2 matches found
CVE-2022-22978
In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+ and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with . in the regular expression are possibly vulnerable to an...
PT-2022-3458
Name of the Vulnerable Software and Affected Versions Spring Security versions prior to 5.4.11 Spring Security versions prior to 5.5.7 Spring Security versions prior to 5.6.4 Spring Security older unsupported versions Description The issue is related to the RegexRequestMatcher component in Spring...