Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-38807

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be...

6.3CVSS7.3AI score0.00123EPSS
Exploits0References3
Circl
Circl
added 2024/08/23 12:6 p.m.7 views

CVE-2024-38807

creationtimestamp| type| source ---|---|--- 2024-08-23 12:06:47+00:00| seen| https://t.me/cvedetector/3981...

6.3CVSS8.6AI score0.00123EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2024/08/23 9:30 a.m.7 views

com.alipay.sofa.koupleless:arklet-springboot-starter (>=1.0.0 <=1.4.2), com.alipay.sofa.koupleless:koupleless-base-starter (>=1.0.0 <=1.4.2) +84 more potentially affected by CVE-2024-38807 via org.springframework.boot:spring-boot-loader (>=2.7.0 <=2.7.2)

org.springframework.boot:spring-boot-loader MAVEN version =2.7.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =0.5.1, =0.5.1, =2.2.4, =2.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.1 and more Source cves: CVE-2024-38807 Source advisory:...

6.3CVSS7.7AI score0.00123EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/08/23 9:30 a.m.7 views

com.wizzdi:FlexiCore (=7.0.0), org.springframework.boot:spring-boot-jarmode-layertools (>=3.0.0 <=3.0.13) +2 more potentially affected by CVE-2024-38807 via org.springframework.boot:spring-boot-loader (>=3.0.0 <=3.0.13)

org.springframework.boot:spring-boot-loader MAVEN version =3.0.0, =3.0.0, =4.0.0, =4.0.0, =4.0.6 Source cves: CVE-2024-38807 Source advisory: OSV:GHSA-7CJ3-X93G-GJ76...

6.3CVSS7.2AI score0.00123EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/08/23 9:30 a.m.7 views

io.americanexpress.synapse:sample-function-greeter-gcp (>=0.4.0 <=0.4.14), io.zipkin:zipkin-server (>=3.0.0 <=3.3.0) +3 more potentially affected by CVE-2024-38807 via org.springframework.boot:spring-boot-loader-classic (>=3.2.0 <=3.2.8)

org.springframework.boot:spring-boot-loader-classic MAVEN version =3.2.0, =0.4.0, =3.0.0, =3.2.0, =4.1.0, =4.1.0, =4.1.5 Source cves: CVE-2024-38807 Source advisory: OSV:GHSA-7CJ3-X93G-GJ76...

6.3CVSS7.2AI score0.00123EPSS
Exploits0
NVD
NVD
added 2024/08/23 9:15 a.m.47 views

CVE-2024-38807

Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another...

6.3CVSS0.00123EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/23 8:26 a.m.61 views

CVE-2024-38807 CVE-2024-38807: Signature Forgery Vulnerability in Spring Boot's Loader

Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another...

6.3CVSS0.00123EPSS
Exploits0References1
Rows per page
Query Builder