167 matches found
Exploit for Code Injection in Vmware Spring_Cloud_Function
CVE-2022-22963 RCE PoC Minimal example to reproduce CVE-2022-...
Exploit for Code Injection in Vmware Spring_Cloud_Function
CVE-2022-22963 CVE-2022-22963 Spring-Cloud-Function-SpELRCE漏...
Exploit for Code Injection in Vmware Spring_Cloud_Function
CVE-2022-22963 CVE-2022-22963 PoC Slight modified for Englis...
CVE report published for Spring Cloud Function
We have released Spring Cloud Function 3.1.7 & 3.2.3 to address the following CVE report. CVE-2022-22963: Remote code execution in Spring Cloud Function by malicious Spring Expression Please review the information in the CVE report and upgrade immediately...
Vulnerability fixed in Spring Cloud Function
A vulnerability has been fixed in Spring Cloud Function. A malicious party could potentially exploit the vulnerability to execute arbitrary code under application privileges. Spring Cloud Function is a complementary library for Spring Cloud, but is made available separately from the Spring...
PT-2022-2029
Name of the Vulnerable Software and Affected Versions Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions Description The issue is related to a remote code execution vulnerability in Spring Cloud Function when using routing functionality. It is possible for a user to provid...
SPEL Expression Injection Vulnerability in Spring Cloud Function
Spring Cloud Function is a functional computing framework based on Spring Boot.Spring Cloud Function is vulnerable to SPEL expression injection, which can be exploited by attackers to perform injection attacks remotely via SPEL expression injection...