Lucene search
VmwareCVELIST:CVE-2022-22969HistoryApr 21, 2022 - 6:16 p.m.
CVE-2022-22969
2022-04-2118:16:02
vmware
www.cve.org
<Issue Description> Spring Security OAuth versions 2.5.x prior to 2.5.2 and older unsupported versions are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client application. A malicious user or attacker can send multiple requests initiating the Authorization Request for the Authorization Code Grant, which has the potential of exhausting system resources using a single session. This vulnerability exposes OAuth 2.0 Client applications only.
CNA Affected
[
{
"product": "Spring Security OAuth",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "<affected versions> Spring Security OAuth 2.5.x prior to 2.5.2 and older unsupported versions"
}
]
}
]Related
osv
osv
Denial of service in Spring Security OAuth2
2022-04-22 00:00:33
CVE-2022-22969
2022-04-21 19:15:08
veracode
veracode
Denial Of Service (DoS)
2022-04-22 01:30:09
spring
spring
CVE report published for Spring Security OAuth
2022-04-21 09:00:00
ibm
ibm
nvd
nvd
CVE-2022-22969
2022-04-21 19:15:08
cnvd
cnvd
Pivotal Spring Security Oauth Resource Management Error Vulnerability
2022-04-24 00:00:00
prion
prion
Authorization
2022-04-21 19:15:00
cve
cve
CVE-2022-22969
2022-04-21 19:15:08
github
github
Denial of service in Spring Security OAuth2
2022-04-22 00:00:33
jvn
jvn
oracle
oracle
Oracle Critical Patch Update Advisory - January 2024
2024-01-16 00:00:00
Oracle Critical Patch Update Advisory - July 2022
2022-07-19 00:00:00