CVE-2023-20859
- EPSS 0.07%
- Veröffentlicht 23.03.2023 21:15:19
- Zuletzt bearbeitet 21.11.2024 07:41:42
In Spring Vault, versions 3.0.x prior to 3.0.2 and versions 2.3.x prior to 2.3.3 and older versions, an application is vulnerable to insertion of sensitive information into a log file when it attempts to revoke a Vault batch token.
CVE-2020-5410
- EPSS 94.37%
- Veröffentlicht 02.06.2020 17:15:11
- Zuletzt bearbeitet 07.02.2025 15:02:48
Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, ...
CVE-2020-5405
- EPSS 77.85%
- Veröffentlicht 05.03.2020 19:15:11
- Zuletzt bearbeitet 21.11.2024 05:34:05
Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x prior to 2.1.7, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, ...
CVE-2019-3799
- EPSS 91.32%
- Veröffentlicht 06.05.2019 16:29:01
- Zuletzt bearbeitet 21.11.2024 04:42:33
Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server modu...