CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Oracle: >> Product Lifecycle Analytics >> 3.6.1.0 Security Vulnerabilities

CVE-2022-22963

Known exploited

In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.

CVSS Score

9.8

EPSS Score

0.945

Published

2022-04-01

Page 1

Vulnerabilities

Vulnerable Software

Oracle: >> Product Lifecycle Analytics >> 3.6.1.0 Security Vulnerabilities

Products

Pricing

Contact Us