Search criteria
34 vulnerabilities found for Spring Framework by Spring
CERTFR-2025-AVI-0883
Vulnerability from certfr_avis - Published: 2025-10-16 - Updated: 2025-10-16
De multiples vulnérabilités ont été découvertes dans les produits Spring. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Spring | Spring Framework | Spring Framework versions 5.3.x antérieures à 5.3.46 | ||
| Spring | Cloud Gateway Server | Cloud Gateway versions 4.3.x antérieures à 4.3.2 | ||
| Spring | Cloud Gateway Server | Cloud Gateway versions antérieures à 3.1.12 | ||
| Spring | Cloud Gateway Server | Cloud Gateway versions 4.1.x antérieures à 4.1.12 | ||
| Spring | Spring Framework | Spring Framework versions 6.x antérieures à 6.1.24 | ||
| Spring | Spring Framework | Spring Framework versions 6.2.x antérieures à 6.2.12 | ||
| Spring | Cloud Gateway Server | Cloud Gateway versions 4.0.x antérieures à 4.1.12 | ||
| Spring | Cloud Gateway Server | Cloud Gateway versions 4.2.x antérieures à 4.2.6 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Spring Framework versions 5.3.x ant\u00e9rieures \u00e0 5.3.46",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Cloud Gateway versions 4.3.x ant\u00e9rieures \u00e0 4.3.2",
"product": {
"name": "Cloud Gateway Server",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Cloud Gateway versions ant\u00e9rieures \u00e0 3.1.12",
"product": {
"name": "Cloud Gateway Server",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Cloud Gateway versions 4.1.x ant\u00e9rieures \u00e0 4.1.12",
"product": {
"name": "Cloud Gateway Server",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring Framework versions 6.x ant\u00e9rieures \u00e0 6.1.24",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring Framework versions 6.2.x ant\u00e9rieures \u00e0 6.2.12",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Cloud Gateway versions 4.0.x ant\u00e9rieures \u00e0 4.1.12",
"product": {
"name": "Cloud Gateway Server",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Cloud Gateway versions 4.2.x ant\u00e9rieures \u00e0 4.2.6",
"product": {
"name": "Cloud Gateway Server",
"vendor": {
"name": "Spring",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-41253",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41253"
},
{
"name": "CVE-2025-41254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41254"
}
],
"initial_release_date": "2025-10-16T00:00:00",
"last_revision_date": "2025-10-16T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0883",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-16T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Spring. Elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Spring",
"vendor_advisories": [
{
"published_at": "2025-10-15",
"title": "Bulletin de s\u00e9curit\u00e9 Spring cve-2025-41254",
"url": "https://spring.io/security/cve-2025-41254"
},
{
"published_at": "2025-10-15",
"title": "Bulletin de s\u00e9curit\u00e9 Spring cve-2025-41253",
"url": "https://spring.io/security/cve-2025-41253"
}
]
}
CERTFR-2025-AVI-0792
Vulnerability from certfr_avis - Published: 2025-09-16 - Updated: 2025-09-16
De multiples vulnérabilités ont été découvertes dans les produits Spring. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Spring | Spring Security | Security versions 6.4.x antérieures à 6.4.10 | ||
| Spring | Spring Security | Security versions 6.5.x antérieures à 6.5.4 | ||
| Spring | Spring Framework | Framework versions 5.3.x antérieures à 5.3.45 | ||
| Spring | Spring Framework | Framework versions 6.x antérieures à 6.1.23 | ||
| Spring | Spring Framework | Framework versions 6.2.x antérieures à 6.2.11 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Security versions 6.4.x ant\u00e9rieures \u00e0 6.4.10",
"product": {
"name": "Spring Security",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Security versions 6.5.x ant\u00e9rieures \u00e0 6.5.4",
"product": {
"name": "Spring Security",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Framework versions 5.3.x ant\u00e9rieures \u00e0 5.3.45",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Framework versions 6.x ant\u00e9rieures \u00e0 6.1.23",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Framework versions 6.2.x ant\u00e9rieures \u00e0 6.2.11",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
}
],
"initial_release_date": "2025-09-16T00:00:00",
"last_revision_date": "2025-09-16T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0792",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-16T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Spring. Elles permettent \u00e0 un attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Spring",
"vendor_advisories": [
{
"published_at": "2025-09-15",
"title": "Bulletin de s\u00e9curit\u00e9 Spring cve-2025-41249",
"url": "https://spring.io/security/cve-2025-41249"
},
{
"published_at": "2025-09-15",
"title": "Bulletin de s\u00e9curit\u00e9 Spring cve-2025-41248",
"url": "https://spring.io/security/cve-2025-41248"
}
]
}
CERTFR-2025-AVI-0696
Vulnerability from certfr_avis - Published: 2025-08-14 - Updated: 2025-08-14
Une vulnérabilité a été découverte dans Spring Framework. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Spring | Spring Framework | Framework versions 5.3.x antérieures à 5.3.44 | ||
| Spring | Spring Framework | Framework versions 6.2.x antérieures à 6.2.10 | ||
| Spring | Spring Framework | Framework versions 6.x antérieures à 6.1.22 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Framework versions 5.3.x ant\u00e9rieures \u00e0 5.3.44",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Framework versions 6.2.x ant\u00e9rieures \u00e0 6.2.10",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Framework versions 6.x ant\u00e9rieures \u00e0 6.1.22",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
}
],
"initial_release_date": "2025-08-14T00:00:00",
"last_revision_date": "2025-08-14T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0696",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-08-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Spring Framework. Elle permet \u00e0 un attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Vuln\u00e9rabilit\u00e9 dans Spring Framework",
"vendor_advisories": [
{
"published_at": "2025-08-14",
"title": "Bulletin de s\u00e9curit\u00e9 Spring cve-2025-41242",
"url": "https://spring.io/security/cve-2025-41242"
}
]
}
CERTFR-2025-AVI-0506
Vulnerability from certfr_avis - Published: 2025-06-13 - Updated: 2025-06-13
Une vulnérabilité a été découverte dans Spring Framework. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Spring | Spring Framework | Framework versions 6.2.x antérieures à 6.2.8 | ||
| Spring | Spring Framework | Framework versions 6.0.x antérieures à 6.0.29 | ||
| Spring | Spring Framework | Framework versions 6.1.x antérieures à 6.1.21 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Framework versions 6.2.x ant\u00e9rieures \u00e0 6.2.8",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Framework versions 6.0.x ant\u00e9rieures \u00e0 6.0.29",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Framework versions 6.1.x ant\u00e9rieures \u00e0 6.1.21",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-41234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41234"
}
],
"initial_release_date": "2025-06-13T00:00:00",
"last_revision_date": "2025-06-13T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0506",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-06-13T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Spring Framework. Elle permet \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance.",
"title": "Vuln\u00e9rabilit\u00e9 dans Spring Framework",
"vendor_advisories": [
{
"published_at": "2025-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 Spring cve-2025-41234",
"url": "https://spring.io/security/cve-2025-41234"
}
]
}
CERTFR-2025-AVI-0417
Vulnerability from certfr_avis - Published: 2025-05-16 - Updated: 2025-05-16
Une vulnérabilité a été découverte dans Spring Framework. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Spring | Spring Framework | Framework versions 6.2.x antérieures à 6.2.7 | ||
| Spring | Spring Framework | Framework versions 5.3.x antérieures à 5.3.43 | ||
| Spring | Spring Framework | Framework versions 6.0.x antérieures à 6.0.28 | ||
| Spring | Spring Framework | Framework versions 6.1.x antérieures à 6.1.20 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Framework versions 6.2.x ant\u00e9rieures \u00e0 6.2.7",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Framework versions 5.3.x ant\u00e9rieures \u00e0 5.3.43",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Framework versions 6.0.x ant\u00e9rieures \u00e0 6.0.28",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Framework versions 6.1.x ant\u00e9rieures \u00e0 6.1.20",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
}
],
"initial_release_date": "2025-05-16T00:00:00",
"last_revision_date": "2025-05-16T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0417",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-05-16T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Spring Framework. Elle permet \u00e0 un attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Vuln\u00e9rabilit\u00e9 dans Spring Framework",
"vendor_advisories": [
{
"published_at": "2025-05-15",
"title": "Bulletin de s\u00e9curit\u00e9 Spring cve-2025-22233",
"url": "https://spring.io/security/cve-2025-22233"
}
]
}
CERTFR-2024-AVI-0991
Vulnerability from certfr_avis - Published: 2024-11-15 - Updated: 2024-11-15
Une vulnérabilité a été découverte dans Spring Framework. Elle permet à un attaquant de provoquer un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Spring | Spring Framework | Spring Framework versions antérieures à 5.3.41 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Spring Framework versions ant\u00e9rieures \u00e0 5.3.41",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
}
],
"initial_release_date": "2024-11-15T00:00:00",
"last_revision_date": "2024-11-15T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0991",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-11-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Spring Framework. Elle permet \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance.",
"title": "Vuln\u00e9rabilit\u00e9 dans Spring",
"vendor_advisories": [
{
"published_at": "2024-11-15",
"title": "Bulletin de s\u00e9curit\u00e9 Spring cve-2024-38828",
"url": "https://spring.io/security/cve-2024-38828"
}
]
}
CERTFR-2024-AVI-0914
Vulnerability from certfr_avis - Published: 2024-10-23 - Updated: 2024-10-23
Une vulnérabilité a été découverte dans les produits Spring. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
L'éditeur précise que les vulnérabilités affectent uniquement les configurations qui respectent les conditions suivantes : * Application Webflux * Utilisation du support des ressources statiques proposé par Spring * Utilisation d'une règle d'autorisation non-permitAll appliquée sur les ressources statiques
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Spring | Spring Framework | Spring versions 6.2.x antérieures à 6.2.7 | ||
| Spring | Spring Framework | Spring versions 5.7.x antérieures à 5.7.13 | ||
| Spring | Spring Framework | Spring versions 6.0.x antérieures à 6.0.13 | ||
| Spring | Spring Framework | Spring versions 6.1.x antérieures à 6.1.11 | ||
| Spring | Spring Framework | Spring versions 6.3.x antérieures à 6.3.4 | ||
| Spring | Spring Framework | Spring versions 5.8.x antérieures à 5.8.15 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Spring versions 6.2.x ant\u00e9rieures \u00e0 6.2.7",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring versions 5.7.x ant\u00e9rieures \u00e0 5.7.13",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring versions 6.0.x ant\u00e9rieures \u00e0 6.0.13",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring versions 6.1.x ant\u00e9rieures \u00e0 6.1.11",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring versions 6.3.x ant\u00e9rieures \u00e0 6.3.4",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring versions 5.8.x ant\u00e9rieures \u00e0 5.8.15",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
}
],
"affected_systems_content": "L\u0027\u00e9diteur pr\u00e9cise que les vuln\u00e9rabilit\u00e9s affectent uniquement les configurations qui respectent les conditions suivantes :\n* Application Webflux\n* Utilisation du support des ressources statiques propos\u00e9 par Spring\n* Utilisation d\u0027une r\u00e8gle d\u0027autorisation *non-permitAll* appliqu\u00e9e sur les ressources statiques",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-38821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38821"
}
],
"initial_release_date": "2024-10-23T00:00:00",
"last_revision_date": "2024-10-23T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0914",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-10-23T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits Spring. Elle permet \u00e0 un attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits Spring",
"vendor_advisories": [
{
"published_at": "2024-10-22",
"title": "Bulletin de s\u00e9curit\u00e9 Spring cve-2024-38821",
"url": "https://spring.io/security/cve-2024-38821"
}
]
}
CERTFR-2024-AVI-0900
Vulnerability from certfr_avis - Published: 2024-10-18 - Updated: 2024-10-18
De multiples vulnérabilités ont été découvertes dans Spring Framework. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données et un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Spring | Spring Framework | Spring Framework versions 5.3.x antérieures à 5.3.41 | ||
| Spring | Spring Framework | Spring Framework versions 6.1.x antérieures à 6.1.14 | ||
| Spring | Spring Framework | Spring Framework versions 6.0.x antérieures à 6.0.25 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Spring Framework versions 5.3.x ant\u00e9rieures \u00e0 5.3.41",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring Framework versions 6.1.x ant\u00e9rieures \u00e0 6.1.14",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring Framework versions 6.0.x ant\u00e9rieures \u00e0 6.0.25",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
}
],
"initial_release_date": "2024-10-18T00:00:00",
"last_revision_date": "2024-10-18T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0900",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-10-18T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Spring Framework. Elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Spring Framework",
"vendor_advisories": [
{
"published_at": "2024-10-17",
"title": "Bulletin de s\u00e9curit\u00e9 Spring cve-2024-38819",
"url": "https://spring.io/security/cve-2024-38819"
},
{
"published_at": "2024-10-17",
"title": "Bulletin de s\u00e9curit\u00e9 Spring cve-2024-38820",
"url": "https://spring.io/security/cve-2024-38820"
}
]
}
CERTFR-2024-AVI-0776
Vulnerability from certfr_avis - Published: 2024-09-13 - Updated: 2024-09-13
Une vulnérabilité a été découverte dans Spring Framework. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Spring | Spring Framework | Framework versions 6.1.x antérieures à 6.1.13 | ||
| Spring | Spring Framework | Framework versions 5.3.x antérieures à 5.3.40 | ||
| Spring | Spring Framework | Framework versions 6.0.x antérieures à 6.0.24 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Framework versions 6.1.x ant\u00e9rieures \u00e0 6.1.13",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Framework versions 5.3.x ant\u00e9rieures \u00e0 5.3.40",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Framework versions 6.0.x ant\u00e9rieures \u00e0 6.0.24",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
}
],
"initial_release_date": "2024-09-13T00:00:00",
"last_revision_date": "2024-09-13T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0776",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-09-13T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Spring Framework. Elle permet \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Vuln\u00e9rabilit\u00e9 dans Spring Framework",
"vendor_advisories": [
{
"published_at": "2024-09-12",
"title": "Bulletin de s\u00e9curit\u00e9 Spring cve-2024-38816",
"url": "https://spring.io/security/cve-2024-38816"
}
]
}
CERTFR-2024-AVI-0689
Vulnerability from certfr_avis - Published: 2024-08-16 - Updated: 2024-08-16
De multiples vulnérabilités ont été découvertes dans Spring Framework. Elles permettent à un attaquant de provoquer un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Spring | Spring Framework | Spring Framework versions 6.0.x antérieures à 6.0.23 | ||
| Spring | Spring Framework | Spring Framework versions 6.1.x antérieures à 6.1.12 | ||
| Spring | Spring Framework | Spring Framework versions antérieures à 5.3.39 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Spring Framework versions 6.0.x ant\u00e9rieures \u00e0 6.0.23",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring Framework versions 6.1.x ant\u00e9rieures \u00e0 6.1.12",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring Framework versions ant\u00e9rieures \u00e0 5.3.39",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
}
],
"initial_release_date": "2024-08-16T00:00:00",
"last_revision_date": "2024-08-16T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0689",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-08-16T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Spring Framework. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Spring Framework",
"vendor_advisories": [
{
"published_at": "2024-08-14",
"title": "Bulletin de s\u00e9curit\u00e9 Spring cve-2024-38808",
"url": "https://spring.io/security/cve-2024-38808"
},
{
"published_at": "2024-08-14",
"title": "Bulletin de s\u00e9curit\u00e9 Spring cve-2024-38809",
"url": "https://spring.io/security/cve-2024-38809"
}
]
}
CERTFR-2024-AVI-0298
Vulnerability from certfr_avis - Published: 2024-04-11 - Updated: 2024-04-11
Une vulnérabilité a été découverte dans Spring Framework. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Spring | Spring Framework | Spring Framework versions 6.1.x antérieures à 6.1.6 | ||
| Spring | Spring Framework | Spring Framework versions 6.0.x antérieures à 6.0.19 | ||
| Spring | Spring Framework | Spring Framework versions 5.3.x antérieures à 5.3.34 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Spring Framework versions 6.1.x ant\u00e9rieures \u00e0 6.1.6",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring Framework versions 6.0.x ant\u00e9rieures \u00e0 6.0.19",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring Framework versions 5.3.x ant\u00e9rieures \u00e0 5.3.34",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2024-22262",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22262"
}
],
"initial_release_date": "2024-04-11T00:00:00",
"last_revision_date": "2024-04-11T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Spring\u00a0CVE-2024-22262 du 11 avril 2024",
"url": "https://spring.io/security/cve-2024-22262/"
}
],
"reference": "CERTFR-2024-AVI-0298",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-04-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans\u003cspan class=\"textit\"\u003e Spring\nFramework\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans Spring Framework",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Spring CVE-2024-22262 du 11 avril 2024",
"url": null
}
]
}
CERTFR-2024-AVI-0223
Vulnerability from certfr_avis - Published: 2024-03-15 - Updated: 2024-03-15
Une vulnérabilité a été découverte dans Spring Framework. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Spring | Spring Framework | Spring Framework versions 6.0.x antérieures à 6.0.18 | ||
| Spring | Spring Framework | Spring Framework versions 6.1.x antérieures à 6.1.5 | ||
| Spring | Spring Framework | Spring Framework versions 5.3.x antérieures à 5.3.33 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Spring Framework versions 6.0.x ant\u00e9rieures \u00e0 6.0.18",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring Framework versions 6.1.x ant\u00e9rieures \u00e0 6.1.5",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring Framework versions 5.3.x ant\u00e9rieures \u00e0 5.3.33",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2024-22259",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22259"
}
],
"initial_release_date": "2024-03-15T00:00:00",
"last_revision_date": "2024-03-15T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0223",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-03-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Spring Framework. Elle permet \u00e0\nun attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans Spring Framework",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Spring CVE-2024-22259 du 14 mars 2024",
"url": "https://spring.io/security/cve-2024-22259/"
}
]
}
CERTFR-2024-AVI-0154
Vulnerability from certfr_avis - Published: 2024-02-22 - Updated: 2024-02-22
Une vulnérabilité a été découverte dans Spring Framework. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Spring | Spring Framework | Spring Framework versions antérieures à 5.3.32 | ||
| Spring | Spring Framework | Spring Framework versions 6.0.x antérieures à 6.0.17 | ||
| Spring | Spring Framework | Spring Framework versions 6.1.x antérieures à 6.1.4 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Spring Framework versions ant\u00e9rieures \u00e0 5.3.32",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring Framework versions 6.0.x ant\u00e9rieures \u00e0 6.0.17",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring Framework versions 6.1.x ant\u00e9rieures \u00e0 6.1.4",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2024-22243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22243"
}
],
"initial_release_date": "2024-02-22T00:00:00",
"last_revision_date": "2024-02-22T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0154",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-02-22T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Spring Framework. Elle permet \u00e0\nun attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans Spring Framework",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Spring CVE-2024-22243 du 21 f\u00e9vrier 2024",
"url": "https://spring.io/security/cve-2024-22243"
}
]
}
CERTFR-2023-AVI-0980
Vulnerability from certfr_avis - Published: 2023-11-27 - Updated: 2023-11-27
De multiples vulnérabilités ont été découvertes dans les produits Spring. Elles permettent à un attaquant de provoquer un déni de service.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Spring | N/A | Reactor Netty versions antérieures à 1.0.39 | ||
| Spring | N/A | Spring Boot versions antérieures à 2.7.18 | ||
| Spring | Spring Framework | Spring Framework versions 6.0.x antérieures à 6.0.14 | ||
| Spring | N/A | Spring Boot versions 3.1.x antérieures à 3.1.6 | ||
| Spring | N/A | Spring Boot versions 3.0.x antérieures à 3.0.13 | ||
| Spring | N/A | Reactor Netty versions 1.1.x antérieures à 1.1.13 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Reactor Netty versions ant\u00e9rieures \u00e0 1.0.39",
"product": {
"name": "N/A",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring Boot versions ant\u00e9rieures \u00e0 2.7.18",
"product": {
"name": "N/A",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring Framework versions 6.0.x ant\u00e9rieures \u00e0 6.0.14",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring Boot versions 3.1.x ant\u00e9rieures \u00e0 3.1.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring Boot versions 3.0.x ant\u00e9rieures \u00e0 3.0.13",
"product": {
"name": "N/A",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Reactor Netty versions 1.1.x ant\u00e9rieures \u00e0 1.1.13",
"product": {
"name": "N/A",
"vendor": {
"name": "Spring",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-34053",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34053"
},
{
"name": "CVE-2023-34054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34054"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
}
],
"initial_release_date": "2023-11-27T00:00:00",
"last_revision_date": "2023-11-27T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0980",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-11-27T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits Spring\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un d\u00e9ni de service.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Spring",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Spring cve-2023-34053 du 27 novembre 2023",
"url": "https://spring.io/security/cve-2023-34053/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Spring cve-2023-34055 du 27 novembre 2023",
"url": "https://spring.io/security/cve-2023-34055/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Spring cve-2023-34054 du 27 novembre 2023",
"url": "https://spring.io/security/cve-2023-34054/"
}
]
}
CERTFR-2022-AVI-005
Vulnerability from certfr_avis - Published: 2022-01-06 - Updated: 2022-01-06
Une vulnérabilité a été découverte dans VMware Spring. Elle permet à un
attaquant de provoquer une atteinte à l'intégrité des données.
Il s'agit d'un suivi de la
vulnérabilité CVE-2021-22096
décrite dans l'avis
CERTFR-2021-AVI-824.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Spring | Spring Framework | Spring cadriciel versions 5.3.x antérieures à 5.3.14 | ||
| Spring | Spring Framework | Spring cadriciel versions 5.2.x antérieures à 5.2.19 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Spring cadriciel versions 5.3.x ant\u00e9rieures \u00e0 5.3.14",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring cadriciel versions 5.2.x ant\u00e9rieures \u00e0 5.2.19",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22060"
},
{
"name": "CVE-2021-22096",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22096"
}
],
"initial_release_date": "2022-01-06T00:00:00",
"last_revision_date": "2022-01-06T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-005",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-01-06T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans VMware Spring. Elle permet \u00e0 un\nattaquant de provoquer une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es. \nIl s\u0027agit d\u0027un suivi de la\nvuln\u00e9rabilit\u00e9\u00a0[CVE-2021-22096](https://www.cve.org/CVERecord?id=CVE-2021-22096)\nd\u00e9crite dans l\u0027avis\n[CERTFR-2021-AVI-824](http://www.cert.ssi.gouv.fr/avis/CERTFR-2021-AVI-824/).\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Spring Framework",
"vendor_advisories": [
{
"published_at": "2022-01-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware cve-2021-22060",
"url": "https://tanzu.vmware.com/security/cve-2021-22060"
}
]
}
CERTFR-2021-AVI-824
Vulnerability from certfr_avis - Published: 2021-10-27 - Updated: 2021-10-27
De multiples vulnérabilités ont été découvertes dans VMware Spring. Elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à l'intégrité des données et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Spring | Spring Framework | Spring Framework versions 5.3.x antérieures à 5.3.12 | ||
| Spring | N/A | Spring Cloud OpenFeign versions 2.2.x antérieures à 2.2.10 | ||
| Spring | N/A | Spring AMQP versions 2.3.x antérieures à 2.3.11 | ||
| Spring | Spring Framework | Spring Framework versions 5.2.x antérieures à 5.2.18 | ||
| Spring | N/A | Spring Data REST versions 3.5.x antérieures à 3.5.6 | ||
| Spring | N/A | Spring Data REST versions 3.4.x antérieures à 3.4.14 | ||
| Spring | N/A | Spring Cloud OpenFeign versions 3.0.x antérieures à 3.0.5 | ||
| Spring | N/A | Spring AMQP versions 2.2.x antérieures à 2.2.19 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Spring Framework versions 5.3.x ant\u00e9rieures \u00e0 5.3.12",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring Cloud OpenFeign versions 2.2.x ant\u00e9rieures \u00e0 2.2.10",
"product": {
"name": "N/A",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring AMQP versions 2.3.x ant\u00e9rieures \u00e0 2.3.11",
"product": {
"name": "N/A",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring Framework versions 5.2.x ant\u00e9rieures \u00e0 5.2.18",
"product": {
"name": "Spring Framework",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring Data REST versions 3.5.x ant\u00e9rieures \u00e0 3.5.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring Data REST versions 3.4.x ant\u00e9rieures \u00e0 3.4.14",
"product": {
"name": "N/A",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring Cloud OpenFeign versions 3.0.x ant\u00e9rieures \u00e0 3.0.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Spring",
"scada": false
}
}
},
{
"description": "Spring AMQP versions 2.2.x ant\u00e9rieures \u00e0 2.2.19",
"product": {
"name": "N/A",
"vendor": {
"name": "Spring",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [],
"initial_release_date": "2021-10-27T00:00:00",
"last_revision_date": "2021-10-27T00:00:00",
"links": [],
"reference": "CERTFR-2021-AVI-824",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-10-27T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans VMware Spring.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0\ndistance, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans VMware Spring",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 VMware cve-2021-22047 du 26 octobre 2021",
"url": "https://tanzu.vmware.com/security/cve-2021-22047"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 VMware cve-2021-22097 du 26 octobre 2021",
"url": "https://tanzu.vmware.com/security/cve-2021-22097"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 VMware cve-2021-22044 du 26 octobre 2021",
"url": "https://tanzu.vmware.com/security/cve-2021-22044"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 VMware cve-2021-22096 du 26 octobre 2021",
"url": "https://tanzu.vmware.com/security/cve-2021-22096"
}
]
}
CVE-2025-22233 (GCVE-0-2025-22233)
Vulnerability from nvd – Published: 2025-05-16 19:14 – Updated: 2025-05-17 02:37
VLAI?
Title
Spring Framework DataBinder Case Sensitive Match Exception
Summary
CVE-2024-38820 ensured Locale-independent, lowercase conversion for both the configured disallowedFields patterns and for request parameter names. However, there are still cases where it is possible to bypass the disallowedFields checks.
Affected Spring Products and Versions
Spring Framework:
* 6.2.0 - 6.2.6
* 6.1.0 - 6.1.19
* 6.0.0 - 6.0.27
* 5.3.0 - 5.3.42
* Older, unsupported versions are also affected
Mitigation
Users of affected versions should upgrade to the corresponding fixed version.
Affected version(s)Fix Version Availability 6.2.x
6.2.7
OSS6.1.x
6.1.20
OSS6.0.x
6.0.28
Commercial https://enterprise.spring.io/ 5.3.x
5.3.43
Commercial https://enterprise.spring.io/
No further mitigation steps are necessary.
Generally, we recommend using a dedicated model object with properties only for data binding, or using constructor binding since constructor arguments explicitly declare what to bind together with turning off setter binding through the declarativeBinding flag. See the Model Design section in the reference documentation.
For setting binding, prefer the use of allowedFields (an explicit list) over disallowedFields.
Credit
This issue was responsibly reported by the TERASOLUNA Framework Development Team from NTT DATA Group Corporation.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Spring | Spring Framework |
Affected:
6.2.0 , ≤ 6.2.6
(Framework)
Affected: 6.1.0 , ≤ 6.1.19 (Framework) Affected: 6.0.0 , ≤ 6.0.27 (Enterprise Framework) Affected: 5.3.0 , ≤ 5.3.42 (Enterprise Framework) Unaffected: 6.2.7 (Framework) Unaffected: 6.1.20 (Framework) Unaffected: 6.0.28 (Enterprise Framework) Unaffected: 5.3.43 (Entrprise Framework) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22233",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-17T02:36:53.736871Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-17T02:37:03.191Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Spring Framework",
"vendor": "Spring",
"versions": [
{
"lessThanOrEqual": "6.2.6",
"status": "affected",
"version": "6.2.0",
"versionType": "Framework"
},
{
"lessThanOrEqual": "6.1.19",
"status": "affected",
"version": "6.1.0",
"versionType": "Framework"
},
{
"lessThanOrEqual": "6.0.27",
"status": "affected",
"version": "6.0.0",
"versionType": "Enterprise Framework"
},
{
"lessThanOrEqual": "5.3.42",
"status": "affected",
"version": "5.3.0",
"versionType": "Enterprise Framework"
},
{
"status": "unaffected",
"version": "6.2.7",
"versionType": "Framework"
},
{
"status": "unaffected",
"version": "6.1.20",
"versionType": "Framework"
},
{
"status": "unaffected",
"version": "6.0.28",
"versionType": "Enterprise Framework"
},
{
"status": "unaffected",
"version": "5.3.43",
"versionType": "Entrprise Framework"
}
]
}
],
"datePublic": "2025-05-15T15:02:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "CVE-2024-38820 ensured Locale-independent, lowercase conversion for both the configured disallowedFields patterns and for request parameter names. However, there are still cases where it is possible to bypass the disallowedFields checks.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eAffected Spring Products and Versions\u003c/b\u003e\u003cbr\u003e\u003cbr\u003eSpring Framework:\u003cbr\u003e\u003cul\u003e\u003cli\u003e6.2.0 - 6.2.6\u003cbr\u003e\u003c/li\u003e\u003cli\u003e6.1.0 - 6.1.19\u003cbr\u003e\u003c/li\u003e\u003cli\u003e6.0.0 - 6.0.27\u003cbr\u003e\u003c/li\u003e\u003cli\u003e5.3.0 - 5.3.42\u003c/li\u003e\u003cli\u003eOlder, unsupported versions are also affected\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e\u003cb\u003eMitigation\u003c/b\u003e\u003cbr\u003e\u003cbr\u003eUsers of affected versions should upgrade to the corresponding fixed version.\u003cbr\u003e\u003cbr\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eAffected version(s)\u003c/td\u003e\u003ctd\u003eFix Version\u0026nbsp;\u003c/td\u003e\u003ctd\u003eAvailability\u0026nbsp;\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e6.2.x\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e 6.2.7\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eOSS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e6.1.x\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e 6.1.20\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eOSS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e6.0.x\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e 6.0.28\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://enterprise.spring.io/\"\u003eCommercial\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e5.3.x\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e 5.3.43\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://enterprise.spring.io/\"\u003eCommercial\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNo further mitigation steps are necessary.\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e\u003cbr\u003eGenerally, we recommend using a dedicated model object with properties only for data binding, or using constructor binding since constructor arguments explicitly declare what to bind together with turning off setter binding through the declarativeBinding flag. See the Model Design section in the reference documentation.\u003cbr\u003e\u003cbr\u003eFor setting binding, prefer the use of allowedFields (an explicit list) over disallowedFields.\u003cbr\u003e\u003cbr\u003eCredit\u003cbr\u003e\u003cbr\u003eThis issue was responsibly reported by the TERASOLUNA Framework Development Team from NTT DATA Group Corporation.\u003cbr\u003e"
}
],
"value": "CVE-2024-38820 ensured Locale-independent, lowercase conversion for both the configured disallowedFields patterns and for request parameter names. However, there are still cases where it is possible to bypass the disallowedFields checks.\n\nAffected Spring Products and Versions\n\nSpring Framework:\n * 6.2.0 - 6.2.6\n\n * 6.1.0 - 6.1.19\n\n * 6.0.0 - 6.0.27\n\n * 5.3.0 - 5.3.42\n * Older, unsupported versions are also affected\n\n\n\nMitigation\n\nUsers of affected versions should upgrade to the corresponding fixed version.\n\nAffected version(s)Fix Version\u00a0Availability\u00a06.2.x\n 6.2.7\nOSS6.1.x\n 6.1.20\nOSS6.0.x\n 6.0.28\n Commercial https://enterprise.spring.io/ 5.3.x\n 5.3.43\n Commercial https://enterprise.spring.io/ \nNo further mitigation steps are necessary.\n\n\nGenerally, we recommend using a dedicated model object with properties only for data binding, or using constructor binding since constructor arguments explicitly declare what to bind together with turning off setter binding through the declarativeBinding flag. See the Model Design section in the reference documentation.\n\nFor setting binding, prefer the use of allowedFields (an explicit list) over disallowedFields.\n\nCredit\n\nThis issue was responsibly reported by the TERASOLUNA Framework Development Team from NTT DATA Group Corporation."
}
],
"impacts": [
{
"capecId": "CAPEC-137",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-137: Parameter Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-16T19:14:07.500Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N\u0026version=3.1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Spring Framework DataBinder Case Sensitive Match Exception",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-22233",
"datePublished": "2025-05-16T19:14:07.500Z",
"dateReserved": "2025-01-02T04:29:59.191Z",
"dateUpdated": "2025-05-17T02:37:03.191Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38808 (GCVE-0-2024-38808)
Vulnerability from nvd – Published: 2024-08-20 07:12 – Updated: 2024-10-30 18:41
VLAI?
Title
CVE-2024-38808: Spring Expression DoS Vulnerability
Summary
In Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially crafted Spring Expression Language (SpEL) expression that may cause a denial of service (DoS) condition.
Specifically, an application is vulnerable when the following is true:
* The application evaluates user-supplied SpEL expressions.
Severity ?
4.3 (Medium)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Spring | Spring Framework |
Affected:
5.3.0 , < 5.3.39, 6.0+
(5.3.396.0)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38808",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-20T13:48:27.427803Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T18:41:27.943Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-09-20T16:03:07.732Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20240920-0002/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"packageName": "Spring Framework",
"product": "Spring Framework",
"vendor": "Spring",
"versions": [
{
"lessThan": "5.3.39, 6.0+",
"status": "affected",
"version": "5.3.0",
"versionType": "5.3.396.0"
}
]
}
],
"datePublic": "2024-08-14T07:08:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially crafted Spring Expression Language (SpEL) expression that may cause a denial of service (DoS) condition.\u003c/p\u003e\u003cp\u003eSpecifically, an application is vulnerable when the following is true:\u003c/p\u003e\u003cul\u003e\u003cli\u003eThe application evaluates user-supplied SpEL expressions.\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e"
}
],
"value": "In Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially crafted Spring Expression Language (SpEL) expression that may cause a denial of service (DoS) condition.\n\nSpecifically, an application is vulnerable when the following is true:\n\n * The application evaluates user-supplied SpEL expressions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T07:12:44.736Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://spring.io/security/cve-2024-38808"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2024-38808: Spring Expression DoS Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-38808",
"datePublished": "2024-08-20T07:12:44.736Z",
"dateReserved": "2024-06-19T22:31:57.187Z",
"dateUpdated": "2024-10-30T18:41:27.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22262 (GCVE-0-2024-22262)
Vulnerability from nvd – Published: 2024-04-16 05:54 – Updated: 2025-02-13 17:33
VLAI?
Title
CVE-2024-22262: Spring Framework URL Parsing with Host Validation
Summary
Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used after passing validation checks.
This is the same as CVE-2024-22259 https://spring.io/security/cve-2024-22259 and CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.
Severity ?
8.1 (High)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Spring | Spring Framework |
Affected:
6.1.x , < 6.1.6
(6.1.6)
Affected: 6.0.x , < 6.0.19 (6.0.19) Affected: 5.3.x , < 5.3.34 (5.3.34) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "spring_framework",
"vendor": "vmware",
"versions": [
{
"lessThan": "6.1.6",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "6.0.19",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "5.3.34",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22262",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-27T03:55:13.901114Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T13:57:23.898Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:33.714Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://spring.io/security/cve-2024-22262"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240524-0003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Spring Framework",
"vendor": "Spring",
"versions": [
{
"lessThan": "6.1.6",
"status": "affected",
"version": "6.1.x",
"versionType": "6.1.6"
},
{
"lessThan": "6.0.19",
"status": "affected",
"version": "6.0.x",
"versionType": "6.0.19"
},
{
"lessThan": "5.3.34",
"status": "affected",
"version": "5.3.x",
"versionType": "5.3.34"
}
]
}
],
"datePublic": "2024-04-11T05:49:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eApplications that use \u003ccode\u003eUriComponentsBuilder\u003c/code\u003e\u0026nbsp;to parse an externally provided URL (e.g. through a query parameter) \u003cem\u003eAND\u003c/em\u003e\u0026nbsp;perform validation checks on the host of the parsed URL may be vulnerable to a \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://cwe.mitre.org/data/definitions/601.html\"\u003eopen redirect\u003c/a\u003e\u0026nbsp;attack or to a SSRF attack if the URL is used after passing validation checks.\u003c/p\u003e\u003cp\u003eThis is the same as \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://spring.io/security/cve-2024-22259\"\u003eCVE-2024-22259\u003c/a\u003e\u0026nbsp;and \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://spring.io/security/cve-2024-22243\"\u003eCVE-2024-22243\u003c/a\u003e, but with different input.\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cbr\u003e"
}
],
"value": "Applications that use UriComponentsBuilder\u00a0to parse an externally provided URL (e.g. through a query parameter) AND\u00a0perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html \u00a0attack or to a SSRF attack if the URL is used after passing validation checks.\n\nThis is the same as CVE-2024-22259 https://spring.io/security/cve-2024-22259 \u00a0and CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-10T17:10:02.095Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://spring.io/security/cve-2024-22262"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240524-0003/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2024-22262: Spring Framework URL Parsing with Host Validation",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-22262",
"datePublished": "2024-04-16T05:54:12.786Z",
"dateReserved": "2024-01-08T18:43:17.077Z",
"dateUpdated": "2025-02-13T17:33:40.239Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22259 (GCVE-0-2024-22259)
Vulnerability from nvd – Published: 2024-03-16 04:40 – Updated: 2025-02-13 17:33
VLAI?
Title
CVE-2024-22259: Spring Framework URL Parsing with Host Validation (2nd report)
Summary
Applications that use UriComponentsBuilder in Spring Framework to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used after passing validation checks.
This is the same as CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.
Severity ?
8.1 (High)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Spring | Spring Framework |
Affected:
6.1.x , < 6.1.5
(git)
Affected: 6.0.x , < 6.0.18 (git) Affected: 5.3.x , < 5.3.33 (git) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "spring_framework",
"vendor": "vmware",
"versions": [
{
"lessThan": "6.1.5",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "6.0.18",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "5.3.33",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22259",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-27T03:55:11.965544Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T13:56:18.445Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.152Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://spring.io/security/cve-2024-22259"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240524-0002/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"packageName": "Spring Framework",
"product": "Spring Framework",
"vendor": "Spring",
"versions": [
{
"lessThan": "6.1.5",
"status": "affected",
"version": "6.1.x",
"versionType": "git"
},
{
"lessThan": "6.0.18",
"status": "affected",
"version": "6.0.x",
"versionType": "git"
},
{
"lessThan": "5.3.33",
"status": "affected",
"version": "5.3.x",
"versionType": "git"
}
]
}
],
"datePublic": "2024-03-15T10:36:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eApplications that use \u003ccode\u003eUriComponentsBuilder in Spring Framework\u003c/code\u003e\u0026nbsp;to parse an externally provided URL (e.g. through a query parameter) \u003cem\u003eAND\u003c/em\u003e\u0026nbsp;perform validation checks on the host of the parsed URL may be vulnerable to a \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://cwe.mitre.org/data/definitions/601.html\"\u003eopen redirect\u003c/a\u003e\u0026nbsp;attack or to a SSRF attack if the URL is used after passing validation checks.\u003c/p\u003e\u003cp\u003eThis is the same as \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://spring.io/security/cve-2024-22243\"\u003eCVE-2024-22243\u003c/a\u003e, but with different input.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "Applications that use UriComponentsBuilder in Spring Framework\u00a0to parse an externally provided URL (e.g. through a query parameter) AND\u00a0perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html \u00a0attack or to a SSRF attack if the URL is used after passing validation checks.\n\nThis is the same as CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-10T18:08:02.696Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://spring.io/security/cve-2024-22259"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240524-0002/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2024-22259: Spring Framework URL Parsing with Host Validation (2nd report)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-22259",
"datePublished": "2024-03-16T04:40:08.680Z",
"dateReserved": "2024-01-08T18:43:15.943Z",
"dateUpdated": "2025-02-13T17:33:39.598Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22243 (GCVE-0-2024-22243)
Vulnerability from nvd – Published: 2024-02-23 05:03 – Updated: 2025-02-13 17:33
VLAI?
Title
CVE-2024-22243: Spring Framework URL Parsing with Host Validation
Summary
Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used after passing validation checks.
Severity ?
8.1 (High)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Spring | Spring Framework |
Affected:
6.0.x , < 6.0.17
(6.0.17)
Affected: 6.1.x , < 6.1.4 (6.1.4) Affected: 5.3.x , < 5.3.32 (5.3.32) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:vmware:spring_framework:6.0.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "spring_framework",
"vendor": "vmware",
"versions": [
{
"lessThan": "6.0.17",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:vmware:spring_framework:6.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "spring_framework",
"vendor": "vmware",
"versions": [
{
"lessThan": "6.1.4",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:pivotal_software:spring_framework:5.3.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "spring_framework",
"vendor": "pivotal_software",
"versions": [
{
"lessThan": "5.3.32",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*"
],
"defaultStatus": "unknown",
"product": "active_iq_unified_manager",
"vendor": "netapp",
"versions": [
{
"status": "affected",
"version": "5.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*"
],
"defaultStatus": "unknown",
"product": "active_iq_unified_manager",
"vendor": "netapp",
"versions": [
{
"status": "affected",
"version": "5.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*"
],
"defaultStatus": "unknown",
"product": "active_iq_unified_manager",
"vendor": "netapp",
"versions": [
{
"status": "affected",
"version": "5.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22243",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-27T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T03:55:12.310Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-09-10T05:02:44.560Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://spring.io/security/cve-2024-22243"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240524-0001/"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Sep/24"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Spring Framework",
"vendor": "Spring",
"versions": [
{
"lessThan": "6.0.17",
"status": "affected",
"version": "6.0.x",
"versionType": "6.0.17"
},
{
"lessThan": "6.1.4",
"status": "affected",
"version": "6.1.x",
"versionType": "6.1.4"
},
{
"lessThan": "5.3.32",
"status": "affected",
"version": "5.3.x",
"versionType": "5.3.32"
}
]
}
],
"datePublic": "2024-02-21T16:18:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eApplications that use \u003c/span\u003e\u003ccode\u003eUriComponentsBuilder\u003c/code\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;to parse an externally provided URL (e.g. through a query parameter) \u003c/span\u003e\u003cem\u003eAND\u003c/em\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;perform validation checks on the host of the parsed URL may be vulnerable to a \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://cwe.mitre.org/data/definitions/601.html\"\u003eopen redirect\u003c/a\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;attack or to a SSRF attack if the URL is used after passing validation checks.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Applications that use UriComponentsBuilder\u00a0to parse an externally provided URL (e.g. through a query parameter) AND\u00a0perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html \u00a0attack or to a SSRF attack if the URL is used after passing validation checks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-10T17:09:48.637Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://spring.io/security/cve-2024-22243"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240524-0001/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2024-22243: Spring Framework URL Parsing with Host Validation",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-22243",
"datePublished": "2024-02-23T05:03:54.426Z",
"dateReserved": "2024-01-08T18:43:03.535Z",
"dateUpdated": "2025-02-13T17:33:38.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22233 (GCVE-0-2024-22233)
Vulnerability from nvd – Published: 2024-01-22 12:16 – Updated: 2025-06-20 18:41
VLAI?
Title
CVE-2024-22233: Spring Framework server Web DoS Vulnerability
Summary
In Spring Framework versions 6.0.15 and 6.1.2, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.
Specifically, an application is vulnerable when all of the following are true:
* the application uses Spring MVC
* Spring Security 6.1.6+ or 6.2.1+ is on the classpath
Typically, Spring Boot applications need the org.springframework.boot:spring-boot-starter-web and org.springframework.boot:spring-boot-starter-security dependencies to meet all conditions.
Severity ?
7.5 (High)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Spring | Spring Framework |
Affected:
6.1.2
Affected: 6.0.15 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:33.811Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://spring.io/security/cve-2024-22233/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240614-0005/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22233",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-22T18:41:14.013459Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T18:41:29.445Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Spring Framework",
"vendor": "Spring",
"versions": [
{
"status": "affected",
"version": "6.1.2"
},
{
"status": "affected",
"version": "6.0.15"
}
]
}
],
"datePublic": "2024-01-22T11:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn Spring Framework versions 6.0.15 and 6.1.2, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.\u003c/p\u003e\u003cp\u003eSpecifically, an application is vulnerable when all of the following are true:\u003c/p\u003e\u003cul\u003e\u003cli\u003ethe application uses Spring MVC\u003c/li\u003e\u003cli\u003eSpring Security 6.1.6+ or 6.2.1+ is on the classpath\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eTypically, Spring Boot applications need the \u003ccode\u003eorg.springframework.boot:spring-boot-starter-web\u003c/code\u003e\u0026nbsp;and \u003ccode\u003eorg.springframework.boot:spring-boot-starter-security\u003c/code\u003e\u0026nbsp;dependencies to meet all conditions.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "In Spring Framework versions 6.0.15 and 6.1.2, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.\n\nSpecifically, an application is vulnerable when all of the following are true:\n\n * the application uses Spring MVC\n * Spring Security 6.1.6+ or 6.2.1+ is on the classpath\n\n\nTypically, Spring Boot applications need the org.springframework.boot:spring-boot-starter-web\u00a0and org.springframework.boot:spring-boot-starter-security\u00a0dependencies to meet all conditions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T13:06:02.305Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://spring.io/security/cve-2024-22233/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240614-0005/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2024-22233: Spring Framework server Web DoS Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-22233",
"datePublished": "2024-01-22T12:16:15.223Z",
"dateReserved": "2024-01-08T16:40:16.141Z",
"dateUpdated": "2025-06-20T18:41:29.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-34053 (GCVE-0-2023-34053)
Vulnerability from nvd – Published: 2023-11-28 08:10 – Updated: 2025-02-13 16:55
VLAI?
Title
Spring Framework server Web Observations DoS Vulnerability
Summary
In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.
Specifically, an application is vulnerable when all of the following are true:
* the application uses Spring MVC or Spring WebFlux
* io.micrometer:micrometer-core is on the classpath
* an ObservationRegistry is configured in the application to record observations
Typically, Spring Boot applications need the org.springframework.boot:spring-boot-actuator dependency to meet all conditions.
Severity ?
5.3 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Spring | Spring Framework |
Affected:
6.0.0 , < 6.0.14
(6.0.14)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:52.437Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://spring.io/security/cve-2023-34053"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231214-0007/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS",
"Linux",
"iOS",
"Android",
"x86",
"ARM",
"64 bit",
"32 bit"
],
"product": "Spring Framework",
"vendor": "Spring",
"versions": [
{
"lessThan": "6.0.14",
"status": "affected",
"version": "6.0.0",
"versionType": "6.0.14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.\u003c/p\u003e\u003cp\u003eSpecifically, an application is vulnerable when all of the following are true:\u003c/p\u003e\u003cul\u003e\u003cli\u003ethe application uses Spring MVC or Spring WebFlux\u003c/li\u003e\u003cli\u003e\u003ccode\u003eio.micrometer:micrometer-core\u003c/code\u003e\u0026nbsp;is on the classpath\u003c/li\u003e\u003cli\u003ean ObservationRegistry is configured in the application to record observations\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eTypically, Spring Boot applications need the \u003ccode\u003eorg.springframework.boot:spring-boot-actuator\u003c/code\u003e\u0026nbsp;dependency to meet all conditions.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.\n\nSpecifically, an application is vulnerable when all of the following are true:\n\n * the application uses Spring MVC or Spring WebFlux\n * io.micrometer:micrometer-core\u00a0is on the classpath\n * an ObservationRegistry is configured in the application to record observations\n\n\nTypically, Spring Boot applications need the org.springframework.boot:spring-boot-actuator\u00a0dependency to meet all conditions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-14T10:06:40.267Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://spring.io/security/cve-2023-34053"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231214-0007/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Spring Framework server Web Observations DoS Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2023-34053",
"datePublished": "2023-11-28T08:10:37.217Z",
"dateReserved": "2023-05-25T17:21:56.203Z",
"dateUpdated": "2025-02-13T16:55:14.580Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22233 (GCVE-0-2025-22233)
Vulnerability from cvelistv5 – Published: 2025-05-16 19:14 – Updated: 2025-05-17 02:37
VLAI?
Title
Spring Framework DataBinder Case Sensitive Match Exception
Summary
CVE-2024-38820 ensured Locale-independent, lowercase conversion for both the configured disallowedFields patterns and for request parameter names. However, there are still cases where it is possible to bypass the disallowedFields checks.
Affected Spring Products and Versions
Spring Framework:
* 6.2.0 - 6.2.6
* 6.1.0 - 6.1.19
* 6.0.0 - 6.0.27
* 5.3.0 - 5.3.42
* Older, unsupported versions are also affected
Mitigation
Users of affected versions should upgrade to the corresponding fixed version.
Affected version(s)Fix Version Availability 6.2.x
6.2.7
OSS6.1.x
6.1.20
OSS6.0.x
6.0.28
Commercial https://enterprise.spring.io/ 5.3.x
5.3.43
Commercial https://enterprise.spring.io/
No further mitigation steps are necessary.
Generally, we recommend using a dedicated model object with properties only for data binding, or using constructor binding since constructor arguments explicitly declare what to bind together with turning off setter binding through the declarativeBinding flag. See the Model Design section in the reference documentation.
For setting binding, prefer the use of allowedFields (an explicit list) over disallowedFields.
Credit
This issue was responsibly reported by the TERASOLUNA Framework Development Team from NTT DATA Group Corporation.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Spring | Spring Framework |
Affected:
6.2.0 , ≤ 6.2.6
(Framework)
Affected: 6.1.0 , ≤ 6.1.19 (Framework) Affected: 6.0.0 , ≤ 6.0.27 (Enterprise Framework) Affected: 5.3.0 , ≤ 5.3.42 (Enterprise Framework) Unaffected: 6.2.7 (Framework) Unaffected: 6.1.20 (Framework) Unaffected: 6.0.28 (Enterprise Framework) Unaffected: 5.3.43 (Entrprise Framework) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22233",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-17T02:36:53.736871Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-17T02:37:03.191Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Spring Framework",
"vendor": "Spring",
"versions": [
{
"lessThanOrEqual": "6.2.6",
"status": "affected",
"version": "6.2.0",
"versionType": "Framework"
},
{
"lessThanOrEqual": "6.1.19",
"status": "affected",
"version": "6.1.0",
"versionType": "Framework"
},
{
"lessThanOrEqual": "6.0.27",
"status": "affected",
"version": "6.0.0",
"versionType": "Enterprise Framework"
},
{
"lessThanOrEqual": "5.3.42",
"status": "affected",
"version": "5.3.0",
"versionType": "Enterprise Framework"
},
{
"status": "unaffected",
"version": "6.2.7",
"versionType": "Framework"
},
{
"status": "unaffected",
"version": "6.1.20",
"versionType": "Framework"
},
{
"status": "unaffected",
"version": "6.0.28",
"versionType": "Enterprise Framework"
},
{
"status": "unaffected",
"version": "5.3.43",
"versionType": "Entrprise Framework"
}
]
}
],
"datePublic": "2025-05-15T15:02:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "CVE-2024-38820 ensured Locale-independent, lowercase conversion for both the configured disallowedFields patterns and for request parameter names. However, there are still cases where it is possible to bypass the disallowedFields checks.\u003cbr\u003e\u003cbr\u003e\u003cb\u003eAffected Spring Products and Versions\u003c/b\u003e\u003cbr\u003e\u003cbr\u003eSpring Framework:\u003cbr\u003e\u003cul\u003e\u003cli\u003e6.2.0 - 6.2.6\u003cbr\u003e\u003c/li\u003e\u003cli\u003e6.1.0 - 6.1.19\u003cbr\u003e\u003c/li\u003e\u003cli\u003e6.0.0 - 6.0.27\u003cbr\u003e\u003c/li\u003e\u003cli\u003e5.3.0 - 5.3.42\u003c/li\u003e\u003cli\u003eOlder, unsupported versions are also affected\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e\u003cb\u003eMitigation\u003c/b\u003e\u003cbr\u003e\u003cbr\u003eUsers of affected versions should upgrade to the corresponding fixed version.\u003cbr\u003e\u003cbr\u003e\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eAffected version(s)\u003c/td\u003e\u003ctd\u003eFix Version\u0026nbsp;\u003c/td\u003e\u003ctd\u003eAvailability\u0026nbsp;\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e6.2.x\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e 6.2.7\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eOSS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e6.1.x\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e 6.1.20\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eOSS\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e6.0.x\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e 6.0.28\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://enterprise.spring.io/\"\u003eCommercial\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e5.3.x\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e 5.3.43\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://enterprise.spring.io/\"\u003eCommercial\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNo further mitigation steps are necessary.\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e\u003cbr\u003eGenerally, we recommend using a dedicated model object with properties only for data binding, or using constructor binding since constructor arguments explicitly declare what to bind together with turning off setter binding through the declarativeBinding flag. See the Model Design section in the reference documentation.\u003cbr\u003e\u003cbr\u003eFor setting binding, prefer the use of allowedFields (an explicit list) over disallowedFields.\u003cbr\u003e\u003cbr\u003eCredit\u003cbr\u003e\u003cbr\u003eThis issue was responsibly reported by the TERASOLUNA Framework Development Team from NTT DATA Group Corporation.\u003cbr\u003e"
}
],
"value": "CVE-2024-38820 ensured Locale-independent, lowercase conversion for both the configured disallowedFields patterns and for request parameter names. However, there are still cases where it is possible to bypass the disallowedFields checks.\n\nAffected Spring Products and Versions\n\nSpring Framework:\n * 6.2.0 - 6.2.6\n\n * 6.1.0 - 6.1.19\n\n * 6.0.0 - 6.0.27\n\n * 5.3.0 - 5.3.42\n * Older, unsupported versions are also affected\n\n\n\nMitigation\n\nUsers of affected versions should upgrade to the corresponding fixed version.\n\nAffected version(s)Fix Version\u00a0Availability\u00a06.2.x\n 6.2.7\nOSS6.1.x\n 6.1.20\nOSS6.0.x\n 6.0.28\n Commercial https://enterprise.spring.io/ 5.3.x\n 5.3.43\n Commercial https://enterprise.spring.io/ \nNo further mitigation steps are necessary.\n\n\nGenerally, we recommend using a dedicated model object with properties only for data binding, or using constructor binding since constructor arguments explicitly declare what to bind together with turning off setter binding through the declarativeBinding flag. See the Model Design section in the reference documentation.\n\nFor setting binding, prefer the use of allowedFields (an explicit list) over disallowedFields.\n\nCredit\n\nThis issue was responsibly reported by the TERASOLUNA Framework Development Team from NTT DATA Group Corporation."
}
],
"impacts": [
{
"capecId": "CAPEC-137",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-137: Parameter Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-16T19:14:07.500Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N\u0026version=3.1"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Spring Framework DataBinder Case Sensitive Match Exception",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-22233",
"datePublished": "2025-05-16T19:14:07.500Z",
"dateReserved": "2025-01-02T04:29:59.191Z",
"dateUpdated": "2025-05-17T02:37:03.191Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38808 (GCVE-0-2024-38808)
Vulnerability from cvelistv5 – Published: 2024-08-20 07:12 – Updated: 2024-10-30 18:41
VLAI?
Title
CVE-2024-38808: Spring Expression DoS Vulnerability
Summary
In Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially crafted Spring Expression Language (SpEL) expression that may cause a denial of service (DoS) condition.
Specifically, an application is vulnerable when the following is true:
* The application evaluates user-supplied SpEL expressions.
Severity ?
4.3 (Medium)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Spring | Spring Framework |
Affected:
5.3.0 , < 5.3.39, 6.0+
(5.3.396.0)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38808",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-20T13:48:27.427803Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T18:41:27.943Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-09-20T16:03:07.732Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20240920-0002/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"packageName": "Spring Framework",
"product": "Spring Framework",
"vendor": "Spring",
"versions": [
{
"lessThan": "5.3.39, 6.0+",
"status": "affected",
"version": "5.3.0",
"versionType": "5.3.396.0"
}
]
}
],
"datePublic": "2024-08-14T07:08:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially crafted Spring Expression Language (SpEL) expression that may cause a denial of service (DoS) condition.\u003c/p\u003e\u003cp\u003eSpecifically, an application is vulnerable when the following is true:\u003c/p\u003e\u003cul\u003e\u003cli\u003eThe application evaluates user-supplied SpEL expressions.\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e"
}
],
"value": "In Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially crafted Spring Expression Language (SpEL) expression that may cause a denial of service (DoS) condition.\n\nSpecifically, an application is vulnerable when the following is true:\n\n * The application evaluates user-supplied SpEL expressions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-20T07:12:44.736Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://spring.io/security/cve-2024-38808"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2024-38808: Spring Expression DoS Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-38808",
"datePublished": "2024-08-20T07:12:44.736Z",
"dateReserved": "2024-06-19T22:31:57.187Z",
"dateUpdated": "2024-10-30T18:41:27.943Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22262 (GCVE-0-2024-22262)
Vulnerability from cvelistv5 – Published: 2024-04-16 05:54 – Updated: 2025-02-13 17:33
VLAI?
Title
CVE-2024-22262: Spring Framework URL Parsing with Host Validation
Summary
Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used after passing validation checks.
This is the same as CVE-2024-22259 https://spring.io/security/cve-2024-22259 and CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.
Severity ?
8.1 (High)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Spring | Spring Framework |
Affected:
6.1.x , < 6.1.6
(6.1.6)
Affected: 6.0.x , < 6.0.19 (6.0.19) Affected: 5.3.x , < 5.3.34 (5.3.34) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "spring_framework",
"vendor": "vmware",
"versions": [
{
"lessThan": "6.1.6",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "6.0.19",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "5.3.34",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22262",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-27T03:55:13.901114Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T13:57:23.898Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:33.714Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://spring.io/security/cve-2024-22262"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240524-0003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Spring Framework",
"vendor": "Spring",
"versions": [
{
"lessThan": "6.1.6",
"status": "affected",
"version": "6.1.x",
"versionType": "6.1.6"
},
{
"lessThan": "6.0.19",
"status": "affected",
"version": "6.0.x",
"versionType": "6.0.19"
},
{
"lessThan": "5.3.34",
"status": "affected",
"version": "5.3.x",
"versionType": "5.3.34"
}
]
}
],
"datePublic": "2024-04-11T05:49:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eApplications that use \u003ccode\u003eUriComponentsBuilder\u003c/code\u003e\u0026nbsp;to parse an externally provided URL (e.g. through a query parameter) \u003cem\u003eAND\u003c/em\u003e\u0026nbsp;perform validation checks on the host of the parsed URL may be vulnerable to a \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://cwe.mitre.org/data/definitions/601.html\"\u003eopen redirect\u003c/a\u003e\u0026nbsp;attack or to a SSRF attack if the URL is used after passing validation checks.\u003c/p\u003e\u003cp\u003eThis is the same as \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://spring.io/security/cve-2024-22259\"\u003eCVE-2024-22259\u003c/a\u003e\u0026nbsp;and \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://spring.io/security/cve-2024-22243\"\u003eCVE-2024-22243\u003c/a\u003e, but with different input.\u003c/p\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cbr\u003e"
}
],
"value": "Applications that use UriComponentsBuilder\u00a0to parse an externally provided URL (e.g. through a query parameter) AND\u00a0perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html \u00a0attack or to a SSRF attack if the URL is used after passing validation checks.\n\nThis is the same as CVE-2024-22259 https://spring.io/security/cve-2024-22259 \u00a0and CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-10T17:10:02.095Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://spring.io/security/cve-2024-22262"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240524-0003/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2024-22262: Spring Framework URL Parsing with Host Validation",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-22262",
"datePublished": "2024-04-16T05:54:12.786Z",
"dateReserved": "2024-01-08T18:43:17.077Z",
"dateUpdated": "2025-02-13T17:33:40.239Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22259 (GCVE-0-2024-22259)
Vulnerability from cvelistv5 – Published: 2024-03-16 04:40 – Updated: 2025-02-13 17:33
VLAI?
Title
CVE-2024-22259: Spring Framework URL Parsing with Host Validation (2nd report)
Summary
Applications that use UriComponentsBuilder in Spring Framework to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used after passing validation checks.
This is the same as CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.
Severity ?
8.1 (High)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Spring | Spring Framework |
Affected:
6.1.x , < 6.1.5
(git)
Affected: 6.0.x , < 6.0.18 (git) Affected: 5.3.x , < 5.3.33 (git) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "spring_framework",
"vendor": "vmware",
"versions": [
{
"lessThan": "6.1.5",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"lessThan": "6.0.18",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
},
{
"lessThan": "5.3.33",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22259",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-27T03:55:11.965544Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T13:56:18.445Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.152Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://spring.io/security/cve-2024-22259"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240524-0002/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"packageName": "Spring Framework",
"product": "Spring Framework",
"vendor": "Spring",
"versions": [
{
"lessThan": "6.1.5",
"status": "affected",
"version": "6.1.x",
"versionType": "git"
},
{
"lessThan": "6.0.18",
"status": "affected",
"version": "6.0.x",
"versionType": "git"
},
{
"lessThan": "5.3.33",
"status": "affected",
"version": "5.3.x",
"versionType": "git"
}
]
}
],
"datePublic": "2024-03-15T10:36:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eApplications that use \u003ccode\u003eUriComponentsBuilder in Spring Framework\u003c/code\u003e\u0026nbsp;to parse an externally provided URL (e.g. through a query parameter) \u003cem\u003eAND\u003c/em\u003e\u0026nbsp;perform validation checks on the host of the parsed URL may be vulnerable to a \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://cwe.mitre.org/data/definitions/601.html\"\u003eopen redirect\u003c/a\u003e\u0026nbsp;attack or to a SSRF attack if the URL is used after passing validation checks.\u003c/p\u003e\u003cp\u003eThis is the same as \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://spring.io/security/cve-2024-22243\"\u003eCVE-2024-22243\u003c/a\u003e, but with different input.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "Applications that use UriComponentsBuilder in Spring Framework\u00a0to parse an externally provided URL (e.g. through a query parameter) AND\u00a0perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html \u00a0attack or to a SSRF attack if the URL is used after passing validation checks.\n\nThis is the same as CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-10T18:08:02.696Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://spring.io/security/cve-2024-22259"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240524-0002/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2024-22259: Spring Framework URL Parsing with Host Validation (2nd report)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-22259",
"datePublished": "2024-03-16T04:40:08.680Z",
"dateReserved": "2024-01-08T18:43:15.943Z",
"dateUpdated": "2025-02-13T17:33:39.598Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22243 (GCVE-0-2024-22243)
Vulnerability from cvelistv5 – Published: 2024-02-23 05:03 – Updated: 2025-02-13 17:33
VLAI?
Title
CVE-2024-22243: Spring Framework URL Parsing with Host Validation
Summary
Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used after passing validation checks.
Severity ?
8.1 (High)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Spring | Spring Framework |
Affected:
6.0.x , < 6.0.17
(6.0.17)
Affected: 6.1.x , < 6.1.4 (6.1.4) Affected: 5.3.x , < 5.3.32 (5.3.32) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:vmware:spring_framework:6.0.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "spring_framework",
"vendor": "vmware",
"versions": [
{
"lessThan": "6.0.17",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:vmware:spring_framework:6.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "spring_framework",
"vendor": "vmware",
"versions": [
{
"lessThan": "6.1.4",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:pivotal_software:spring_framework:5.3.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "spring_framework",
"vendor": "pivotal_software",
"versions": [
{
"lessThan": "5.3.32",
"status": "affected",
"version": "5.3.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*"
],
"defaultStatus": "unknown",
"product": "active_iq_unified_manager",
"vendor": "netapp",
"versions": [
{
"status": "affected",
"version": "5.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*"
],
"defaultStatus": "unknown",
"product": "active_iq_unified_manager",
"vendor": "netapp",
"versions": [
{
"status": "affected",
"version": "5.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*"
],
"defaultStatus": "unknown",
"product": "active_iq_unified_manager",
"vendor": "netapp",
"versions": [
{
"status": "affected",
"version": "5.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22243",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-27T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T03:55:12.310Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-09-10T05:02:44.560Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://spring.io/security/cve-2024-22243"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240524-0001/"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Sep/24"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Spring Framework",
"vendor": "Spring",
"versions": [
{
"lessThan": "6.0.17",
"status": "affected",
"version": "6.0.x",
"versionType": "6.0.17"
},
{
"lessThan": "6.1.4",
"status": "affected",
"version": "6.1.x",
"versionType": "6.1.4"
},
{
"lessThan": "5.3.32",
"status": "affected",
"version": "5.3.x",
"versionType": "5.3.32"
}
]
}
],
"datePublic": "2024-02-21T16:18:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eApplications that use \u003c/span\u003e\u003ccode\u003eUriComponentsBuilder\u003c/code\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;to parse an externally provided URL (e.g. through a query parameter) \u003c/span\u003e\u003cem\u003eAND\u003c/em\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;perform validation checks on the host of the parsed URL may be vulnerable to a \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://cwe.mitre.org/data/definitions/601.html\"\u003eopen redirect\u003c/a\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;attack or to a SSRF attack if the URL is used after passing validation checks.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Applications that use UriComponentsBuilder\u00a0to parse an externally provided URL (e.g. through a query parameter) AND\u00a0perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html \u00a0attack or to a SSRF attack if the URL is used after passing validation checks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-10T17:09:48.637Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://spring.io/security/cve-2024-22243"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240524-0001/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2024-22243: Spring Framework URL Parsing with Host Validation",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-22243",
"datePublished": "2024-02-23T05:03:54.426Z",
"dateReserved": "2024-01-08T18:43:03.535Z",
"dateUpdated": "2025-02-13T17:33:38.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22233 (GCVE-0-2024-22233)
Vulnerability from cvelistv5 – Published: 2024-01-22 12:16 – Updated: 2025-06-20 18:41
VLAI?
Title
CVE-2024-22233: Spring Framework server Web DoS Vulnerability
Summary
In Spring Framework versions 6.0.15 and 6.1.2, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.
Specifically, an application is vulnerable when all of the following are true:
* the application uses Spring MVC
* Spring Security 6.1.6+ or 6.2.1+ is on the classpath
Typically, Spring Boot applications need the org.springframework.boot:spring-boot-starter-web and org.springframework.boot:spring-boot-starter-security dependencies to meet all conditions.
Severity ?
7.5 (High)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Spring | Spring Framework |
Affected:
6.1.2
Affected: 6.0.15 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:33.811Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://spring.io/security/cve-2024-22233/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240614-0005/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22233",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-22T18:41:14.013459Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T18:41:29.445Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Spring Framework",
"vendor": "Spring",
"versions": [
{
"status": "affected",
"version": "6.1.2"
},
{
"status": "affected",
"version": "6.0.15"
}
]
}
],
"datePublic": "2024-01-22T11:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn Spring Framework versions 6.0.15 and 6.1.2, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.\u003c/p\u003e\u003cp\u003eSpecifically, an application is vulnerable when all of the following are true:\u003c/p\u003e\u003cul\u003e\u003cli\u003ethe application uses Spring MVC\u003c/li\u003e\u003cli\u003eSpring Security 6.1.6+ or 6.2.1+ is on the classpath\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eTypically, Spring Boot applications need the \u003ccode\u003eorg.springframework.boot:spring-boot-starter-web\u003c/code\u003e\u0026nbsp;and \u003ccode\u003eorg.springframework.boot:spring-boot-starter-security\u003c/code\u003e\u0026nbsp;dependencies to meet all conditions.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "In Spring Framework versions 6.0.15 and 6.1.2, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.\n\nSpecifically, an application is vulnerable when all of the following are true:\n\n * the application uses Spring MVC\n * Spring Security 6.1.6+ or 6.2.1+ is on the classpath\n\n\nTypically, Spring Boot applications need the org.springframework.boot:spring-boot-starter-web\u00a0and org.springframework.boot:spring-boot-starter-security\u00a0dependencies to meet all conditions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-14T13:06:02.305Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://spring.io/security/cve-2024-22233/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240614-0005/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2024-22233: Spring Framework server Web DoS Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-22233",
"datePublished": "2024-01-22T12:16:15.223Z",
"dateReserved": "2024-01-08T16:40:16.141Z",
"dateUpdated": "2025-06-20T18:41:29.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-34053 (GCVE-0-2023-34053)
Vulnerability from cvelistv5 – Published: 2023-11-28 08:10 – Updated: 2025-02-13 16:55
VLAI?
Title
Spring Framework server Web Observations DoS Vulnerability
Summary
In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.
Specifically, an application is vulnerable when all of the following are true:
* the application uses Spring MVC or Spring WebFlux
* io.micrometer:micrometer-core is on the classpath
* an ObservationRegistry is configured in the application to record observations
Typically, Spring Boot applications need the org.springframework.boot:spring-boot-actuator dependency to meet all conditions.
Severity ?
5.3 (Medium)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Spring | Spring Framework |
Affected:
6.0.0 , < 6.0.14
(6.0.14)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:52.437Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://spring.io/security/cve-2023-34053"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231214-0007/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"MacOS",
"Linux",
"iOS",
"Android",
"x86",
"ARM",
"64 bit",
"32 bit"
],
"product": "Spring Framework",
"vendor": "Spring",
"versions": [
{
"lessThan": "6.0.14",
"status": "affected",
"version": "6.0.0",
"versionType": "6.0.14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIn Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.\u003c/p\u003e\u003cp\u003eSpecifically, an application is vulnerable when all of the following are true:\u003c/p\u003e\u003cul\u003e\u003cli\u003ethe application uses Spring MVC or Spring WebFlux\u003c/li\u003e\u003cli\u003e\u003ccode\u003eio.micrometer:micrometer-core\u003c/code\u003e\u0026nbsp;is on the classpath\u003c/li\u003e\u003cli\u003ean ObservationRegistry is configured in the application to record observations\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eTypically, Spring Boot applications need the \u003ccode\u003eorg.springframework.boot:spring-boot-actuator\u003c/code\u003e\u0026nbsp;dependency to meet all conditions.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.\n\nSpecifically, an application is vulnerable when all of the following are true:\n\n * the application uses Spring MVC or Spring WebFlux\n * io.micrometer:micrometer-core\u00a0is on the classpath\n * an ObservationRegistry is configured in the application to record observations\n\n\nTypically, Spring Boot applications need the org.springframework.boot:spring-boot-actuator\u00a0dependency to meet all conditions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-14T10:06:40.267Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://spring.io/security/cve-2023-34053"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231214-0007/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Spring Framework server Web Observations DoS Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2023-34053",
"datePublished": "2023-11-28T08:10:37.217Z",
"dateReserved": "2023-05-25T17:21:56.203Z",
"dateUpdated": "2025-02-13T16:55:14.580Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}