Vmware Spring Integration — known CVE vulnerabilities
Every CVE whose affected-product data names Vmware Spring Integration, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2019-3772 — CVSS 9.8 (critical): Spring Integration (spring-integration-xml and spring-integration-ws modules), versions 4.3.18, 5.0.10, 5.1.1, and older unsupported…
CVE-2020-5413 — CVSS 9.8 (critical): Spring Integration framework provides Kryo Codec implementations as an alternative for Java (de)serialization. When Kryo is configured with…