CVE-2023-20859
- EPSS 0.07%
- Published 23.03.2023 21:15:19
- Last modified 21.11.2024 07:41:42
In Spring Vault, versions 3.0.x prior to 3.0.2 and versions 2.3.x prior to 2.3.3 and older versions, an application is vulnerable to insertion of sensitive information into a log file when it attempts to revoke a Vault batch token.
CVE-2020-5410
- EPSS 94.37%
- Published 02.06.2020 17:15:11
- Last modified 07.02.2025 15:02:48
Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, ...
CVE-2020-5405
- EPSS 77.85%
- Published 05.03.2020 19:15:11
- Last modified 21.11.2024 05:34:05
Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x prior to 2.1.7, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, ...
CVE-2019-3799
- EPSS 91.32%
- Published 06.05.2019 16:29:01
- Last modified 21.11.2024 04:42:33
Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server modu...