Security Advisories

CVE-2022-22950: Spring Expression DoS Vulnerability

MEDIUM | MARCH 28, 2022 | CVE-2022-22950

In Spring Framework versions 5.3.0 - 5.3.16, 5.2.0 - 5.2.19, and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial of service condition.

CVE-2022-22947: Spring Cloud Gateway Code Injection Vulnerability

CRITICAL | MARCH 01, 2022 | CVE-2022-22947

Applications using Spring Cloud Gateway are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote…

CVE-2022-22946: Spring Cloud Gateway HTTP2 Insecure TrustManager

MEDIUM | MARCH 01, 2022 | CVE-2022-22946

Applications using Spring Cloud Gateway that are configured to enable HTTP2 and no key store or trusted certificates are set will be configured to use an insecure TrustManager. This makes the gateway able to connect to remote services with invalid or…

CVE-2021-22060: Additional Log Injection in Spring Framework (follow-up to CVE-2021-22096)

MEDIUM | JANUARY 05, 2022 | CVE-2021-22060

In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. This is a follow-up to CVE-2021-22096 that protects…

CVE-2021-22095: Spring-AMQP Remote Denial of Service - Out of Memory Error with a Large Message Body

MEDIUM | NOVEMBER 29, 2021 | CVE-2021-22095

The Spring AMQP Message object, in its toString() method, will create a new String object from the message body, regardless of its size.

This can cause an OOM Error with a large message body.

CVE-2021-22053: Spring Cloud Netflix Hystrix Dashboard template resolution vulnerability

HIGH | NOVEMBER 17, 2021 | CVE-2021-22053

Applications using both spring-cloud-netflix-hystrix-dashboard and spring-boot-starter-thymeleaf expose a way to execute code submitted within the request URI path during the resolution of view templates. When a request is made at /hystrix/monitor…

CVE-2021-22051: Spring Cloud Gateway Request Vulnerability

HIGH | NOVEMBER 04, 2021 | CVE-2021-22051

Applications using Spring Cloud Gateway are vulnerable to specifically crafted requests that could make an extra request on downstream services.

CVE-2021-22096: Log Injection in Spring Framework

MEDIUM | OCTOBER 26, 2021 | CVE-2021-22096

In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries.

CVE-2021-22097: Spring-AMQP Remote Denial of Service - Deserialization of a Maliciously Constructed java.util.Dictionary Object

MEDIUM | OCTOBER 26, 2021 | CVE-2021-22097

The Spring AMQP Message object, in its toString() method, will deserialize a body for a message with content type application/x-java-serialized-object. Classes in the java.lang and java.util packages are trusted.

It is possible to construct a…

CVE-2021-22047: Potential Security Bypass for customized Spring Data REST Resource

MEDIUM | OCTOBER 26, 2021 | CVE-2021-22047

In Spring Data REST versions 3.4.0 - 3.4.13, 3.5.0 - 3.5.5, and older unsupported versions, HTTP resources implemented by custom controllers using a configured base API path and a controller type-level request mapping are additionally exposed under…

Spring Security Advisories