Vulnerability Database
289,599
Total vulnerabilities in the database
CVE-2022-22971
In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user.
| Software | From | Fixed in |
|---|---|---|
| vmware / spring_framework | 5.2.0 | 5.2.21.x |
| vmware / spring_framework | 5.3.0 | 5.3.19.x |
| oracle / financial_services_crime_and_compliance_management_studio | 8.0.8.2.0 | 8.0.8.2.0.x |
| oracle / financial_services_crime_and_compliance_management_studio | 8.0.8.3.0 | 8.0.8.3.0.x |
org.springframework / spring-core
|
5.3.0 | 5.3.20 |
|
org.springframework / spring-core
|
- | 5.2.22.RELEASE |