High
CVSS: 8.6
A JSONPath injection vulnerability in Spring AI's AbstractFilterExpressionConverter allows authenticated users to bypass metadata-based access controls through crafted filter expressions. User-controlled input passed to FilterExpressionBuil…
High
CVSS: 8.8
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') vulnerability in The Wikimedia Foundation Mediawiki - DiscussionTools Extension allows Regular Expression Exponential Blo…
High
CVSS: 7.5
The following versions of Spring Cloud Gateway Server Webflux may be vulnerable to the ability to expose environment variables and system properties to attackers.
An application should be considered vulnerable when all the following are tr…
Critical
CVSS: 10.0
An improper neutralization of inputs used in expression
language allows remote code execution with the highest privileges on the
server.