Lucene search
Broadcom Security ResponseBSNSA23257HistoryApr 16, 2024 - 12:00 a.m.
Spring Expression DoS Vulnerability (CVE-2023-20863)
2024-04-1600:00:00
Broadcom Security Response
support.broadcom.com
9
spring framework
version 6.0.0
version 5.3.26
spel expression
denial-of-service
vulnerability
unsupported versions
In Spring Framework versions 6.0.0 - 6.0.7, 5.3.0 - 5.3.26, 5.2.0.RELEASE - 5.2.23.RELEASE, and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition.
Affected configurations
Node
broadcombrocade_sannavRange<2.3.0a
| CPE | Name | Operator | Version |
|---|---|---|---|
| brocade sannav | lt | 2.3.0a |
Related
ubuntucve
ubuntucve
CVE-2023-20863
2023-04-13 00:00:00
nvd
nvd
CVE-2023-20863
2023-04-13 20:15:07
redhatcve
redhatcve
CVE-2023-20863
2023-04-18 15:31:05
ibm
ibm
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to VMware Tanzu Spring Framework denial of service vulnerabilitiy [CVE-2023-20863]
2023-07-20 16:39:20
openvas
openvas
cve
cve
CVE-2023-20863
2023-04-13 20:15:07
github
github
Spring Framework vulnerable to denial of service
2023-04-13 21:30:27
veracode
veracode
Denial Of Service (DoS)
2023-04-18 07:02:49
osv
osv
CVE-2023-20863
2023-04-13 20:15:07
Spring Framework vulnerable to denial of service
2023-04-13 21:30:27
debiancve
debiancve
CVE-2023-20863
2023-04-13 20:15:07
prion
prion
Race condition
2023-04-13 20:15:00
cvelist
cvelist
CVE-2023-20863
2023-04-13 00:00:00
redhat
redhat
nessus
nessus
Oracle Primavera Gateway (Jul 2023 CPU)
2023-07-19 00:00:00
Oracle MySQL Enterprise Monitor (October 2023 CPU)
2023-10-19 00:00:00
Oracle WebLogic Server (July 2023 CPU)
2023-07-20 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2023
2023-10-17 00:00:00
Oracle Critical Patch Update Advisory - January 2024
2024-01-16 00:00:00
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00