CVE-2021-22095

EPSS 1.0%CWE-502

In Spring AMQP versions 2.2.0 - 2.2.19 and 2.3.0 - 2.3.11, the Spring AMQP Message object, in its toString() method, will create a new String object from the message body, regardless of its size. This can cause an OOM Error with a large message

Affected products

n/a · Spring AMQP

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://tanzu.vmware.com/security/cve-2021-22097