Количество 2
Количество 2
CVE-2022-22969
<Issue Description> Spring Security OAuth versions 2.5.x prior to 2.5.2 and older unsupported versions are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client application. A malicious user or attacker can send multiple requests initiating the Authorization Request for the Authorization Code Grant, which has the potential of exhausting system resources using a single session. This vulnerability exposes OAuth 2.0 Client applications only.
GHSA-c2cp-3xj9-97w9
Denial of service in Spring Security OAuth2
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-22969 <Issue Description> Spring Security OAuth versions 2.5.x prior to 2.5.2 and older unsupported versions are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client application. A malicious user or attacker can send multiple requests initiating the Authorization Request for the Authorization Code Grant, which has the potential of exhausting system resources using a single session. This vulnerability exposes OAuth 2.0 Client applications only. | CVSS3: 6.5 | 1% Низкий | почти 4 года назад |
| GHSA-c2cp-3xj9-97w9 Denial of service in Spring Security OAuth2 | CVSS3: 6.5 | 1% Низкий | почти 4 года назад |
Уязвимостей на страницу