"product:spring_cloud_function" CVE Search Results

Advanced Filters

CVE Vulnerabilities for "product:spring_cloud_function"

Showing 1-2 of 2 CVEs (filtered from 316,546 total)

CVE-2022-22979

In Spring Cloud Function versions prior to 3.2.6, it is possible for a user who directly interacts with framework provided lookup functionality to cause a denial-of-service condition due to the caching issue in the Function Catalog component of the framework.

HIGH 7.5

EPSS 0.9%

6/21/2022

2022

CVE-2022-22963

⚠️🧬

In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.

CRITICAL 9.8

EPSS 94.5%

29 exploits

4/1/2022

2022

	Description				Year
CVE-2022-22979	In Spring Cloud Function versions prior to 3.2.6, it is possible for a user who directly interacts with framework provided lookup functionality to cause a denial-of-service condition due to the caching issue in the Function Catalog component of the framework. In Spring Cloud Function versions prior to 3.2.6, it is possible for a user who directly interacts with framework provided lookup functionality to cau... 7.50	7.5HIGH	0.9%Minimal	-	2022
CVE-2022-22963 ⚠️🧬	In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources. In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a... 9.8🎯 29 exploits	9.8CRITICAL	94.5%Critical	29	2022

Page 1 of 2