Security Advisory

CVE-2022-22963

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-04-01 00:00:00

Last updated 2025-10-21 23:15:42

Assigner vmware

State PUBLISHED

Description

In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.

← Browse all CVEs View on cve.org ↗