Lucene search
K

14 matches found

OSV
OSV
added 2026/06/23 9:44 a.m.6 views

ROOT-APP-MAVEN-CVE-2024-38828 CVE-2024-38828 in io.root.org.springframework:spring-webmvc - Patched by Root

Root has patched CVE-2024-38828 in the io.root.org.springframework:spring-webmvc package for Root:Maven. Multiple fixed versions available...

5.3CVSS7.4AI score0.00729EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/03 2:13 a.m.14 views

Security Bulletin: IBM OpenPages for Cloud Pak for Data is Vulnerable to Multiple Spring Framework Vulnerabilities (CVE-2024-38828,CVE-2024-38820)

Summary Spring MVC controller vulnerable to a DoS attack and DataBinder Case Sensitive Match Exception. These vulnerabilities were remediated. Vulnerability Details CVEID:CVE-2024-38828 DESCRIPTION: Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS...

5.3CVSS6.7AI score0.00729EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/10 8:59 a.m.8 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in spring-webmvc-5.3.27.jar

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of spring-webmvc-5.3.27.jar Vulnerability Details CVEID:CVE-2024-38828 DESCRIPTION: Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack. CWE:CWE-400: Uncontrolled Resource...

5.3CVSS6.7AI score0.00729EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/03 11:35 a.m.25 views

Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities

Summary QRadar Suite Software includes components with known vulnerabilities. These have been addressed in the update. Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide...

8.1CVSS10AI score0.13204EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/21 6:42 p.m.16 views

Security Bulletin: Rational Test Virtualization Server and Rational Test Workbench are vulnerable to denial of service due to Spring MVC (CVE-2024-38828)

Summary Rational Test Control Panel RTCP component of Rational Test Virtualization Server and Rational Test Workbench uses Spring MVC which is vulnerable to a denial of service attack CVE-2024-38828. Vulnerability Details CVEID:CVE-2024-38828 DESCRIPTION: Spring MVC controller methods with an...

5.3CVSS8.3AI score0.00729EPSS
Exploits0Affected Software2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2024-38828

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack. CVE-2024-38828 Note that Nessus relies on the presence ...

5.3CVSS6.8AI score0.00729EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/11/20 12:0 a.m.11 views

Spring Framework 5.3.x < 5.3.42 DoS (CVE-2024-38828)

The remote host contains a Spring Framework version that is affected by a denial of service vulnerability where Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack. Note that Nessus has not tested for this issue but has instead relied only on th...

5.3CVSS6.7AI score0.00729EPSS
Exploits0References2
Spring Security Advisories
Spring Security Advisories
added 2024/11/19 12:0 a.m.50 views

This Week in Spring - November 19th, 2024

Hi, Spring fans! How are you? Can you believe we're already staring at the end of the month? It's that time of the year when we see new releases, and the new releases reflect that frenzy! Soon: Spring Boot 3.4.0! Are you updated? Make sure you're updated! Remember: Spring projects leave open sour...

5.3CVSS6.8AI score0.00729EPSS
Exploits0
OSV
OSV
added 2024/11/18 4:15 a.m.4 views

DEBIAN-CVE-2024-38828

Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack...

5.3CVSS6.5AI score0.00729EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/11/18 4:15 a.m.25 views

CVE-2024-38828

Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack...

5.3CVSS6.8AI score0.00729EPSS
Exploits0References2
CVE
CVE
added 2024/11/18 3:45 a.m.233 views

CVE-2024-38828

CVE-2024-38828: Spring MVC controller methods with an @RequestBody byte[] parameter are vulnerable to DoS (Uncontrolled Resource Consumption). Publicly documented in IBM OpenPages and related Bulletins; impact centers on Spring MVC data binding and request body handling. Remediation in affected I...

5.3CVSS5AI score0.00729EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/18 3:45 a.m.53 views

CVE-2024-38828 CVE-2024-38828: DoS via Spring MVC controller method with byte[] parameter

Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack...

5.3CVSS0.00729EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/18 3:45 a.m.22 views

CVE-2024-38828 CVE-2024-38828: DoS via Spring MVC controller method with byte[] parameter

Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack...

5.3CVSS7.1AI score0.00729EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/11/18 12:0 a.m.22 views

VMware Spring Framework < 5.3.42 DoS Vulnerability - Windows

The VMware Spring Framework is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.3CVSS6.4AI score0.00729EPSS
Exploits0References2
Rows per page
Query Builder