Get ahead
VMware offers training and certification to turbo-charge your progress.
Learn moreIn Spring Cloud Function, an application is vulnerable to a DOS attack when attempting to compose functions with non-existing functions.
Specifically, an application is vulnerable when using the Spring Cloud Function Web module
Spring Cloud Function:
| Fix version | Availability |
|---|---|
| 4.1.2 | OSS |
| 4.0.8 | Enterprise Support Only |
No further mitigation steps are necessary.
This issue was identified and responsibly reported by devme4f from VNPT-VCI
To report a security vulnerability for a project within the Spring portfolio, see the Security Policy