RHSA-2022:8761MediumCVSS 7.5

Red Hat Security Advisory: Red Hat support for Spring Boot 2.7.2 update

Published
December 14, 2022
Last Modified
June 26, 2026

🔗 CVE IDs covered (6)

📋 Description

CVE-2020-5404 — reactor-netty: specific redirect configuration allows for a credentials leak CVE-2021-4178 — kubernetes-client: Insecure deserialization in unmarshalYaml method CVE-2021-22569 — protobuf-java: potential DoS in the parsing procedure for binary data CVE-2022-1259 — undertow: potential security issue in flow control over HTTP/2 may lead to DOS(incomplete fix for CVE-2021-3629) CVE-2022-1319 — undertow: Double AJP response for 400 from EAP 7 results in CPING failures CVE-2022-22950 — spring-expression: Denial of service via specially crafted SpEL expression

🔗 References (11)