Description
In Spring Cloud Function versions prior to 3.2.6, it is possible for a user who directly interacts with framework provided lookup functionality to cause a denial-of-service condition due to the caching issue in the Function Catalog component of the framework.
Remediation
References
https://tanzu.vmware.com/security/cve-2022-22979
Related Vulnerabilities
CVE-2018-0114 Vulnerability in npm package node-jose
CVE-2010-1622 Vulnerability in maven package org.springframework:spring-core
CVE-2022-22984 Vulnerability in npm package snyk-sbt-plugin
CVE-2018-11788 Vulnerability in maven package org.apache.karaf:org.apache.karaf.util
CVE-2021-21347 Vulnerability in maven package com.thoughtworks.xstream:xstream