CVE-2021-22051
N/A
N/A
Summary
Applications using Spring Cloud Gateway are vulnerable to specifically crafted requests that could make an extra request on downstream services. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.5+, 2.2.x users should upgrade to 2.2.10.RELEASE or newer.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Spring Cloud Gateway | 3.0.0 to 3.0.4, 2.2.0.RELEASE to 2.2.9.RELEASE, and older versions | affected |
Weaknesses
- Specifically crafted requests could make an extra request on downstream services.
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.