Oracle VM : Spring Framework Vulnerabilities
(Doc ID 2923203.1)
Last updated on JANUARY 29, 2023
Applies to:
Oracle VM - Version 3.4.6 and later x86 64 bit
Symptoms
Vulnerability scan from Oracle VM Manager points to vulnerabilities:
Examples:
Spring Framework Denial of Service (DoS) Data Binding Vulnerability -- CVE-2022-22970, CVE-2022-22971
Spring Framework Denial of Service (DoS) Vulnerability -- CVE-2022-22950
Spring Framework Remote Code Execution (RCE) Vulnerability (Spring4Shell) -- CVE-2022-22965
Changes
No changes were made
Cause
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!