Lucene search
VmwareCVELIST:CVE-2023-20863HistoryApr 13, 2023 - 12:00 a.m.
CVE-2023-20863
2023-04-1300:00:00
CWE-400
vmware
www.cve.org
1
cve-2023-20863
spring framework
dos vulnerability
In spring framework versions prior to 5.2.24 release+ ,5.3.27+ and 6.0.8+ , it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition.
CNA Affected
[
{
"vendor": "n/a",
"product": "Spring Framework",
"versions": [
{
"version": "Spring framework versions 5.2.x.release prior to 5.2.24.release+, 5.3.x prior to 5.3.27+, 6.0.x prior to 6.0.8+ and older unsupported versions",
"status": "affected"
}
]
}
]Related
ubuntucve
ubuntucve
CVE-2023-20863
2023-04-13 00:00:00
nvd
nvd
CVE-2023-20863
2023-04-13 20:15:07
broadcom
broadcom
Spring Expression DoS Vulnerability (CVE-2023-20863)
2024-04-16 00:00:00
redhatcve
redhatcve
CVE-2023-20863
2023-04-18 15:31:05
openvas
openvas
ibm
ibm
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to VMware Tanzu Spring Framework denial of service vulnerabilitiy [CVE-2023-20863]
2023-07-20 16:39:20
veracode
veracode
Denial Of Service (DoS)
2023-04-18 07:02:49
osv
osv
CVE-2023-20863
2023-04-13 20:15:07
Spring Framework vulnerable to denial of service
2023-04-13 21:30:27
cve
cve
CVE-2023-20863
2023-04-13 20:15:07
github
github
Spring Framework vulnerable to denial of service
2023-04-13 21:30:27
debiancve
debiancve
CVE-2023-20863
2023-04-13 20:15:07
prion
prion
Race condition
2023-04-13 20:15:00
redhat
redhat
nessus
nessus
Oracle Primavera Gateway (Jul 2023 CPU)
2023-07-19 00:00:00
Oracle MySQL Enterprise Monitor (October 2023 CPU)
2023-10-19 00:00:00
Oracle WebLogic Server (July 2023 CPU)
2023-07-20 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - October 2023
2023-10-17 00:00:00
Oracle Critical Patch Update Advisory - January 2024
2024-01-16 00:00:00
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00