GHSA-775g-4xr8-78h8HighCVSS 7.5
An integer overflow vulnerability exists in the evaluation logic of the Spring Expression...
🔗 CVE IDs covered (1)
📋 Description
An integer overflow vulnerability exists in the evaluation logic of the Spring Expression Language (SpEL). An attacker can exploit this by supplying a specially crafted SpEL expression that triggers excessive resource consumption, resulting in a Denial of Service (DoS).
Affected versions: Spring Framework 5.3.0 through 5.3.48.