Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:51 p.m.6 views

CVE-2022-22946

In spring cloud gateway versions prior to 3.1.1+ , applications that are configured to enable HTTP2 and no key store or trusted certificates are set will be configured to use an insecure TrustManager. This makes the gateway able to connect to remote services with invalid or custom certificates...

5.5CVSS6.8AI score0.04846EPSS
Exploits0References1
CheckPoint Security
CheckPoint Security
added 2022/03/31 12:0 a.m.68 views

Check Point Response to Spring Vulnerabilities CVE-2022-22963, CVE-2022-22946, CVE-2022-22947, CVE-2022-22965 (Spring4Shell), CVE-2022-22950

Solution On March 29, 2022, new CVEs were published on Spring Cloud: CVE-2022-22963, CVE-2022-22946, CVE-2022-22947, and CVE-2022-22950. On March 31, 2022, a bypass to the fix for CVE-2010-1622 was published by Praetorian, and received the nickname "Spring4Shell" see Spring Core on JDK9+ is...

10CVSS8.9AI score0.99939EPSS
Exploits201
CVE
CVE
added 2022/03/04 3:50 p.m.165 views

CVE-2022-22946

CVE-2022-22946 affects Spring Cloud Gateway versions prior to 3.1.1+. When HTTP/2 is enabled and there is no key store or trusted certificates, the gateway may be configured to use an insecure TrustManager, allowing connections to remote services with invalid or custom certificates. Affected comp...

5.5CVSS5.7AI score0.04846EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/03/04 3:50 p.m.28 views

CVE-2022-22946

In spring cloud gateway versions prior to 3.1.1+ , applications that are configured to enable HTTP2 and no key store or trusted certificates are set will be configured to use an insecure TrustManager. This makes the gateway able to connect to remote services with invalid or custom certificates...

5.5CVSS6.8AI score0.04846EPSS
Exploits0References4
Rows per page
Query Builder