In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6+. 2.7.x users should upgrade to 2.7.11+. Users of older, unsupported versions should upgrade to 3.0.6+ or 2.7.11+.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HVMware Spring Boot
APPVmware< 2.5.152.6.0 – 2.6.14 (bez)2.7.0 – 2.7.11 (bez)3.0.0 – 3.0.6 (bez)
Powiązane podatności
VMware Spring Boot: nieefektywna domyślna ochrona web security — nieautoryzowany dostęp
An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a cr...
Element Plug-in for vCenter Server incorporates SpringBoot Framework. SpringBoot Framework versions prior to 1...
Malicious PATCH requests submitted to servers using Spring Data REST versions prior to 2.6.9 (Ingalls SR9), ve...
An attacker on the same network as the remote application may be able to utilize a timing attack to discover i...