5 matches found
This Week in Spring - August 30th, 2022
Hi, Spring fans! How are you? Howre you doin this fine tuesday morning? Im doing well, of course, because this week VMwares tentpole show - VMware Explore - is happening not even a mile from my home, here in San Francisco! And this is just the first one - therell be another show, my favorite show...
Exposure of Resource to Wrong Sphere in Spring Cloud OpenFeign
In Spring Cloud OpenFeign 3.0.0 to 3.0.4, 2.2.0.RELEASE to 2.2.9.RELEASE, and older unsupported versions, applications using type-level @RequestMappingannotations over Feign client interfaces, can be involuntarily exposing endpoints corresponding to @RequestMapping-annotated interface methods...
Involuntary Endpoint Exposure
org.springframework.cloud, spring-cloud-openfeign-core is vulnerable to involuntary endpoint exposure. An attacker is able to listen to requests from the corresponding server-side endpoint, when @RequestMapping annotation is used over feign client interfaces...
CVE-2021-22044
In Spring Cloud OpenFeign 3.0.0 to 3.0.4, 2.2.0.RELEASE to 2.2.9.RELEASE, and older unsupported versions, applications using type-level @RequestMappingannotations over Feign client interfaces, can be involuntarily exposing endpoints corresponding to @RequestMapping-annotated interface methods...
CVE-2021-22044
In Spring Cloud OpenFeign 3.0.0 to 3.0.4, 2.2.0.RELEASE to 2.2.9.RELEASE, and older unsupported versions, applications using type-level @RequestMappingannotations over Feign client interfaces, can be involuntarily exposing endpoints corresponding to @RequestMapping-annotated interface methods...