Spring Cloud Gateway のコードインジェクション (CVE-2022-22947)

バージョン 1.1

May 26, 2023, 6:02 PM

CISA reference
CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:H/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:H/RL:O/RC:C")
Exploit attributes ("Exploit available" set to "True". "Exploited by malware" set to "True". "Exploitability ease" set to "Exploits are available". "Exploit framework metasploit" set to "True")