CVE-2022-22950

CVE-2022-22950

Vendor N/A
Product Spring Framework
Weakness CWE-770 · Uncontrolled resource consumption
Published April 1, 2022
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

n Spring Framework versions 5.3.0 - 5.3.16 and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial of service condition.

Key dates

02Disclosure timeline

April 1, 2022 CVE published
August 3, 2024 Record updated