africa.absa:inception-api (>=1.1.0 <=1.2.0), africa.absa:inception-application (>=1.1.0 <=1.2.0) +10762 more potentially affected by CVE-2022-22968 via org.springframework:spring-context (>=5.3.0 <=5.3.18)

org.springframework:spring-context MAVEN version =5.3.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.2.0 and more Source cves: CVE-2022-22968 Source advisory: OSV:GHSA-G5MM-VMX4-3RG7...

Binding Rules Bypass

spring-context is vulnerable to binding rules bypass. The vulnerability exists due to lack of sanitization of HTTP request parameters which allows an attacker to bypass the disallowedFields and bind malicious HTTP request parameters...