VMware Spring Cloud Netflix
By the Year
In 2024 there have been 0 vulnerabilities in VMware Spring Cloud Netflix . Spring Cloud Netflix did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 8.80 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Spring Cloud Netflix vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent VMware Spring Cloud Netflix Security Vulnerabilities
Applications using both `spring-cloud-netflix-hystrix-dashboard` and `spring-boot-starter-thymeleaf` expose a way to execute code submitted within the request URI path during the resolution of view templates
CVE-2021-22053
8.8 - High
- November 19, 2021
Applications using both `spring-cloud-netflix-hystrix-dashboard` and `spring-boot-starter-thymeleaf` expose a way to execute code submitted within the request URI path during the resolution of view templates. When a request is made at `/hystrix/monitor;[user-provided data]`, the path elements following `hystrix/monitor` are being evaluated as SpringEL expressions, which can lead to code execution.
Code Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for VMware Spring Cloud Netflix or by VMware? Click the Watch button to subscribe.
