Vulnerabilities > Vmware > Spring Cloud Gateway > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-03-03 CVE-2022-22947 Expression Language Injection vulnerability in multiple products
In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured.
network
low complexity
vmware oracle CWE-917
critical
10.0