Lucene search
VmwareCVELIST:CVE-2023-20873HistoryApr 20, 2023 - 12:00 a.m.
CVE-2023-20873
2023-04-2000:00:00
vmware
www.cve.org
spring boot
cloud foundry
version 3.0.0
version 2.7.0
unsupported versions
security bypass
cve-2023-20873
In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6+. 2.7.x users should upgrade to 2.7.11+. Users of older, unsupported versions should upgrade to 3.0.6+ or 2.7.11+.
CNA Affected
[
{
"vendor": "n/a",
"product": "Spring Boot",
"versions": [
{
"version": "Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions",
"status": "affected"
}
]
}
]Related
spring
spring
This Week in Spring - April 25th, 2023
2023-04-25 00:00:00
redhatcve
redhatcve
CVE-2023-20873
2023-08-14 21:49:56
nvd
nvd
CVE-2023-20873
2023-04-20 21:15:08
openvas
openvas
VMware Spring Boot < 2.7.11, 3.0.x < 3.0.6 Security Bypass Vulnerability
2023-04-24 00:00:00
github
github
Spring Boot Security Bypass with Wildcard Pattern Matching on Cloud Foundry
2023-04-20 21:33:27
cve
cve
CVE-2023-20873
2023-04-20 21:15:08
osv
osv
Spring Boot Security Bypass with Wildcard Pattern Matching on Cloud Foundry
2023-04-20 21:33:27
CVE-2023-20873
2023-04-20 21:15:08
prion
prion
Security feature bypass
2023-04-20 21:15:00
veracode
veracode
Access Restriction Bypass
2023-04-27 10:39:12
ibm
ibm
redhat
redhat
qualysblog
qualysblog
Oracle Patch Tuesday, October 2023 Security Update Review
2023-10-18 17:11:20
Oracle Patch Tuesday, July 2023 Security Update Review
2023-07-19 15:56:06
oracle
oracle
Oracle Critical Patch Update Advisory - October 2023
2023-10-17 00:00:00
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00