CVE-2023-20863 – springframework: Spring Expression DoS Vulnerability
https://notcve.org/view.php?id=CVE-2023-20863
In spring framework versions prior to 5.2.24 release+ ,5.3.27+ and 6.0.8+ , it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition. A flaw was found in Spring Framework. Certain versions of Spring Framework's Expression Language were not restricting the size of Spring Expressions. This could allow an attacker to craft a malicious Spring Expression to cause a denial of service on the server. • https://security.netapp.com/advisory/ntap-20240524-0015 https://spring.io/security/cve-2023-20863 https://access.redhat.com/security/cve/CVE-2023-20863 https://bugzilla.redhat.com/show_bug.cgi?id=2187742 • CWE-400: Uncontrolled Resource Consumption CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') •
CVE-2023-20860 – springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern
https://notcve.org/view.php?id=CVE-2023-20860
Spring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using "**" as a pattern in Spring Security configuration with the mvcRequestMatcher creates a mismatch in pattern matching between Spring Security and Spring MVC, and the potential for a security bypass. A flaw was found in Spring Framework. In this vulnerability, a security bypass is possible due to the behavior of the wildcard pattern. • https://github.com/limo520/CVE-2023-20860 https://security.netapp.com/advisory/ntap-20230505-0006 https://spring.io/security/cve-2023-20860 https://access.redhat.com/security/cve/CVE-2023-20860 https://bugzilla.redhat.com/show_bug.cgi?id=2180528 • CWE-155: Improper Neutralization of Wildcards or Matching Symbols •
CVE-2023-20861 – springframework: Spring Expression DoS Vulnerability
https://notcve.org/view.php?id=CVE-2023-20861
In Spring Framework versions 6.0.0 - 6.0.6, 5.3.0 - 5.3.25, 5.2.0.RELEASE - 5.2.22.RELEASE, and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition. A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service (DoS). • https://security.netapp.com/advisory/ntap-20230420-0007 https://spring.io/security/cve-2023-20861 https://access.redhat.com/security/cve/CVE-2023-20861 https://bugzilla.redhat.com/show_bug.cgi?id=2180530 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2022-22971 – springframework: DoS with STOMP over WebSocket
https://notcve.org/view.php?id=CVE-2022-22971
In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user. En spring framework versiones anteriores a 5.3.20+ , 5.2.22+ y las versiones antiguas no soportadas, la aplicación con un endpoint STOMP sobre WebSocket es vulnerable a un ataque de denegación de servicio por parte de un usuario autenticado A flaw was found in Spring Framework Applications. Applications that use STOMP over the WebSocket endpoint are vulnerable to a denial of service attack caused by an authenticated user. • https://github.com/tchize/CVE-2022-22971 https://security.netapp.com/advisory/ntap-20220616-0003 https://tanzu.vmware.com/security/cve-2022-22971 https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2022-22971 https://bugzilla.redhat.com/show_bug.cgi?id=2087274 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2022-22970 – springframework: DoS via data binding to multipartFile or servlet part
https://notcve.org/view.php?id=CVE-2022-22970
In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object. En spring Framework versiones anteriores a 5.3.20+ , 5.2.22+ y las versiones antiguas no soportadas, las aplicaciones que manejan cargas de archivos son vulnerables a un ataque de denegación de servicio si dependen de la vinculación de datos para establecer un MultipartFile o javax.servlet.Part a un campo en un objeto modelo A flaw was found in Spring Framework. Applications that handle file uploads are vulnerable to a denial of service (DoS) attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object. • https://security.netapp.com/advisory/ntap-20220616-0006 https://tanzu.vmware.com/security/cve-2022-22970 https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2022-22970 https://bugzilla.redhat.com/show_bug.cgi?id=2087272 • CWE-770: Allocation of Resources Without Limits or Throttling •