CVE-2021-22060
CVSS v3.1
4.3 (Medium)
CVSS v2.0
4 (Medium)
EPSS
0.05 % (24th)
Affected Products
3
Advisories
1
In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. This is a follow-up to CVE-2021-22096 that protects against additional types of input and in more places of the Spring Framework codebase.
- CVE Status
- PUBLISHED
- CNA
- VMware
- Published Date
-
2022-01-10 14:10:16
(2 years ago) - Updated Date
-
2022-05-13 15:52:15
(2 years ago)
Affected Products
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...