The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user. (CVE-2022-22971) Note that Nessus relies on the presence of the package as reported by the vendor. File data…Read More