## https://sploitus.com/exploit?id=SAINT:ACED9607933F401D5B0A59CB25D22B09
Added: 04/05/2022
### Background
[Spring Cloud Function](<https://spring.io/projects/spring-cloud-function#overview>) abstracts all transport details and infrastructure, allowing developers to keep all familiar tools and processes and focus on business logic.
### Problem
Spring Cloud Function has remote code execution vulnerability. An attacker could provide a crafted Spring Expression language (SpEL) as a routing-expression that may result in access to local resources.
### Resolution
Apply the patch referenced in the [CVE-2022-22963](<https://tanzu.vmware.com/security/cve-2022-22963>).
### References
<https://tanzu.vmware.com/security/cve-2022-22963>
### Limitations
### Platforms
Windows
Linux