Spring Boot@* Security Vulnerabilities and Issues — Spring Boot@* CVE List

Lucene search

VmwareSpring Boot*

3 matches found

CVE•added 2023/05/26 5:15 p.m.•242 views

CVE-2023-20883

In Spring Boot versions 3.0.0 - 3.0.6, 2.7.0 - 2.7.11, 2.6.0 - 2.6.14, 2.5.0 - 2.5.14 and older unsupported versions, there is potential for a denial-of-service (DoS) attack if Spring MVC is used together with a reverse proxy cache.

7.5CVSS7.4AI score0.00199EPSS

CVE•added 2023/04/20 9:15 p.m.•197 views

CVE-2023-20873

In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6+. 2.7.x users shou...

9.8CVSS9.2AI score0.00385EPSS

CVE•added 2023/11/28 9:15 a.m.•120 views

CVE-2023-34055

In Spring Boot versions 2.7.0 - 2.7.17, 3.0.0-3.0.12 and 3.1.0-3.1.5, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable when all of the following are true: the application uses Spring M...

6.5CVSS6.2AI score0.0029EPSS