pkg:Maven/org.springframework.cloud:spring-cloud-gateway

All known vulnerabilities

• CRITICAL10.0CVE-2022-22947⚠ KEVSpring Cloud Gateway vulnerable to Code Injection when Gateway Actuator endpoint enabled, exposed, unsecured
  from 0, < 3.0.7
• HIGH7.5CVE-2026-22750Spring Cloud Gateway's SSL bundle configuration silently bypassed
  >= 4.2.0, < 4.2.1
• MEDIUM6.5Request injection in Spring Cloud Gateway
  >= 3.0.0, < 3.0.5