CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22979
https://notcve.org/view.php?id=CVE-2022-22979
21 Jun 2022 — In Spring Cloud Function versions prior to 3.2.6, it is possible for a user who directly interacts with framework provided lookup functionality to cause a denial-of-service condition due to the caching issue in the Function Catalog component of the framework. Spring Cloud Function las versiones anteriores a 3.2.6, es posible que un usuario que interactúe directamente con la funcionalidad de búsqueda proporcionada por el framework cause una condición de denegación de servicio debido a un problema de almacena... • https://tanzu.vmware.com/security/cve-2022-22979 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 1CVE-2022-22976 – springframework: BCrypt skips salt rounds for work factor of 31
https://notcve.org/view.php?id=CVE-2022-22976
19 May 2022 — Spring Security versions 5.5.x prior to 5.5.7, 5.6.x prior to 5.6.4, and earlier unsupported versions contain an integer overflow vulnerability. When using the BCrypt class with the maximum work factor (31), the encoder does not perform any salt rounds, due to an integer overflow error. The default settings are not affected by this CVE. Spring Security versiones 5.5.x anteriores a 5.5.7, 5.6.x anteriores a 5.6.4 y versiones anteriores no soportadas, contienen una vulnerabilidad de desbordamiento de enteros.... • https://github.com/spring-io/cve-2022-22976-bcrypt-skips-salt • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 90%CPEs: 7EXPL: 7CVE-2022-22978 – springframework: Authorization Bypass in RegexRequestMatcher
https://notcve.org/view.php?id=CVE-2022-22978
19 May 2022 — In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+ and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass. En las versiones 5.5.6 y 5.6.3 de Spring Security y en versiones anteriores no soportadas, RegexRequestMatcher puede ser fácilmente configurado de forma incorrecta para ser evitado en algunos contenedo... • https://github.com/DeEpinGh0st/CVE-2022-22978 • CWE-863: Incorrect Authorization CWE-1220: Insufficient Granularity of Access Control •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 1CVE-2022-22971 – springframework: DoS with STOMP over WebSocket
https://notcve.org/view.php?id=CVE-2022-22971
12 May 2022 — In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user. En spring framework versiones anteriores a 5.3.20+ , 5.2.22+ y las versiones antiguas no soportadas, la aplicación con un endpoint STOMP sobre WebSocket es vulnerable a un ataque de denegación de servicio por parte de un usuario autenticado A flaw was found in Spring Framework Applications. Applications th... • https://github.com/tchize/CVE-2022-22971 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.3EPSS: 0%CPEs: 10EXPL: 1CVE-2022-22970 – springframework: DoS via data binding to multipartFile or servlet part
https://notcve.org/view.php?id=CVE-2022-22970
12 May 2022 — In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object. En spring Framework versiones anteriores a 5.3.20+ , 5.2.22+ y las versiones antiguas no soportadas, las aplicaciones que manejan cargas de archivos son vulnerables a un ataque de denegación de servicio si dependen de la vinculación de datos para establec... • https://github.com/Performant-Labs/CVE-2022-22970 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.3EPSS: 22%CPEs: 12EXPL: 1CVE-2022-22968 – Framework: Data Binding Rules Vulnerability
https://notcve.org/view.php?id=CVE-2022-22968
14 Apr 2022 — In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not effectively protected unless it is listed with both upper and lower case for the first character of the field, including upper and lower case for the first character of all nested fields within the property path. En Spring Framework versiones 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, y en las versiones anteriores no soportadas, los... • https://github.com/MarcinGadz/spring-rce-poc • CWE-20: Improper Input Validation CWE-178: Improper Handling of Case Sensitivity •
CVSS: 7.5EPSS: 4%CPEs: 2EXPL: 0CVE-2022-22950 – spring-expression: Denial of service via specially crafted SpEL expression
https://notcve.org/view.php?id=CVE-2022-22950
01 Apr 2022 — n Spring Framework versions 5.3.0 - 5.3.16 and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial of service condition. En Spring Framework versiones 5.3.0 - 5.3.16 y en las versiones anteriores no soportadas, es posible que un usuario proporcione una expresión SpEL especialmente diseñada que puede causar una condición de denegación de servicio A flaw was found in the Spring Framework. This flaw allows an attacker to craft a special S... • https://tanzu.vmware.com/security/cve-2022-22950 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.8EPSS: 94%CPEs: 97EXPL: 87CVE-2022-22965 – Spring Framework JDK 9+ Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-22965
01 Apr 2022 — A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it. Una aplicación Spring MVC o Spring WebFlux que es ejecutada en JDK 9+ puede ser ... • https://packetstorm.news/files/id/167011 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 94%CPEs: 47EXPL: 32CVE-2022-22963 – VMware Tanzu Spring Cloud Function Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-22963
31 Mar 2022 — In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources. En Spring Cloud Function versiones 3.1.6, 3.2.2 y versiones anteriores no soportadas, cuando es usada la funcionalidad routing es posible que un usuario proporcione un SpEL especialmente diseñado como expresión de enrutamiento que puede resul... • https://packetstorm.news/files/id/173430 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 2CVE-2022-27772
https://notcve.org/view.php?id=CVE-2022-27772
30 Mar 2022 — spring-boot versions prior to version v2.2.11.RELEASE was vulnerable to temporary directory hijacking. This vulnerability impacted the org.springframework.boot.web.server.AbstractConfigurableWebServerFactory.createTempDir method. NOTE: This vulnerability only affects products and/or versions that are no longer supported by the maintainer spring-boot versiones anteriores a v2.2.11.RELEASE eran vulnerables a un secuestro de directorios temporales. Esta vulnerabilidad afectaba al método org.springframework.boo... • https://github.com/puneetbehl/grails3-cve-2022-27772 • CWE-668: Exposure of Resource to Wrong Sphere •