[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-22976":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":24,"aliases":25,"duplicate_of":9,"upstream":27,"downstream":28,"duplicates":33,"related":34,"reserved_at":9,"published_at":35,"modified_at":36,"state":37,"summary":38,"references_raw":47,"kevs":91,"epss":92,"epss_history":95,"metrics":354,"affected":367},"CVE-2022-22976","Spring Security versions 5.5.x prior to 5.5.7, 5.6.x prior to 5.6.4, and earlier unsupported versions contain an integer overflow vulnerability. When using the BCrypt class with the maximum work factor (31), the encoder does not perform any salt rounds, due to an integer overflow error. The default settings are not affected by this CVE.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-190","Integer Overflow or Wraparound","The product performs a calculation that can\n         produce an integer overflow or wraparound when the logic\n         assumes that the resulting value will always be larger than\n         the original value. This occurs when an integer value is\n         incremented to a value that is too large to store in the\n         associated representation. When this occurs, the value may\n         become a very small or negative number.","weakness","Stable","Base","Medium",[20],{"id":21,"name":22,"techniques":23},"CAPEC-92","Forced Integer Overflow",[],[],[26],"GHSA-wx54-3278-m5g4",[],[29,31],{"_key":30},"RHSA-2023:3663",{"_key":32},"UBUNTU-CVE-2022-22976",[],[],"2022-05-19T14:50:46.000Z","2024-08-03T03:28:42.454Z","Modified",{"cisa_kev":39,"cisa_ransomware":39,"cisa_vendor":9,"epss_severity":40,"epss_score":41,"severity":42,"severity_score":43,"severity_version":44,"severity_source":45,"severity_vector":46,"severity_status":37},false,"low",0.0036,"medium",5.3,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",[48,58,64,69,74,78,82,87],{"url":49,"sources":50,"tags":53},"https://tanzu.vmware.com/security/cve-2022-22976",[51,45,52],"cve.org","osv_maven",[54,55,56,57],"X Refsource MISC","Mitigation","Vendor Advisory","WEB",{"url":59,"sources":60,"tags":61},"https://www.oracle.com/security-alerts/cpujul2022.html",[51,45,52],[54,62,63,57],"Patch","Third Party Advisory",{"url":65,"sources":66,"tags":67},"https://security.netapp.com/advisory/ntap-20220707-0003/",[51,45],[68,63],"X Refsource CONFIRM",{"url":70,"sources":71,"tags":72},"https://nvd.nist.gov/vuln/detail/CVE-2022-22976",[52],[73],"Advisory",{"url":75,"sources":76,"tags":77},"https://github.com/spring-projects/spring-security/commit/388a7b62b906bd56deadb7ca45248fa1a63bdf12",[52],[57],{"url":79,"sources":80,"tags":81},"https://github.com/spring-projects/spring-security/commit/a40f73521c0dd88b879ff6165d280e78bdf8154f",[52],[57],{"url":83,"sources":84,"tags":85},"https://github.com/spring-projects/spring-security",[52],[86],"PACKAGE",{"url":88,"sources":89,"tags":90},"https://security.netapp.com/advisory/ntap-20220707-0003",[52],[57],[],{"date":93,"score":41,"percentile":94},"2026-06-04",0.5847,[96,100,103,106,109,112,114,117,120,123,126,129,131,134,137,141,144,147,150,153,156,159,162,164,167,170,173,176,179,182,185,188,191,194,197,200,203,206,209,212,215,218,221,223,226,229,232,235,238,241,243,245,248,251,254,257,260,263,266,269,272,275,278,280,282,285,288,291,294,297,300,303,306,309,312,315,318,321,324,326,328,331,334,336,339,341,344,346,348,351],{"date":97,"score":98,"percentile":99},"2025-11-04",0.00415,0.60865,{"date":101,"score":98,"percentile":102},"2025-11-05",0.60852,{"date":104,"score":98,"percentile":105},"2025-11-06",0.60858,{"date":107,"score":98,"percentile":108},"2025-11-07",0.60872,{"date":110,"score":98,"percentile":111},"2025-11-08",0.60876,{"date":113,"score":98,"percentile":108},"2025-11-09",{"date":115,"score":98,"percentile":116},"2025-11-10",0.60849,{"date":118,"score":98,"percentile":119},"2025-11-11",0.60863,{"date":121,"score":41,"percentile":122},"2025-11-12",0.57512,{"date":124,"score":41,"percentile":125},"2025-11-13",0.57517,{"date":127,"score":41,"percentile":128},"2025-11-14",0.5752,{"date":130,"score":41,"percentile":122},"2025-11-15",{"date":132,"score":41,"percentile":133},"2025-11-16",0.57497,{"date":135,"score":41,"percentile":136},"2025-11-17",0.57494,{"date":138,"score":139,"percentile":140},"2025-11-18",0.00824,0.72365,{"date":142,"score":139,"percentile":143},"2025-11-19",0.72374,{"date":145,"score":139,"percentile":146},"2025-11-20",0.72383,{"date":148,"score":41,"percentile":149},"2025-11-21",0.5751,{"date":151,"score":41,"percentile":152},"2025-11-22",0.57505,{"date":154,"score":41,"percentile":155},"2025-11-23",0.57478,{"date":157,"score":41,"percentile":158},"2025-11-24",0.57473,{"date":160,"score":41,"percentile":161},"2025-11-25",0.57476,{"date":163,"score":41,"percentile":155},"2025-11-26",{"date":165,"score":41,"percentile":166},"2025-11-27",0.57479,{"date":168,"score":41,"percentile":169},"2025-11-28",0.57453,{"date":171,"score":41,"percentile":172},"2025-11-29",0.57439,{"date":174,"score":41,"percentile":175},"2025-11-30",0.57434,{"date":177,"score":41,"percentile":178},"2025-12-01",0.5759,{"date":180,"score":41,"percentile":181},"2025-12-02",0.57605,{"date":183,"score":41,"percentile":184},"2025-12-03",0.57603,{"date":186,"score":41,"percentile":187},"2025-12-04",0.57433,{"date":189,"score":41,"percentile":190},"2025-12-05",0.57446,{"date":192,"score":41,"percentile":193},"2025-12-06",0.57445,{"date":195,"score":41,"percentile":196},"2025-12-07",0.57441,{"date":198,"score":41,"percentile":199},"2025-12-08",0.57442,{"date":201,"score":41,"percentile":202},"2025-12-09",0.57468,{"date":204,"score":41,"percentile":205},"2025-12-10",0.57522,{"date":207,"score":41,"percentile":208},"2025-12-11",0.57547,{"date":210,"score":41,"percentile":211},"2025-12-12",0.57571,{"date":213,"score":41,"percentile":214},"2025-12-13",0.57568,{"date":216,"score":41,"percentile":217},"2025-12-14",0.5757,{"date":219,"score":41,"percentile":220},"2025-12-15",0.57554,{"date":222,"score":41,"percentile":214},"2025-12-16",{"date":224,"score":41,"percentile":225},"2025-12-17",0.57578,{"date":227,"score":41,"percentile":228},"2025-12-18",0.57613,{"date":230,"score":41,"percentile":231},"2025-12-19",0.57621,{"date":233,"score":41,"percentile":234},"2025-12-20",0.5762,{"date":236,"score":41,"percentile":237},"2025-12-21",0.57598,{"date":239,"score":41,"percentile":240},"2025-12-22",0.57582,{"date":242,"score":41,"percentile":178},"2025-12-23",{"date":244,"score":41,"percentile":184},"2025-12-24",{"date":246,"score":41,"percentile":247},"2025-12-25",0.57649,{"date":249,"score":41,"percentile":250},"2025-12-26",0.57644,{"date":252,"score":41,"percentile":253},"2025-12-27",0.57697,{"date":255,"score":41,"percentile":256},"2025-12-28",0.57617,{"date":258,"score":41,"percentile":259},"2025-12-29",0.57607,{"date":261,"score":41,"percentile":262},"2025-12-30",0.57608,{"date":264,"score":41,"percentile":265},"2025-12-31",0.57642,{"date":267,"score":41,"percentile":268},"2026-01-01",0.57813,{"date":270,"score":41,"percentile":271},"2026-01-02",0.57795,{"date":273,"score":41,"percentile":274},"2026-01-03",0.57793,{"date":276,"score":41,"percentile":277},"2026-01-04",0.57618,{"date":279,"score":41,"percentile":259},"2026-01-05",{"date":281,"score":41,"percentile":277},"2026-01-06",{"date":283,"score":41,"percentile":284},"2026-01-07",0.57646,{"date":286,"score":41,"percentile":287},"2026-01-08",0.57667,{"date":289,"score":41,"percentile":290},"2026-01-09",0.57671,{"date":292,"score":41,"percentile":293},"2026-01-10",0.5767,{"date":295,"score":41,"percentile":296},"2026-01-11",0.57653,{"date":298,"score":41,"percentile":299},"2026-01-12",0.57615,{"date":301,"score":41,"percentile":302},"2026-01-13",0.57594,{"date":304,"score":41,"percentile":305},"2026-01-14",0.57638,{"date":307,"score":41,"percentile":308},"2026-01-15",0.57641,{"date":310,"score":41,"percentile":311},"2026-01-16",0.57666,{"date":313,"score":41,"percentile":314},"2026-01-17",0.57655,{"date":316,"score":41,"percentile":317},"2026-01-18",0.57647,{"date":319,"score":41,"percentile":320},"2026-01-19",0.57633,{"date":322,"score":41,"percentile":323},"2026-01-20",0.57639,{"date":325,"score":41,"percentile":250},"2026-01-21",{"date":327,"score":41,"percentile":265},"2026-01-22",{"date":329,"score":41,"percentile":330},"2026-01-23",0.5768,{"date":332,"score":41,"percentile":333},"2026-01-24",0.57686,{"date":335,"score":41,"percentile":247},"2026-01-25",{"date":337,"score":41,"percentile":338},"2026-01-26",0.57635,{"date":340,"score":41,"percentile":317},"2026-01-27",{"date":342,"score":41,"percentile":343},"2026-01-28",0.57654,{"date":345,"score":41,"percentile":314},"2026-01-29",{"date":347,"score":41,"percentile":343},"2026-01-30",{"date":349,"score":41,"percentile":350},"2026-01-31",0.57656,{"date":352,"score":41,"percentile":353},"2026-02-01",0.57801,[355,365],{"source":45,"cvss_v2_0":356,"cvss_v3_0":9,"cvss_v3_1":361,"cvss_v4_0":9},{"baseScore":357,"baseSeverity":9,"vectorString":358,"impactScore":359,"exploitabilityScore":360},4.3,"AV:N/AC:M/Au:N/C:P/I:N/A:N",2.9,8.6,{"baseScore":43,"baseSeverity":362,"vectorString":46,"impactScore":363,"exploitabilityScore":364},"MEDIUM",2.3,10,{"source":52,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":366,"cvss_v4_0":9},{"baseScore":43,"baseSeverity":9,"vectorString":46,"impactScore":363,"exploitabilityScore":364},[368,387,396,405],{"ecosystem":369,"name":370,"vendor":371,"product":372,"cpe_part":9,"purl_type":373,"purl_namespace":371,"purl_name":372,"source":9,"versions":374},"Maven","org.springframework.security:spring-security-core","org.springframework.security","spring-security-core","maven",[375,383],{"version":376,"is_range":377,"range_type":378,"version_start":379,"version_start_type":380,"version_end":381,"version_end_type":382,"fixed_in":9},"gte5_2_0_RELEASE_lt5_5_7",true,"ecosystem","5.2.0.RELEASE","including","5.5.7","excluding",{"version":384,"is_range":377,"range_type":378,"version_start":385,"version_start_type":380,"version_end":386,"version_end_type":382,"fixed_in":9},"gte5_6_0_lt5_6_4","5.6.0","5.6.4",{"ecosystem":9,"name":388,"vendor":389,"product":390,"cpe_part":391,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":392},"active iq unified manager","netapp","active_iq_unified_manager","a",[393],{"version":394,"is_range":39,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"na","cpe",{"ecosystem":9,"name":397,"vendor":398,"product":399,"cpe_part":391,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":400},"financial services crime and compliance management studio","oracle","financial_services_crime_and_compliance_management_studio",[401,403],{"version":402,"is_range":39,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0.8.2.0",{"version":404,"is_range":39,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0.8.3.0",{"ecosystem":9,"name":406,"vendor":407,"product":408,"cpe_part":391,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":409},"spring security","vmware","spring_security",[410,413,415],{"version":411,"is_range":377,"range_type":395,"version_start":412,"version_start_type":380,"version_end":381,"version_end_type":382,"fixed_in":9},"gte5.2.1_lt5.5.7","5.2.1",{"version":414,"is_range":377,"range_type":395,"version_start":385,"version_start_type":380,"version_end":386,"version_end_type":382,"fixed_in":9},"gte5.6.0_lt5.6.4",{"version":416,"is_range":39,"range_type":395,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.2.0"]