751 matches found
com.brihaspathee.artemis:config-server (>=0.0.1 <=1.0.2), com.brihaspathee.sapphire:config-server (>=1.0.0 <=1.0.7) +17 more potentially affected by CVE-2026-40981 via org.springframework.cloud:spring-cloud-config-server (>=4.0.0 <=4.3.2)
org.springframework.cloud:spring-cloud-config-server MAVEN version =4.0.0, =0.0.1, =1.0.0, =3.0.3, =0.5, =0.0.1, =0.1.41-Beta, =1.0.1, =1.2.1-rc1, =7.0.0, =7.0.0, =26.01.01, =26.05.07 - org.octopusden.cloud.config-server:config-server =2.0.4 and more Source cves: CVE-2026-40981 Source advisory:...
org.apereo.cas:cas-server-support-configuration-cloud-amqp (>=8.0.0-RC1 <=8.0.0-RC4), org.apereo.cas:cas-server-webapp-init-config-server (>=8.0.0-RC1 <=8.0.0-RC4) +3 more potentially affected by CVE-2026-40982 via org.springframework.cloud:spring-cloud-config-server (>=5.0.0-M1 <=5.0.2)
org.springframework.cloud:spring-cloud-config-server MAVEN version =5.0.0-M1, =8.0.0-RC1, =8.0.0-RC1, =5.0.0, =5.0.0, =5.0.1 Source cves: CVE-2026-40982 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKCLOUD-16439043...
org.apereo.cas:cas-server-support-configuration-cloud-amqp (>=8.0.0-RC1 <=8.0.0-RC4), org.apereo.cas:cas-server-webapp-init-config-server (>=8.0.0-RC1 <=8.0.0-RC4) +3 more potentially affected by CVE-2026-40981 via org.springframework.cloud:spring-cloud-config-server (>=5.0.0-M1 <=5.0.2)
org.springframework.cloud:spring-cloud-config-server MAVEN version =5.0.0-M1, =8.0.0-RC1, =8.0.0-RC1, =5.0.0, =5.0.0, =5.0.1 Source cves: CVE-2026-40981 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKCLOUD-16439020...
com.brihaspathee.artemis:config-server (>=0.0.1 <=1.0.2), com.brihaspathee.sapphire:config-server (>=1.0.0 <=1.0.7) +17 more potentially affected by CVE-2026-40982 via org.springframework.cloud:spring-cloud-config-server (>=4.0.0 <=4.3.2)
org.springframework.cloud:spring-cloud-config-server MAVEN version =4.0.0, =0.0.1, =1.0.0, =3.0.3, =0.5, =0.0.1, =0.1.41-Beta, =1.0.1, =1.2.1-rc1, =7.0.0, =7.0.0, =26.01.01, =26.05.07 - org.octopusden.cloud.config-server:config-server =2.0.4 and more Source cves: CVE-2026-40982 Source advisory:...
Exploit for Code Injection in Vmware Spring_Cloud_Function
No d...
Exploit for Code Injection in Vmware Spring_Cloud_Function
CVE-2022-22963 — Demo Methodology ⚠️ Overview This demo s...
ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:lmos-operator (>=0.0.4 <=0.6.0) +10169 more potentially affected by CVE-2026-22741 via org.springframework:spring-webmvc (>=6.0.0 <=6.2.17)
org.springframework:spring-webmvc MAVEN version =6.0.0, =0.2.0, =0.0.4, =0.5.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.7.5, =0.8.3, =0.7.0, =0.5.0, =0.5.0, =0.8.7 and more Source cves: CVE-2026-22741 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORK-16109603...
ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:lmos-router-llm-in-spring-cloud-gateway-demo (=0.1.0) +17237 more potentially affected by CVE-2026-5598 via org.bouncycastle:bcprov-jdk18on (>=1.71 <=1.83)
org.bouncycastle:bcprov-jdk18on MAVEN version =1.71, =0.2.0, =0.31.0, =0.5.0, =0.6.0, =0.5.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.7 and more Source cves: CVE-2026-5598 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-16074612...
K000160736: Spring Cloud Gateway vulnerability CVE-2026-22750
Security Advisory Description When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.bundle, the configuration was silently ignored and the default SSL configuration was used instead. Note: The 4.2.x branch is no longer under open source support. If yo...
EUVD-2026-21330
When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.bundle, the configuration was silently ignored and the default SSL configuration was used instead. Note: The 4.2.x branch is no longer under open source support. If you are using Spring Cloud...
GHSA-HWQH-2684-54FC Spring Cloud Gateway's SSL bundle configuration silently bypassed
When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.bundle, the configuration was silently ignored and the default SSL configuration was used instead. Note: The 4.2.x branch is no longer under open source support. If you are using Spring Cloud...
Spring Cloud Gateway's SSL bundle configuration silently bypassed
When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.bundle, the configuration was silently ignored and the default SSL configuration was used instead. Note: The 4.2.x branch is no longer under open source support. If you are using Spring Cloud...
CVE-2026-22750
CVE-2026-22750 affects Spring Cloud Gateway; SSL bundle configuration via spring.ssl.bundle could be silently ignored, causing the system to fall back to the default SSL settings. Root cause: configuration bypass leads to unintended SSL behavior and potential exposure if defaults differ from inte...
CVE-2026-22750
When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.bundle, the configuration was silently ignored and the default SSL configuration was used instead. Note: The 4.2.x branch is no longer under open source support. If you are using Spring Cloud...
CVE-2026-22750 SSL bundle configuration silently bypassed in Spring Cloud Gateway
When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.bundle, the configuration was silently ignored and the default SSL configuration was used instead. Note: The 4.2.x branch is no longer under open source support. If you are using Spring Cloud...
CVE-2026-22750 SSL bundle configuration silently bypassed in Spring Cloud Gateway
When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.bundle, the configuration was silently ignored and the default SSL configuration was used instead. Note: The 4.2.x branch is no longer under open source support. If you are using Spring Cloud...
PT-2026-31891
Name of the Vulnerable Software and Affected Versions Spring Cloud Gateway versions prior to 4.2.1 and versions 5.0.0 and 5.1.0. Description When configuring SSL bundles in Spring Cloud Gateway using the spring.ssl.bundle configuration property, the configuration was silently ignored, and the...
Spring Cloud Gateway 安全漏洞
Spring Cloud Gateway is an API gateway framework developed by Spring. There is a security vulnerability in Spring Cloud Gateway, which stems from the silent ignoring of the configuration property spring.ssl.bundle. This may lead to the use of the default SSL configuration...
ch.nexsol-tech.gateway:sample-gateway (>=0.0.1 <=1.0.0), ch.nexsol-tech.gateway:spring-cloud-gateway-database (>=0.0.1 <=1.0.0) +27 more potentially affected by CVE-2026-22750 via org.springframework.cloud:spring-cloud-gateway-server (=4.2.0)
org.springframework.cloud:spring-cloud-gateway-server MAVEN version =4.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.springframework.cloud:spring-cloud-gateway-server and may be impacted: - ch.nexsol-tech.gateway:sample-gateway =0.0.1, =0.0.1...
This Week in Spring - April 7th, 2026
Hi Spring fans! Welcome to another installment of This Week in Spring! It's April 7th, 2026, and I'm on the road! I started the journey for the amazing Voxxed Days Amsterdam show and am now winding my way through France. I visited Colmar, a beautiful city from which the animators on Disney's Beau...