MGASA-2023-0207 Updated docker-docker-registry packages fix security vulnerability

Denail of service through excessive use of memory. CVE-2023-2253...

Updated docker-docker-registry packages fix security vulnerability

Denail of service through excessive use of memory. CVE-2023-2253...

Using Spring for GraphQL with Spring Data Neo4j

Introduction This is a guest blog post by Gerrit Meier from Neo4j who maintains the Spring Data Neo4j module. A few weeks ago version 1.2.0 of Spring for GraphQL was released with a bunch of new features. This also includes even better integration with Spring Data modules. Motivated by those...

This Week in Spring - June 27th, 2023

Hi Spring fans! Welcome to another installment of This Week in Spring! This week I am in Seoul talking to developers about the latest-and-greatest in Spring Boot 3! There's so much great stuff coming, and so much great stuff already. There are a few things I'm super excited about. First, yesterda...

Important Photon OS Security Update - PHSA-2023-5.0-0038

Updates of 'docker-compose' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2023-3.0-0604

Updates of 'docker-compose', 'binutils' packages of Photon OS have been released...

Improved Testcontainers Support in Spring Boot 3.1

There's been support for Testcontainers in Spring Boot for some time now, and Spring Boot 3.1 improves it further. But first, let's take a look at what Testcontainers is and how it's usually used. Testcontainers is an open source framework for providing throwaway, lightweight instances of...

Docker Compose Support in Spring Boot 3.1

Docker Compose support in Spring Boot 3.1 builds on top of the ConnectionDetails abstraction, which we've featured in a separate blog post. If you haven't already read it, please do so before reading this post. Docker Compose "is a tool for defining and running multi-container Docker applications...

Exploit for Code Injection in Vmware Spring_Framework

Spring4Shell Spring4Shell CVE-2022-22965 Proof Of Concept wi...

Exploit for Code Injection in Vmware Spring_Framework

Spring4Shell Spring4Shell CVE-2022-22965 Proof Of Concept wi...

Exploit for Cross-site Scripting in Ourphp

CVE-2023-30212-POC Creating a Vulnerable Docker Environmen...

Spring Boot 3.1's ConnectionDetails abstraction

If you've used Spring Boot for a while, you're probably familiar with setting up connection details using properties. For example, you may have used spring.datasource.url to configure a JDBC connection. In Spring Boot 3.1 this continues to work as you'd expect, but we've changed things a bit unde...

Exploit for Path Traversal in Igniterealtime Openfire

CVE-2023-32315 Openfire Console Authentication Bypass Vulnerab...

vulhub

This repository is an open-source collection of pre-built vulnerable Docker environments, known as Vulhub. It is a defensive research tool for improving detection, response, and patch prioritization. The repository contains various vulnerable environments, including CouchDB, FFmpeg, Git, and more...

Exploit for SQL Injection in Osgeo Geoserver

CVE-2023-25157-checker A script, written in golang. POC for CV...

EulerOS 2.0 SP8 : docker-engine (EulerOS-SA-2023-2190)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - containerd is an open source container runtime. A bug was found in the containerd's CRI implementation where programs inside a container c...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2023-2190)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2023-2142)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: CVE-2023-28484 may affect IBM CICS TX Advanced 10.1

Summary CVE-2023-28484 may affect IBM CICS TX Advanced 10.1. IBM CICS TX Advanced 10.1 has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2023-28484 DESCRIPTION: GNOME libxml2 is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the...

SUSE-SU-2023:2465-1 Security update for supportutils

This update for supportutils fixes the following issues: Security fixes: - CVE-2022-45154: Removed iSCSI passwords from supportconfig archive bsc1207598. Bug fixes: - Fixed missing status detail for apparmor bsc1196933 - Corrected invalid argument list in docker.txt bsc1206608 - Changed...