All vulnerabilities
CVE-2023-20863
Spring Framework vulnerable to denial of service
Description
In Spring Framework versions prior to 5.2.24.release+ , 5.3.27+ and 6.0.8+ , it is possible for a user to provide a specially crafted Spring Expression Language (SpEL) expression that may cause a denial-of-service (DoS) condition.
Patch Available
Fix available through Seal Security.
No upgrade required, protect your application instantly.
Fix without upgrading
Score
Severity
Ecosystem
Java
Publish Date
April 13, 2023
Modified Date
June 10, 2024
Score Vector
Affected Versions
