Описание
In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user.
Ссылки
- Third Party Advisory
- MitigationVendor Advisory
- PatchThird Party Advisory
- Third Party Advisory
- MitigationVendor Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
Одно из
Одно из
Одно из
EPSS
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
Связанные уязвимости
In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user.
In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user.
In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupp ...
Allocation of Resources Without Limits or Throttling in Spring Framework
Уязвимость программной платформы Spring Framework, связанная с неограниченным распределением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
6.5 Medium
CVSS3
4 Medium
CVSS2