Количество 6
Количество 6
CVE-2022-22965
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
CVE-2022-22965
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
CVE-2022-22965
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
CVE-2022-22965
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vu ...
GHSA-36p3-wjmg-h94x
Remote Code Execution in Spring Framework
BDU:2022-01631
Уязвимость модуля Spring Core программной платформы Spring Framework, позволяющая нарушителю выполнить произвольный код
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-22965 A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it. | CVSS3: 9.8 | 94% Критический | около 3 лет назад |
 | CVE-2022-22965 A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it. | CVSS3: 8.1 | 94% Критический | около 3 лет назад |
 | CVE-2022-22965 A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it. | CVSS3: 9.8 | 94% Критический | около 3 лет назад |
| CVE-2022-22965 A Spring MVC or Spring WebFlux application running on JDK 9+ may be vu ... | CVSS3: 9.8 | 94% Критический | около 3 лет назад |
| GHSA-36p3-wjmg-h94x Remote Code Execution in Spring Framework | CVSS3: 9.8 | 94% Критический | около 3 лет назад |
 | BDU:2022-01631 Уязвимость модуля Spring Core программной платформы Spring Framework, позволяющая нарушителю выполнить произвольный код | CVSS3: 8.8 | 94% Критический | около 3 лет назад |
Уязвимостей на страницу