Spring Integration@* Security Vulnerabilities and Issues — Spring Integration@* CVE List

Lucene search

VmwareSpring Integration*

1 matches found

CVE•added 2020/07/31 8:15 p.m.•123 views

CVE-2020-5413

Spring Integration framework provides Kryo Codec implementations as an alternative for Java (de)serialization. When Kryo is configured with default options, all unregistered classes are resolved on demand. This leads to the "deserialization gadgets" exploit when provided data contains malicious cod...

9.8CVSS9.4AI score0.02178EPSS