CVE-2021-22097
In Spring AMQP versions 2.2.0 – 2.2.18 and 2.3.0 – 2.3.10, the Spring AMQP Message object, in its toString() method, will deserialize a body for…
Devamını oku
Kategori: Güvenlik Açıkları
CVE-2021-22097 (spring_advanced_message_queuing_protocol)
In Spring AMQP versions 2.2.0 – 2.2.18 and 2.3.0 – 2.3.10, the Spring AMQP Message object, in its toString() method, will deserialize a body for…
CVE-2020-7875
DEXT5 Upload 5.0.0.117 and earlier versions contain a vulnerability, which could allow remote attacker to download and execute remote file by setting the argument, variable…
CVE-2021-22044
In Spring Cloud OpenFeign 3.0.0 to 3.0.4, 2.2.0.RELEASE to 2.2.9.RELEASE, and older unsupported versions, applications using type-level `@RequestMapping`annotations over Feign client interfaces, can be involuntarily…
CVE-2021-22047
In Spring Data REST versions 3.4.0 – 3.4.13, 3.5.0 – 3.5.5, and older unsupported versions, HTTP resources implemented by custom controllers using a configured base…
CVE-2021-22096
In Spring Framework versions 5.3.0 – 5.3.10, 5.2.0 – 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to…
CVE-2020-7875 (dext5upload)
DEXT5 Upload 5.0.0.117 and earlier versions contain a vulnerability, which could allow remote attacker to download and execute remote file by setting the argument, variable…
CVE-2021-22044 (spring_cloud_openfeign)
In Spring Cloud OpenFeign 3.0.0 to 3.0.4, 2.2.0.RELEASE to 2.2.9.RELEASE, and older unsupported versions, applications using type-level `@RequestMapping`annotations over Feign client interfaces, can be involuntarily…
CVE-2021-22047 (spring_data_rest)
In Spring Data REST versions 3.4.0 – 3.4.13, 3.5.0 – 3.5.5, and older unsupported versions, HTTP resources implemented by custom controllers using a configured base…
CVE-2021-22096 (spring_framework)
In Spring Framework versions 5.3.0 – 5.3.10, 5.2.0 – 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to…