CVE-2022-22965 | Cybersecurity Alerts | Nexus IT Services, LLC

← Back to Cybersecurity Alerts

CVE-2022-22965

VMware | Spring FrameworkAdded 2022-04-04Remediation Deadline 2022-04-25

Spring Framework JDK 9+ Remote Code Execution Vulnerability

Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-94

References

https://nvd.nist.gov/vuln/detail/CVE-2022-22965