漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
Applications using Spring Cloud Gateway are vulnerable to specifically crafted requests that could make an extra request on downstream services. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.5+, 2.2.x users should upgrade to 2.2.10.RELEASE or newer.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Spring Cloud Gateway 安全漏洞
Vulnerability Description
Spring Cloud Gateway是提供了一个用于在 Spring WebFlux 之上构建 API 网关的库。 Spring Cloud Gateway存在安全漏洞,该漏洞源于使用SpringCloudGateway的应用程序容易受到精心编制的请求的攻击,这些请求可能会对下游服务发出额外请求。用户可采用以下缓解措施:3.0.x用户应升级到3.0.5+,2.2.x用户应升级到2.2.10.RELEASE或更新版本。
CVSS Information
N/A
Vulnerability Type
N/A