In Spring Framework versions 6.0.0 - 6.0.6, 5.3.0 - 5.3.25, 5.2.0.RELEASE - 5.2.22.RELEASE, and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition.

CPENameOperatorVersion
brocade sannavlt2.3.0a

CPE	Name	Operator	Version
	brocade sannav	lt	2.3.0a

ibm 28

cve 1

ubuntucve 1

veracode 1

osv 2

prion 1

f5 1

github 1

nessus 8

debiancve 1

redhatcve 2

openvas 4

spring 1

redhat 9

oracle 3

ibm

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in VMware Tanzu Spring Framework (CVE-2023-20861)

2023-06-28 20:44:09

Security Bulletin: IBM ECM Content Management Interoperability Services (CMIS) spring-expression security vulnerability CVE-2023-20861

2023-05-03 17:28:48

Security Bulletin: Denial of Service vulnerability in Spring may affect IBM Business Automation Workflow - CVE-2023-20861

2023-04-28 17:07:05

cve

CVE-2023-20861

2023-03-23 21:15:19

ubuntucve

CVE-2023-20861

2023-03-23 00:00:00

veracode

Denial Of Service (DoS)

2023-03-27 22:04:35

osv

CVE-2023-20861

2023-03-23 21:15:19

Spring Framework vulnerable to denial of service via specially crafted SpEL expression

2023-03-23 21:30:19

prion

Race condition

2023-03-23 21:15:00

K000134681 : Spring Framework vulnerability CVE-2023-20861

2023-05-19 00:00:00

github

Spring Framework vulnerable to denial of service via specially crafted SpEL expression

2023-03-23 21:30:19

nessus

Spring Framework < 5.2.23 / 5.3.x < 5.3.26 / 6.0.x < 6.0.7 DoS (CVE-2023-20861)

2023-05-04 00:00:00

RHEL 8 : Red Hat Virtualization (RHSA-2023:3771)

2023-06-22 00:00:00

Oracle Identity Manager (Jul 2023 CPU)

2023-07-21 00:00:00

debiancve

CVE-2023-20861

2023-03-23 21:15:19

redhatcve

CVE-2023-20861

2023-03-24 13:07:29

CVE-2023-20860

2023-03-24 13:07:33

openvas

VMware Spring Framework 5.3.x < 5.3.26, 6.0.x < 6.0.7 Security Bypass Vulnerability - Windows

2023-03-21 00:00:00

VMware Spring Framework < 5.2.23, 5.3.x < 5.3.26, 6.0.x < 6.0.7 DoS Vulnerability - Linux

2023-03-21 00:00:00

VMware Spring Framework < 5.2.23, 5.3.x < 5.3.26, 6.0.x < 6.0.7 DoS Vulnerability - Windows

2023-03-21 00:00:00

spring

This Week in Spring - March 21st, 2023

2023-03-21 00:00:00

redhat

(RHSA-2023:3771) Important: Red Hat Virtualization security and bug fix update

2023-06-21 19:50:23

(RHSA-2023:3185) Important: Red Hat AMQ Broker 7.10.3 release and security update

2023-05-17 13:55:59

(RHSA-2023:4612) Important: Red Hat support for Spring Boot 2.7.13 security update

2023-08-16 10:54:20

oracle

Oracle Critical Patch Update Advisory - October 2023

2023-10-17 00:00:00

Oracle Critical Patch Update Advisory - July 2023

2023-07-18 00:00:00

Oracle Critical Patch Update Advisory - April 2024

2024-04-16 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.8%

JSON

Related for BSNSA23261