GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
55 advisories
Spring Cloud Function Code Injection with a specially crafted SpEL as a routing expression
Critical
CVE-2022-22963
was published
for
org.springframework.cloud:spring-cloud-function-context
(Maven)
Apr 3, 2022
Spring Cloud Gateway vulnerable to Code Injection when Gateway Actuator endpoint enabled, exposed, unsecured
Critical
CVE-2022-22947
was published
for
org.springframework.cloud:spring-cloud-gateway
(Maven)
Mar 4, 2022
ProTip!
Advisories are also available from the
GraphQL API