CVE-2026-40990
EUVD-2026-3373401.06.2026, 19:16
OOM error is possible while attempting to add infinite amount of functions to Function Registry. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6 Spring Cloud Function 4.3.x: versions prior to 4.3.3 Spring Cloud Function 5.0.x: versions prior to 5.0.2 Older, unsupported versions are also affected.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| vmware | spring_cloud_function | 3.2.0 ≤ 𝑥 < 3.2.16 |
| vmware | spring_cloud_function | 4.1.0 ≤ 𝑥 < 4.1.10 |
| vmware | spring_cloud_function | 4.2.0 ≤ 𝑥 < 4.2.6 |
| vmware | spring_cloud_function | 4.3.0 ≤ 𝑥 < 4.3.3 |
| vmware | spring_cloud_function | 5.0.0 ≤ 𝑥 < 5.0.2 |
𝑥
= Vulnerable software versions