Spring Product Security Update Advisory (CVE-2024-22271)

Jul 11 2024

Overview

An update has been made available to address a vulnerability in the Spring product. Users of affected versions are advised to update to the latest version.

Affected Products

CVE-2024-22271

Spring Cloud Functional Framework versions: 4.10 (inclusive) ~ 4.1.2 (excluded)
Spring Cloud Function Framework versions: 4.0.0 (inclusive) ~ 4.0.8 (excluded)

Resolved Vulnerabilities

Vulnerability that could allow an application to suffer a DOS attack if it attempts to construct a function with a non-existent function (CVE-2024-22271)

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-22271

Spring Cloud Function Framework version: 4.12
Spring Cloud Functional Framework version: 4.0.8

Referenced Sites

[1] CVE-2024-22271 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-22271

[2] CVE-2024-22271: Spring Cloud Function Web DOS Vulnerability

https://spring.io/security/cve-2024-22271

Spring Product Security Update Advisory (CVE-2024-22271)

Adobe Product Suite July 2024 Routine Security Update Advisory

Palo Alto Networks (Expedition, PAN-OS, Cloud NGFW, Prisma Access, Cortex XDR Agent) Family July 2024 Security Update Advisory

Tags:

Adobe Product Suite July 2024 Routine Security Update Advisory

Palo Alto Networks (Expedition, PAN-OS, Cloud NGFW, Prisma Access, Cortex XDR Agent) Family July 2024 Security Update Advisory