Lucene search

Denial of service in Spring Security OAuth2

🗓️ 22 Apr 2022 00:33:00Reported by GitHub Advisory DatabaseType

Denial of service vulnerability in Spring Security OAuth

Reporter	Title	Published	Views	Family All 14
Spring Engineering	CVE report published for Spring Security OAuth	21 Apr 202209:00	–	spring
Veracode	Denial Of Service (DoS)	22 Apr 202201:30	–	veracode
CVE	CVE-2022-22969	21 Apr 202219:15	–	cve
CNVD	Pivotal Spring Security Oauth Resource Management Error Vulnerability	24 Apr 202200:00	–	cnvd
Prion	Authorization	21 Apr 202219:15	–	prion
Cvelist	CVE-2022-22969	21 Apr 202218:16	–	cvelist
OSV	CVE-2022-22969	21 Apr 202219:15	–	osv
OSV	Denial of service in Spring Security OAuth2	22 Apr 202200:00	–	osv
NVD	CVE-2022-22969	21 Apr 202219:15	–	nvd
IBM Security Bulletins	Security Bulletin: Spring Security OAuth Affects IBM Partner Engagement Manager (CVE-2022-22969)	22 Sep 202219:15	–	ibm

Vulners

Node

org.springframework.security.oauth spring\-security\-oauth2Range2.4.0.RELEASE–2.4.2.RELEASE

org.springframework.security.oauth spring\-security\-oauth2Range2.5.0.RELEASE–2.5.2.RELEASE

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2022-22969
tanzu	www.tanzu.vmware.com/security/cve-2022-22969
oracle	www.oracle.com/security-alerts/cpujul2022.html
spring	www.spring.io/security/cve-2022-22969
github	www.github.com/advisories/GHSA-c2cp-3xj9-97w9

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

22 Apr 2022 00:00Current

6.5Medium risk

Vulners AI Score6.5

CVSS24

CVSS36.5

EPSS0.00663

CWE-400