Known Vulnerabilities for Spring Cloud Config by Vmware
Listed below are 8 of the newest known vulnerabilities associated with "Spring Cloud Config" by "Vmware".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-41004 json | When enabling trace logging in Spring Cloud Config Server sensitive information was placed in plain text in the logs. Spring ... | Not Provided | 2026-05-07 | 2026-05-07 |
| CVE-2026-41002 json | The base directory (`spring.cloud.config.server.git.basedir`) used by the Spring Cloud Config Server to clone Git repositorie... | Not Provided | 2026-05-07 | 2026-05-09 |
| CVE-2026-40982 json | Spring Cloud Config allows applications to serve arbitrary text and binary files through the spring-cloud-config-server modul... | Not Provided | 2026-05-07 | 2026-05-10 |
| CVE-2026-40981 json | When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config ... | Not Provided | 2026-05-07 | 2026-05-07 |
| CVE-2023-20859 json | In Spring Vault, versions 3.0.x prior to 3.0.2 and versions 2.3.x prior to 2.3.3 and older versions, an application is vulner... | 5.5 - MEDIUM | 2023-03-23 | 2023-03-28 |
| CVE-2020-5410 json | Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow appli... | 7.5 - HIGH | 2020-06-02 | 2022-09-20 |
| CVE-2020-5405 json | Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x prior to 2.1.7, and older unsupported versions allow appli... | 6.5 - MEDIUM | 2020-03-05 | 2020-03-07 |
| CVE-2019-3799 json | Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and old... | 6.5 - MEDIUM | 2019-05-06 | 2022-06-13 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Vmware | Spring Cloud Config | 3.0.0 | |||
| Application | Vmware | Spring Cloud Config | 3.0.0 | |||
| Application | Vmware | Spring Cloud Config | 2.2.3 | |||
| Application | Vmware | Spring Cloud Config | 2.2.2 | |||
| Application | Vmware | Spring Cloud Config | 2.2.1 | |||
| Application | Vmware | Spring Cloud Config | 2.2.0 | |||
| Application | Vmware | Spring Cloud Config | 2.2.0 | |||
| Application | Vmware | Spring Cloud Config | 2.2.0 | |||
| Application | Vmware | Spring Cloud Config | 2.2.0 | |||
| Application | Vmware | Spring Cloud Config | 2.2.0 | |||
| Application | Vmware | Spring Cloud Config | 2.2.0 | |||
| Application | Vmware | Spring Cloud Config | 2.1.9 | |||
| Application | Vmware | Spring Cloud Config | 2.1.8 | |||
| Application | Vmware | Spring Cloud Config | 2.1.7 | |||
| Application | Vmware | Spring Cloud Config | 2.1.6 | |||
| Application | Vmware | Spring Cloud Config | 2.1.5 | |||
| Application | Vmware | Spring Cloud Config | 2.1.4 | |||
| Application | Vmware | Spring Cloud Config | 2.1.3 | |||
| Application | Vmware | Spring Cloud Config | 2.1.2 | |||
| Application | Vmware | Spring Cloud Config | 2.1.1 |