Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6642 matches found

NVD
NVDadded 2022/05/12 8:15 p.m.25 views

CVE-2022-22970

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object...

5.3CVSS0.00164EPSS
Exploits1References3
OSV
OSVadded 2022/05/12 8:15 p.m.2 views

DEBIAN-CVE-2022-22970

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object...

5.3CVSS6.7AI score0.00164EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2022/05/12 8:15 p.m.3 views

CVE-2022-22970

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object...

5.3CVSS6.8AI score0.00164EPSS
Exploits1References4
ATTACKERKB
ATTACKERKBadded 2022/05/12 8:15 p.m.3 views

CVE-2022-22971

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user...

6.5CVSS6.9AI score0.00247EPSS
Exploits0References4
NVD
NVDadded 2022/05/12 8:15 p.m.14 views

CVE-2022-22971

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user...

6.5CVSS0.00247EPSS
Exploits0References3
OSV
OSVadded 2022/05/12 8:15 p.m.1 views

DEBIAN-CVE-2022-22971

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user...

6.5CVSS7.2AI score0.00247EPSS
Exploits0References1
OSV
OSVadded 2022/05/12 8:15 p.m.2 views

UBUNTU-CVE-2022-22971

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user...

6.5CVSS7.2AI score0.00247EPSS
Exploits0References3
Prion
Prionadded 2022/05/12 8:15 p.m.26 views

Design/Logic Flaw

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object...

3.5CVSS6.3AI score0.00164EPSS
Exploits1References3Affected Software2
UbuntuCve
UbuntuCveadded 2022/05/12 8:15 p.m.42 views

CVE-2022-22970

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object...

5.3CVSS6.8AI score0.00164EPSS
Exploits1References2
UbuntuCve
UbuntuCveadded 2022/05/12 8:15 p.m.36 views

CVE-2022-22971

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user...

6.5CVSS6.9AI score0.00247EPSS
Exploits0References2
OSV
OSVadded 2022/05/12 8:15 p.m.4 views

UBUNTU-CVE-2022-22970

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object...

5.3CVSS7.2AI score0.00164EPSS
Exploits1References3
AlpineLinux
AlpineLinuxadded 2022/05/12 7:30 p.m.57 views

CVE-2022-22971

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user...

6.5CVSS6.5AI score0.00247EPSS
Exploits0
CVE
CVEadded 2022/05/12 7:30 p.m.1119 views

CVE-2022-22971

CVE-2022-22971 affects Spring Framework/Tanzu with a vulnerability in the STOMP over WebSocket endpoint that can allow authenticated users to trigger a denial-of-service. The connected IBM bulletin shows affected IBM Storage Copy Data Management versions (2.2.x) and provides a fixed release path:...

6.5CVSS6.2AI score0.00247EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2022/05/12 7:30 p.m.29 views

CVE-2022-22971

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user...

6.6AI score0.00247EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2022/05/12 7:30 p.m.133 views

CVE-2022-22971

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user...

6.5CVSS7.3AI score0.00247EPSS
Exploits0
Cvelist
Cvelistadded 2022/05/12 7:28 p.m.32 views

CVE-2022-22970

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object...

6.1AI score0.00164EPSS
Exploits1References3
CVE
CVEadded 2022/05/12 7:28 p.m.388 views

CVE-2022-22970

CVE-2022-22970 is described in IBM and related bulletins as a Spring Framework DoS via data binding of file-upload types (MultipartFile/javax.servlet.Part) when running on affected Spring Framework versions. The root cause involves binding such fields to model objects, enabling resource-exhaustio...

5.3CVSS5.6AI score0.00164EPSS
Exploits1References3Affected Software1
AlpineLinux
AlpineLinuxadded 2022/05/12 7:28 p.m.66 views

CVE-2022-22970

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object...

5.3CVSS6AI score0.00164EPSS
Exploits1
Debian CVE
Debian CVEadded 2022/05/12 7:28 p.m.45 views

CVE-2022-22970

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object...

5.3CVSS6.7AI score0.00164EPSS
Exploits1
GithubExploit
GithubExploitadded 2022/05/12 6:25 p.m.883 views

Exploit for Improper Handling of Case Sensitivity in Vmware Spring_Framework

spring-rce-poc Testing CVE-2022-22968 Simple app vulnerable...

5.3CVSS6.4AI score0.2051EPSS
Exploits2
Rows per page
Query Builder