Vulnerability Database
289,599
Total vulnerabilities in the database
CVE-2023-20863
In spring framework versions prior to 5.2.24 release+ ,5.3.27+ and 6.0.8+ , it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition.
| Software | From | Fixed in |
|---|---|---|
| vmware / spring_framework | 6.0.0 | 6.0.8 |
| vmware / spring_framework | 5.3.0 | 5.3.27 |
| vmware / spring_framework | 5.2.0 | 5.2.24 |
org.springframework / spring-expression
|
6.0.0 | 6.0.8 |
|
org.springframework / spring-expression
|
5.3.0 | 5.3.27 |
|
org.springframework / spring-expression
|
- | 5.2.24.RELEASE |