Spring Session
1 CVEs
product
Monthly
In Spring Session version 3.0.0, the session id can be logged to the standard output stream. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Java
Information Disclosure
Spring Session
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-20866
Maven
EPSS 1%
CVSS 6.5
MEDIUM
PATCH
This Month
In Spring Session version 3.0.0, the session id can be logged to the standard output stream. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Java
Information Disclosure
Spring Session
NVD