{"vulnerability": "CVE-2021-22096", "sightings": [{"uuid": "86789671-a1e8-4053-9490-f91857f03923", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22096", "type": "seen", "source": "https://t.me/cibsecurity/31401", "content": "\u203c CVE-2021-22096 \u203c\n\nIn Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-28T20:17:24.000000Z"}, {"uuid": "0ba4f1d4-5866-4e1c-a5b3-c943579aac48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22096", "type": "seen", "source": "https://t.me/arpsyndicate/3238", "content": "#ExploitObserverAlert\n\nCVE-2021-22096\n\nDESCRIPTION: Exploit Observer has 8 entries in 4 file formats related to CVE-2021-22096. In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries.\n\nFIRST-EPSS: 0.000790000\nNVD-IS: 1.4\nNVD-ES: 2.8", "creation_timestamp": "2024-01-28T06:45:41.000000Z"}, {"uuid": "4e86b587-0e82-4703-8c68-60aac1684972", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22096", "type": "seen", "source": "https://t.me/arpsyndicate/3151", "content": "#ExploitObserverAlert\n\nCVE-2021-22060\n\nDESCRIPTION: Exploit Observer has 6 entries in 4 file formats related to CVE-2021-22060. In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. This is a follow-up to CVE-2021-22096 that protects against additional types of input and in more places of the Spring Framework codebase.\n\nFIRST-EPSS: 0.000540000\nNVD-IS: 1.4\nNVD-ES: 2.8", "creation_timestamp": "2024-01-28T01:31:50.000000Z"}, {"uuid": "bb05d7bb-9539-447e-935e-06f070075a6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-22096", "type": "seen", "source": "https://t.me/VulnerabilityNews/26025", "content": "In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. This is a follow-up to CVE-2021-22096 that protects against additional types of input and in more places of the Spring Framework codebase.\nPublished at: January 10, 2022 at 03:10PM\nView on website", "creation_timestamp": "2022-01-10T16:42:30.000000Z"}]}