2 matches found
CVE-2021-22053
CVE-2021-22053 affects Spring Cloud Netflix Hystrix Dashboard prior to 2.2.10 when used with spring-boot-starter-thymeleaf. The vulnerability arises because request URI path data is evaluated as SpringEL expressions during view template resolution (example: /hystrix/monitor;[data]), enabling remo...
CVE-2020-5412
Spring Cloud Netflix is affected in versions 2.2.x < 2.2.4 and 2.1.x