I am having a springboot application and my local maven repository is having spring cloud dependencies present in it. I understand that for someone to use the CVE-2022-22963 vulnerability, the code should written to use the Spring Cloud routing function. Presence of the the spring cloud jar dependencies is alone not enough to exploit this vulnerability.
As per this link (https://sysdig.com/blog/cve-2022-22963-spring-cloud/),
The issue with CVE-2022-22963 is that it permits using HTTP request header spring.cloud.function.routing-expression parameter and SpEL expression to be injected and executed through StandardEvaluationContext.
