CVE-2026-22750
7.5 HIGHWhen configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.bundle, the configuration was silentl...
Published: 2026-04-10 · Last updated: 2026-06-05
Severity and scoring
- CVSS
- 7.5 HIGH
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
- CWE
- CWE-15
Affected products
| Vendor | Product |
|---|---|
| vmware | spring_cloud_gateway |
Description
When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.bundle, the configuration was silently ignored and the default SSL configuration was used instead. Note: The 4.2.x branch is no longer under open source support. If you are using Spring Cloud Gateway 4.2.0 and are not an enterprise customer, you can upgrade to any Spring Cloud Gateway 4.2.x release newer than 4.2.0 available on Maven Centeral https://repo1.maven.org/maven2/org/springframework/cloud/spring-cloud-gateway/ . Ideally if you are not an enterprise customer, you should be upgrading to 5.0.2 or 5.1.1 which are the current supported open source releases.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-22750
- [Vendor advisory]https://spring.io/security/cve-2026-22750
Related CVEs
Same vendor
- CVE-2026-41856 — The Spring GraphQL annotation detection mechanism for @Controller data fetchers may not correctly resolve annotations on methods within t... (7.5 HIGH)
- CVE-2026-41700 — Spring for GraphQL applications that have enabled the WebSocket transport are vulnerable to Cross-Site WebSocket Hijacking (8.1 HIGH)
- CVE-2026-41699 — Spring for GraphQL applications are vulnerable to Unsafe Deserialization when processing paginated GraphQL queries (8.1 HIGH)
- CVE-2026-41694 — Since Spring Security SAML decrypts SAML Responses as well as elements of SAML LogoutRequests and LogoutResponses without requiring a val... (3.7 LOW)
- CVE-2026-41003 — An attacker able to influence values in RelyingPartyRegistration may be able to run arbitrary code on HTML forms generated by Spring Secu... (7.6 HIGH)
Same CWE
- CVE-2026-0418 — Insufficient configuration management in the listed devices allows authenticated administrators connected to the local network to tamper ...
- CVE-2026-46399 — HAX CMS helps manage microsite universe with PHP or NodeJs backends
- CVE-2026-1784 — The Route OpenShift resource allows to define routes to make pods reachable at a subdomain through HAProxy (8.8 HIGH)
- CVE-2019-25716 — Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain a denial-of-service vulnerability that allows remote attackers to cau... (6.5 MEDIUM)
- CVE-2026-45087 — Dalfox is a powerful open-source XSS scanner and utility focused on automation (10.0 CRITICAL)