Spring Cloud Config@2.1.0 Security Vulnerabilities and Issues — Spring Cloud Config@2.1.0 CVE List

Lucene search

VmwareSpring Cloud Config2.1.0

3 matches found

CVE•added 2020/06/02 5:15 p.m.•1066 views

CVE-2020-5410

Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL ...

7.5CVSS7.5AI score0.94371EPSS

In wild

CVE•added 2020/03/05 7:15 p.m.•150 views

CVE-2020-5405

Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x prior to 2.1.7, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL ...

6.5CVSS6.7AI score0.69694EPSS

CVE•added 2019/05/06 4:29 p.m.•146 views

CVE-2019-3799

Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a req...

6.5CVSS6.3AI score0.91318EPSS