Lucene search
GitHub Advisory DatabaseGHSA-RFMP-97JJ-H8M6HistoryMay 24, 2022 - 7:19 p.m.
Improper Output Neutralization for Logs in Spring Framework
2022-05-2419:19:04
CWE-117
GitHub Advisory Database
github.com
20
0.001 Low
EPSS
Percentile
33.9%
In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries.
| CPE | Name | Operator | Version |
|---|---|---|---|
| org.springframework:spring-core | le | 5.2.17 | |
| org.springframework:spring-core | le | 5.3.10 |
Related
ibm
ibm
osv
osv
Improper Output Neutralization for Logs in Spring Framework
2022-05-24 19:19:04
CVE-2021-22096
2021-10-28 16:15:07
CVE-2021-22060
2022-01-10 14:10:16
debiancve
debiancve
CVE-2021-22096
2021-10-28 16:15:00
CVE-2021-22060
2022-01-10 14:10:00
redhatcve
redhatcve
CVE-2021-22096
2021-12-21 12:20:57
CVE-2021-22060
2022-02-17 04:30:23
veracode
veracode
Log Injection
2021-10-29 13:23:08
cvelist
cvelist
CVE-2021-22096
2021-10-28 15:22:35
CVE-2021-22060
2022-01-07 22:39:55
prion
prion
Input validation
2021-10-28 16:15:00
Design/Logic Flaw
2022-01-10 14:10:00
ubuntucve
ubuntucve
CVE-2021-22096
2021-10-28 00:00:00
CVE-2021-22060
2022-01-10 00:00:00
cve
cve
CVE-2021-22096
2021-10-28 16:15:07
github
github
Log entry injection in Spring Framework
2022-01-12 23:04:06
redhat
redhat
nessus
nessus
RHEL 8 : RHV Manager (ovirt-engine) [ovirt-4.5.2] (RHSA-2022:6393)
2022-09-08 00:00:00
RHEL 8 : RHV Manager (ovirt-engine) [ovirt-4.5.1] (RHSA-2022:5555)
2022-07-15 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2022
2022-04-19 00:00:00