CVE-2021-22044

In Spring Cloud OpenFeign 3.0.0 to 3.0.4, 2.2.0.RELEASE to 2.2.9.RELEASE, and older unsupported versions, applications using type-level @RequestMappingannotations over Feign client interfaces, can be involuntarily exposing endpoints corresponding to @RequestMapping-annotated interface methods...

EUVD-2022-4750

Malicious code in bioql PyPI...

This Week in Spring - August 1st, 2022

Aloha, Spring fans! Welcome to another installment of This Week in Spring! Im still on vacation on the beautiful island of Maui, Hawaii, but I wanted to say hello "aloha!" and share this weeks latest roundup of all thats good and glorious in the wide and wonderful world of Springdom. Funny thing,...

GHSA-PF94-6V2V-CM3J Exposure of Resource to Wrong Sphere in Spring Cloud OpenFeign

In Spring Cloud OpenFeign 3.0.0 to 3.0.4, 2.2.0.RELEASE to 2.2.9.RELEASE, and older unsupported versions, applications using type-level @RequestMappingannotations over Feign client interfaces, can be involuntarily exposing endpoints corresponding to @RequestMapping-annotated interface methods...

ai.hyacinth.framework:core-service-api-support (=0.5.24), ai.hyacinth.framework:core-service-trigger-server (=0.5.24) +96 more potentially affected by CVE-2021-22044 via org.springframework.cloud:spring-cloud-openfeign-core (=2.2.0.RELEASE)

org.springframework.cloud:spring-cloud-openfeign-core MAVEN version =2.2.0.RELEASE is affected by a known vulnerability. The following packages have a transitive dependency on org.springframework.cloud:spring-cloud-openfeign-core and may be impacted: - ai.hyacinth.framework:core-service-api-suppo...

CVE-2021-22044

In Spring Cloud OpenFeign 3.0.0 to 3.0.4, 2.2.0.RELEASE to 2.2.9.RELEASE, and older unsupported versions, applications using type-level @RequestMappingannotations over Feign client interfaces, can be involuntarily exposing endpoints corresponding to @RequestMapping-annotated interface methods...

CVE-2021-22044

In Spring Cloud OpenFeign 3.0.0 to 3.0.4, 2.2.0.RELEASE to 2.2.9.RELEASE, and older unsupported versions, applications using type-level @RequestMappingannotations over Feign client interfaces, can be involuntarily exposing endpoints corresponding to @RequestMapping-annotated interface methods...

Spring Cloud OpenFeign 安全漏洞

Vmware Spring Cloud OpenFeign is an open source, declarative Rest client for Spring Boot applications from Vmware, USA. A security vulnerability exists in Spring Cloud OpenFeign, which stems from the use of type-level "@RequestMapping" annotations on the Feign client interface in RELEASE and...

PT-2021-14845 · Spring · Spring Cloud Openfeign

Name of the Vulnerable Software and Affected Versions: Spring Cloud OpenFeign versions 2.2.0.RELEASE through 2.2.9.RELEASE Spring Cloud OpenFeign versions 3.0.0 through 3.0.4 Description: The issue affects applications using type-level @RequestMapping annotations over Feign client interfaces,...