VMware Spring Boot 2.2.7

CPE Details

VMware Spring Boot 2.2.7
vmware
spring_boot
2.2.7
2022-04-05
10h16 +00:00
2022-04-07
12h55 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:vmware:spring_boot:2.2.7:*:*:*:*:*:*:*

Informations

Vendor

vmware

Product

spring_boot

Version

2.2.7

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-20883 2023-05-25 22h00 +00:00 In Spring Boot versions 3.0.0 - 3.0.6, 2.7.0 - 2.7.11, 2.6.0 - 2.6.14, 2.5.0 - 2.5.14 and older unsupported versions, there is potential for a denial-of-service (DoS) attack if Spring MVC is used together with a reverse proxy cache.
7.5
High
CVE-2023-20873 2023-04-19 22h00 +00:00 In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6+. 2.7.x users should upgrade to 2.7.11+. Users of older, unsupported versions should upgrade to 3.0.6+ or 2.7.11+.
9.8
Critical
CVE-2022-27772 2022-03-30 15h45 +00:00 spring-boot versions prior to version v2.2.11.RELEASE was vulnerable to temporary directory hijacking. This vulnerability impacted the org.springframework.boot.web.server.AbstractConfigurableWebServerFactory.createTempDir method. NOTE: This vulnerability only affects products and/or versions that are no longer supported by the maintainer
7.8
High