{"package":"org.springframework.cloud:spring-cloud-gateway","ecosystem":"maven","latest_version":"4.3.0","description":"Spring Cloud Gateway","license":"Apache-2.0","license_risk":"permissive","commercial_use_notes":"Permissive: commercial closed-source use OK; preserve the copyright notice.","homepage":"https://spring.io/spring-cloud/spring-cloud-gateway","repository":"https://github.com/spring-cloud/spring-cloud-gateway","downloads_weekly":null,"health":{"score":48,"risk":"high","breakdown":{"maintenance":10,"popularity":0,"security":23,"maturity":15,"community":0},"deprecated":false,"max_score":100},"vulnerabilities":{"count":1,"critical":0,"high":0,"medium":1,"low":0,"details":[{"vuln_id":"CVE-2021-22051","severity":"medium","summary":"Request injection in Spring Cloud Gateway","affected_versions":">=3.0.0,<3.0.5|>=2.2.0,<2.2.10.RELEASE0.5|=3.0.0|=3.0.1|=3.0.2|=3.0.3|=3.0.4|=2.2.0.RELEASE|=2.2.1.RELEASE|=2.2.10.RELEASE|=2.2.2.RELEASE|=2.2.3.RELEASE|=2.2.4.RELEASE|=2.2.5.RELEASE|=2.2.6.RELEASE|=2.2.7.RELEASE|=2.2.8.RELEASE|=2.2.9.RELEASE","fixed_version":"2.2.10.RELEASE0.5","source":"osv","published_at":"2021-11-10T19:45:02Z","in_kev":false,"epss_prob":0.00135,"epss_percentile":0.32944,"threat_tier":"theoretical"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"4.3.0","total_count":70,"recent":["4.3.0","4.2.3","4.1.8","3.1.10","4.2.2","4.1.7","4.2.1","4.2.0","4.1.6","4.1.5","4.1.4","4.1.3","4.1.2","4.0.9","4.1.1","4.1.0","3.1.9","4.0.8","4.0.7","3.1.8"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":0,"first_published":null,"last_published":"2025-05-29T16:07:37+00:00","dependencies_count":0,"dependencies":[]},"bundle":null,"typescript":null,"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"safe_to_use","issues":[],"use_version":"4.3.0","version_hint":"Update to >= 2.2.10.RELEASE0.5 to fix known vulnerabilities","summary":"org.springframework.cloud:spring-cloud-gateway@4.3.0 is safe to use (health: 48/100)"},"version_scoped":null,"requested_version":null,"_cache":"miss","_response_ms":616,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":true,"bus_factor_3m":1,"active_contributors_12m":0,"primary_author_ratio":0.0,"owner_account_age_days":4338,"is_archived":false,"stars":4860,"alerts":["single_active_maintainer_3m"]},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false},"version_history_summary":{"total_versions":20,"first_release_age_days":3080,"last_release_days_ago":334,"avg_days_between_releases":162,"release_velocity":"moderate"}}