no soportadas, es posible que un usuario proporcione una entrada maliciosa que cause una inserción de entradas de registro adicionales. Se trata de un seguimiento de CVE-2021-22096 que protege contra tipos adicionales de entrada y en más lugares de la base de código de Spring Framework • https://tanzu.vmware.com/security/cve-2021-22060 https://www.oracle.com/security-alerts/cpuapr2022.html https://access.redhat.com/security/cve/CVE-2021-22060 https://bugzilla.redhat.com/show_bug.cgi?id=2055480 •
CVSS: 4.3EPSS: 0%CPEs: 11EXPL: 0CVE-2021-22096 – springframework: malicious input leads to insertion of additional log entries
https://notcve.org/view.php?id=CVE-2021-22096
In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. En Spring Framework versiones 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, y en versiones anteriores no soportadas, es posible para un usuario proporcionar una entrada maliciosa para causar una inserción de entradas de registro adicionales • https://security.netapp.com/advisory/ntap-20211125-0005 https://tanzu.vmware.com/security/cve-2021-22096 https://www.oracle.com/security-alerts/cpuapr2022.html https://access.redhat.com/security/cve/CVE-2021-22096 https://bugzilla.redhat.com/show_bug.cgi?id=2034584 • CWE-117: Improper Output Neutralization for Logs •