EUVD-2012-1843

Malware in sbrugna...

EUVD-2022-6263

Malicious code in bioql PyPI...

CVE-2023-46131 Grails® data binding causes JVM crash and/or DoS

Grails is a framework used to build web applications with the Groovy programming language. A specially crafted web request can lead to a JVM crash or denial of service. Any Grails framework application using Grails data binding is vulnerable. This issue has been patched in version 3.3.17, 4.1.3,...

BSA-2022-1769

Security Advisory ID : BSA-2022-1769 Component : Spring Framework RCE Revision : 1.0 Brocade PSIRT has become aware ofan RCE vulnerability in the Spring Framework. A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution RCE via data binding. More...

Spring Remote Code Execution: CVE-2022-22963 and CVE-2022-22965

SonicWall PSIRT is tracking two critical vulnerabilities impacting the Spring Framework. This advisory is intended to address both. 1CVE-2022-22963: Remote code execution in Spring Cloud Function by malicious Spring ExpressionIn Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported...

FasterXML jackson-databind code issue vulnerability (CNVD-2020-53535)

FasterXML Jackson is a U.S. FasterXML company for Java data processing tools . jackson-databind is one of the components with data binding capabilities . A security vulnerability exists in FasterXML jackson-databind version 2.x prior to 2.9.10.5. No detailed vulnerability details are provided at...