CVE-2026-22750 — CVSS 7.5 (high): When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.bundle, the configuration was silently…
CVE-2021-22051 — CVSS 6.5 (medium): Applications using Spring Cloud Gateway are vulnerable to specifically crafted requests that could make an extra request on downstream…
CVE-2022-22946 — CVSS 5.5 (medium): In spring cloud gateway versions prior to 3.1.1+ , applications that are configured to enable HTTP2 and no key store or trusted…