High severityNVD Advisory· Published Mar 30, 2022· Updated Aug 3, 2024
CVE-2022-27772
CVE-2022-27772
Description
spring-boot versions prior to version v2.2.11.RELEASE was vulnerable to temporary directory hijacking. This vulnerability impacted the org.springframework.boot.web.server.AbstractConfigurableWebServerFactory.createTempDir method. NOTE: This vulnerability only affects products and/or versions that are no longer supported by the maintainer
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.springframework.boot:spring-bootMaven | < 2.2.11.RELEASE | 2.2.11.RELEASE |
Affected products
2- spring-boot/spring-bootdescription
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-cm59-pr5q-cw85ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-27772ghsaADVISORY
- github.com/JLLeitschuh/security-research/security/advisories/GHSA-cm59-pr5q-cw85ghsax_refsource_MISCWEB
- github.com/spring-projects/spring-boot/commit/667ccdae84822072f9ea1a27ed5c77964c71002dghsaWEB
News mentions
0No linked articles in our index yet.