In Spring Cloud OpenFeign 3.0.0 to 3.0.4, 2.2.0.RELEASE to 2.2.9.RELEASE, and older unsupported versions, applications using type-level `@RequestMapping`annotations over Feign client interfaces, can be involuntarily exposing endpoints corresponding to `@RequestMapping`-annotated interface methods.
References
Link | Resource |
---|---|
https://tanzu.vmware.com/security/cve-2021-22044 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: vmware
Published: 2021-10-28T15:20:15
Updated: 2021-10-28T15:20:15
Reserved: 2021-01-04T00:00:00
Link: CVE-2021-22044
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-10-28T16:15:07.580
Modified: 2022-10-25T16:14:47.430
Link: CVE-2021-22044
JSON object: View
Redhat Information
No data.