Description
n Spring Framework versions 5.3.0 - 5.3.16 and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial of service condition.
Remediation
References
https://tanzu.vmware.com/security/cve-2022-22950
Related Vulnerabilities
CVE-2021-36151 Vulnerability in maven package org.apache.gobblin:gobblin-core
CVE-2022-37423 Vulnerability in maven package org.neo4j.procedure:apoc
CVE-2022-38179 Vulnerability in maven package io.ktor:ktor-utils
CVE-2017-7545 Vulnerability in maven package org.jbpm:jbpm-designer-backend
CVE-2021-29943 Vulnerability in maven package org.apache.solr:solr-core