CVE-2022-22970 – In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, appl …

Vuln ID: CVE-2022-22970

Published:  2022-05-12  20:15:15Z

Description: In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object.

Source: NVD.NIST.GOV