claytonvantol.us

SESSION: secure TLS: 1.3 PID: 1337

clayton@site:~/news$ cat cve-2022-22965-vmware-spring-framework.log

CVE-2022-22965 — Spring Framework JDK 9+ Remote Code Execution Vulnerability

2022-04-04 • CISA Known Exploited Vulnerability

[event] Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding.

> AFFECTED SOFTWARE

Field	Value
Vendor	VMware
Product	Spring Framework
CWE	CWE-94
CVE ID	CVE-2022-22965
Date Added	2022-04-04
Due Date	2022-04-25
Ransomware Campaign	Unknown

> MITIGATION

Apply updates per vendor instructions.

Due Date: 2022-04-25

> REFERENCES

[1] https://nvd.nist.gov/vuln/detail/CVE-2022-22965

← back to terminal

UPTIME: 1337d v2.0.1 privacy LAST LOGIN: 2026-05-30 20:36:13 UTC