In Spring Framework versions prior to 5.2.24.release+ , 5.3.27+ and 6.0.8+ , it is possible for a user to provide a specially crafted Spring Expression Language (SpEL) expression that may cause a denial-of-service (DoS) condition.
{ "nvd_published_at": "2023-04-13T20:15:00Z", "cwe_ids": [ "CWE-400", "CWE-770", "CWE-917" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2023-04-17T17:19:53Z" }