Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-22970

Опубликовано: 12 мая 2022
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 3.5
CVSS3: 5.3

Описание

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

needs-triage

esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

needs-triage

focal

ignored

end of standard support, was needs-triage
impish

ignored

end of life

Показывать по

EPSS

Процентиль: 52%
0.00288
Низкий

3.5 Low

CVSS2

5.3 Medium

CVSS3

Связанные уязвимости

CVSS3: 5.3
redhat
около 3 лет назад

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object.

CVSS3: 5.3
nvd
около 3 лет назад

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object.

CVSS3: 5.3
debian
около 3 лет назад

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupp ...

CVSS3: 7.5
github
около 3 лет назад

Denial of service in Spring Framework

EPSS

Процентиль: 52%
0.00288
Низкий

3.5 Low

CVSS2

5.3 Medium

CVSS3