163 matches found
This Week in Spring - March 7th, 2023
Hi, Spring fans! Welcome to another installment of This Week in Spring! It's an amazing week, and this week we've got a lot to look at. Let's dive right into it. Spring Cloud Function for Azure Function Spring Data 2022.0.3 and 2021.2.9 released Spring R2DBC for Reactive Relational Databases in...
Spring Cloud Function for Azure Function
What is the Spring Cloud Function? Spring Cloud Function is a SpringBoot-based framework allowing users to concentrate on their business logic by implementing them as Java Functions i.e., Supplier, Function, Consumer. In turn the framework provides necessary abstraction to enable execution of the...
Spring Cloud Function for Azure Function
What is the Spring Cloud Function? Spring Cloud Function is a SpringBoot-based framework allowing users to concentrate on their business logic by implementing them as Java Functions i.e., Supplier, Function, Consumer. In turn the framework provides necessary abstraction to enable execution of the...
SUSE CVE-2022-22963
In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources...
Exploit for Code Injection in Vmware Spring_Cloud_Function
CVE-2022-22963 Exploit Description In Spring Cloud Funct...
Exploit for Code Injection in Vmware Spring_Cloud_Gateway
SpringAllReachable A graphical tool for rapid exploitati...
VMware Tanzu Spring Cloud Function Remote Code Execution Vulnerability
When using routing functionality in VMware Tanzu's Spring Cloud Function, it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources...
VulnCheck KEV: CVE-2022-22963
When using routing functionality in VMware Tanzu's Spring Cloud Function, it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources...
GHSA-Q588-3544-8G33 Denial of Service in Spring Cloud Function
In Spring Cloud Function versions prior to 3.2.6, it is possible for a user who directly interacts with framework provided lookup functionality to cause a denial-of-service condition due to the caching issue in the Function Catalog component of the framework...
Denial of Service in Spring Cloud Function
In Spring Cloud Function versions prior to 3.2.6, it is possible for a user who directly interacts with framework provided lookup functionality to cause a denial-of-service condition due to the caching issue in the Function Catalog component of the framework...
CVE-2022-22979
In Spring Cloud Function versions prior to 3.2.6, it is possible for a user who directly interacts with framework provided lookup functionality to cause a denial-of-service condition due to the caching issue in the Function Catalog component of the framework...
CVE-2022-22979
In Spring Cloud Function versions prior to 3.2.6, it is possible for a user who directly interacts with framework provided lookup functionality to cause a denial-of-service condition due to the caching issue in the Function Catalog component of the framework...
CVE-2022-22979
In Spring Cloud Function versions prior to 3.2.6, it is possible for a user who directly interacts with framework provided lookup functionality to cause a denial-of-service condition due to the caching issue in the Function Catalog component of the framework...
Race condition
In Spring Cloud Function versions prior to 3.2.6, it is possible for a user who directly interacts with framework provided lookup functionality to cause a denial-of-service condition due to the caching issue in the Function Catalog component of the framework...
CVE-2022-22979
In Spring Cloud Function versions prior to 3.2.6, it is possible for a user who directly interacts with framework provided lookup functionality to cause a denial-of-service condition due to the caching issue in the Function Catalog component of the framework...
CVE-2022-22979
CVE-2022-22979 affects Spring Cloud Function Framework (Function Catalog) where a caching issue can allow a denial-of-service condition when a user directly interacts with framework-provided lookup functionality. Affected versions include Spring Cloud Function Framework 4.1.x prior to 4.1.2 and 4...
PT-2022-7238 · Unknown · Spring Cloud Function
Name of the Vulnerable Software and Affected Versions: Spring Cloud Function versions prior to 3.2.6 Description: The issue is related to a caching problem in the Function Catalog component, which can cause a denial-of-service condition when a user directly interacts with the framework's lookup...
Spring Cloud 安全漏洞
Spring Cloud is a microservices framework implemented in Spring Boot by the Spring community. A security vulnerability exists in Spring Cloud Function versions prior to 3.2.6, which stems from a caching issue in the Function Catalog component and is exploited by an attacker to cause a denial of...
Denial Of Service (DoS)
spring-cloud-function-context is denial of service. An attacker who directly interacts with framework can send malicious payload to the lookup function, triggering a caching issue in Function Catalog component of the framework and crashing the application...
CVE report published for Spring Cloud Function
We have released Spring Cloud Function 3.2.6 to address the following CVE report. CVE-2202-22979: Spring Cloud Function Dos Vulnerability Please review the information in the CVE report and upgrade immediately...