CVE-2022-22963CISA KEVEPSS p100.0%
CVE-2022-22963VMware Tanzu Spring Cloud Function Remote Code Execution Vulnerability
VMware Tanzu / Spring Cloud
Description
When using routing functionality in VMware Tanzu's Spring Cloud Function, it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.
Scoring
| EPSS | 99.94% probability of exploitation · percentile 100.0% · 2026-06-18T12:00:27Z |
CISA KEV entry
Added to KEV: 2022-08-25
(incoming)1
| Type | Target | Confidence | Tier |
|---|---|---|---|
| KEVEntry | VMware Tanzu Spring Cloud Function Remote Code Execution Vulnerabilitykev-cve-2022-22963 | 0% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.