{"uuid": "dd92d3f7-ea2c-4f5d-8b97-8b1d8aa6d9cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22978", "type": "seen", "source": "https://t.me/cibsecurity/42984", "content": "\u203c CVE-2022-22978 \u203c\n\nIn Spring Security versions 5.5.6 and 5.5.7 and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-19T18:29:42.000000Z"}