VulnerableCode Package Details - pkg:maven/org.springframework/spring-beans@5.2.20.RELEASE

Search for packages

Vulnerability	Summary	Fixed by
VCID-w6br-v2gm-j7gr Aliases: CVE-2022-22970 GHSA-hh26-6xwr-ggv7	Allocation of Resources Without Limits or Throttling In spring framework versions prior to 5.3.20+, 5.2.22+ and old unsupported versions, applications that handle file uploads is vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object.	5.2.22.RELEASE Affected by 0 other vulnerabilities. 5.3.20 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-w6br-v2gm-j7gr
Aliases:
CVE-2022-22970
GHSA-hh26-6xwr-ggv7

Allocation of Resources Without Limits or Throttling In spring framework versions prior to 5.3.20+, 5.2.22+ and old unsupported versions, applications that handle file uploads is vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object.

5.2.22.RELEASE
Affected by 0 other vulnerabilities.

5.3.20
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-cyjt-4vjn-mbc7	Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in org.springframework.boot:spring-boot-starter-webflux.	CVE-2022-22965 GHSA-36p3-wjmg-h94x GMS-2022-558 GMS-2022-559 GMS-2022-560 GMS-2022-561

Vulnerability

Summary

Aliases

VCID-cyjt-4vjn-mbc7

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in org.springframework.boot:spring-boot-starter-webflux.

CVE-2022-22965
GHSA-36p3-wjmg-h94x
GMS-2022-558
GMS-2022-559
GMS-2022-560
GMS-2022-561

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T21:48:53.144075+00:00	GitLab Importer	Affected by	VCID-w6br-v2gm-j7gr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-beans/CVE-2022-22970.yml	38.4.0
2026-04-16T21:43:58.049931+00:00	GitLab Importer	Fixing	VCID-cyjt-4vjn-mbc7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-beans/GMS-2022-558.yml	38.4.0
2026-04-11T23:04:53.797865+00:00	GitLab Importer	Affected by	VCID-w6br-v2gm-j7gr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-beans/CVE-2022-22970.yml	38.3.0
2026-04-11T22:59:34.669906+00:00	GitLab Importer	Fixing	VCID-cyjt-4vjn-mbc7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-beans/GMS-2022-558.yml	38.3.0
2026-04-02T23:13:11.023314+00:00	GitLab Importer	Affected by	VCID-w6br-v2gm-j7gr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-beans/CVE-2022-22970.yml	38.1.0
2026-04-02T23:08:15.747750+00:00	GitLab Importer	Fixing	VCID-cyjt-4vjn-mbc7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-beans/GMS-2022-558.yml	38.1.0
2026-04-01T17:33:08.404262+00:00	GitLab Importer	Affected by	VCID-w6br-v2gm-j7gr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-beans/CVE-2022-22970.yml	38.0.0
2026-04-01T17:27:41.604513+00:00	GitLab Importer	Fixing	VCID-cyjt-4vjn-mbc7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.springframework/spring-beans/GMS-2022-558.yml	38.0.0
2026-04-01T16:00:13.787580+00:00	GHSA Importer	Fixing	VCID-cyjt-4vjn-mbc7	https://github.com/advisories/GHSA-36p3-wjmg-h94x	38.0.0
2026-04-01T13:06:52.300117+00:00	GithubOSV Importer	Fixing	VCID-cyjt-4vjn-mbc7	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/03/GHSA-36p3-wjmg-h94x/GHSA-36p3-wjmg-h94x.json	38.0.0