admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-06-20 09:50:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

add CVE-2022-22965

Browse Source
This commit is contained in:
gaopeng2 2022-04-02 14:22:23 +08:00
parent aea72869c1
commit de63e630bc
2 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
Spring/CVE-2022-22965/README.md Normal file
View File

@ -0,0 +1,10 @@
# Spring Core Framework Remote Code Execution Vulnerability(CVE-2022-22965)
Spring core is a toolkit for discovering, creating and processing the relationship between beans in the Spring series.An unauthenticated attacker could use this vulnerability for remote arbitrary code execution. The vulnerability exists widely in the Spring framework and derived frameworks, and JDK 9.0 and above will be affected. Products using older JDK versions are not affected.
FOFA **query rule**: [protocol="http" || protocol="https"](https://fofa.info/result?qbase64=cHJvdG9jb2w9Imh0dHAiIHx8IHByb3RvY29sPSJodHRwcyI%3D)
# Demo
![Spring_Core_Framework_Remote_Code_Execution_Vulnerability](Spring_Core_Framework_Remote_Code_Execution_Vulnerability.gif)

BIN
Spring/CVE-2022-22965/Spring_Core_Framework_Remote_Code_Execution_Vulnerability.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.6 MiB