VDB

RHSA-2022%3A1333

RHSA-2022%3A1333 PUBLISHED CVSS 8.100000381469727 HIGH

A flaw was found in Spring Framework, specifically within two modules called Spring MVC and Spring WebFlux, (transitively affected from Spring Beans), using parameter data binding. This flaw allows an attacker to pass specially-constructed malicious requests to certain parameters and possibly gain access to normally-restricted functionality within the Java Virtual Machine.

Risk Scores

CVSS 3.1
8.100000381469727
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Red HatRHINT Camel-K 1.6.5

Timeline

  • Apr 12, 2022 CVE Published
  • Mar 18, 2026 CVE Updated
  • May 1, 2026 Distribution Patch
  • May 1, 2026 Distribution Patch
  • May 1, 2026 Security Advisory
  • May 1, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›