14 matches found
ROOT-APP-MAVEN-CVE-2024-38828 CVE-2024-38828 in io.root.org.springframework:spring-webmvc - Patched by Root
Root has patched CVE-2024-38828 in the io.root.org.springframework:spring-webmvc package for Root:Maven. Multiple fixed versions available...
Security Bulletin: IBM OpenPages for Cloud Pak for Data is Vulnerable to Multiple Spring Framework Vulnerabilities (CVE-2024-38828,CVE-2024-38820)
Summary Spring MVC controller vulnerable to a DoS attack and DataBinder Case Sensitive Match Exception. These vulnerabilities were remediated. Vulnerability Details CVEID:CVE-2024-38828 DESCRIPTION: Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS...
Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in spring-webmvc-5.3.27.jar
Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of spring-webmvc-5.3.27.jar Vulnerability Details CVEID:CVE-2024-38828 DESCRIPTION: Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack. CWE:CWE-400: Uncontrolled Resource...
Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities
Summary QRadar Suite Software includes components with known vulnerabilities. These have been addressed in the update. Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide...
Security Bulletin: Rational Test Virtualization Server and Rational Test Workbench are vulnerable to denial of service due to Spring MVC (CVE-2024-38828)
Summary Rational Test Control Panel RTCP component of Rational Test Virtualization Server and Rational Test Workbench uses Spring MVC which is vulnerable to a denial of service attack CVE-2024-38828. Vulnerability Details CVEID:CVE-2024-38828 DESCRIPTION: Spring MVC controller methods with an...
Linux Distros Unpatched Vulnerability : CVE-2024-38828
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack. CVE-2024-38828 Note that Nessus relies on the presence ...
Spring Framework 5.3.x < 5.3.42 DoS (CVE-2024-38828)
The remote host contains a Spring Framework version that is affected by a denial of service vulnerability where Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack. Note that Nessus has not tested for this issue but has instead relied only on th...
This Week in Spring - November 19th, 2024
Hi, Spring fans! How are you? Can you believe we're already staring at the end of the month? It's that time of the year when we see new releases, and the new releases reflect that frenzy! Soon: Spring Boot 3.4.0! Are you updated? Make sure you're updated! Remember: Spring projects leave open sour...
DEBIAN-CVE-2024-38828
Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack...
CVE-2024-38828
Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack...
CVE-2024-38828
CVE-2024-38828: Spring MVC controller methods with an @RequestBody byte[] parameter are vulnerable to DoS (Uncontrolled Resource Consumption). Publicly documented in IBM OpenPages and related Bulletins; impact centers on Spring MVC data binding and request body handling. Remediation in affected I...
CVE-2024-38828 CVE-2024-38828: DoS via Spring MVC controller method with byte[] parameter
Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack...
CVE-2024-38828 CVE-2024-38828: DoS via Spring MVC controller method with byte[] parameter
Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack...
VMware Spring Framework < 5.3.42 DoS Vulnerability - Windows
The VMware Spring Framework is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...