CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Apr 25, 2022
High
CISA KEVCVE-2022-22965
VMware—Spring Framework
Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding.
Required Action
https://nvd.nist.gov/vuln/detail/CVE-2022-22965
Vulnerability Overview
- Severity
- High
- CISA KEV
- Yes
- Ransomware
- Unknown
- Published
- Apr 4, 2022
- KEV Added
- Apr 4, 2022
- Due Date
- Apr 25, 2022
- Related Articles
- 0
Vendor
VMware
Spring Framework