THREAT OPS › CVEs › CVE-2022-22965
CVE-2022-22965 — Spring Framework JDK 9+ Remote Code Execution Vulnerability
Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding.
Vulnerability details
- Affected productsSpring Framework
- KEV remediation due2022-04-25