cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-22946,https://securityvulnerability.io/vulnerability/CVE-2022-22946,Insecure TrustManager in Spring Cloud Gateway Across Versions,"Spring Cloud Gateway versions prior to 3.1.1+ are susceptible to a vulnerability where applications configured to enable HTTP2 without a key store or trusted certificates utilize an insecure TrustManager. This misconfiguration allows the gateway to establish connections with remote services that present invalid or custom certificates, potentially exposing systems to security risks.",Vmware,Spring Cloud Gateway,5.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-03-04T15:50:06.000Z,0
CVE-2022-22947,https://securityvulnerability.io/vulnerability/CVE-2022-22947,Code Injection Vulnerability in Spring Cloud Gateway by VMware,"Certain versions of Spring Cloud Gateway are susceptible to a code injection vulnerability when the Gateway Actuator endpoint is enabled and unsecured. This flaw allows remote attackers to craft malicious requests, potentially leading to arbitrary code execution on the affected host. Proper security measures should be implemented to mitigate this risk.",Vmware,Spring Cloud Gateway,10,CRITICAL,0.974590003490448,true,2022-05-16T00:00:00.000Z,false,false,true,2022-05-16T00:00:00.000Z,true,false,false,,2022-03-03T00:00:00.000Z,0
CVE-2021-22051,https://securityvulnerability.io/vulnerability/CVE-2021-22051,Vulnerability in Spring Cloud Gateway Affects VMware,"A vulnerability exists in VMware's Spring Cloud Gateway that allows specially crafted requests to trigger additional unauthorized requests to downstream services. This could lead to potential data exposure or service misuse. It is crucial for users operating on affected versions to update: those using version 3.0.x should upgrade to 3.0.5 or higher, while users on the 2.2.x line need to move to version 2.2.10.RELEASE or newer to mitigate this risk.",Vmware,Spring Cloud Gateway,6.5,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2021-11-08T13:37:29.000Z,0