n Spring Framework versions 5.3.0 - 5.3.16 and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial of service condition.
CPE | Name | Operator | Version |
---|---|---|---|
spring_framework | lt | 5.2.20 | |
spring_framework | ge | 5.3.0 | |
spring_framework | lt | 5.3.17 |