3 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: fix list double add in uvcgvideopump A panic may occur if the endpoint becomes disabled, and uvcgvideopump adds the request back to the reqfree list after it has already been queued to the endpoint. The...
Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to an Improper Input Validation in Spring [CVE-2025-22235]
Summary IBM Watson Speech Services Cartridge is vulnerable to an Improper Input Validation in Spring , caused by Spring Boot EndpointRequest.to creating the wrong matcher if the actuator endpoint is not exposed CVE-2025-22235 . Spring is used as part of our Java Microservices. This vulnerabilitiy...
UBUNTU-CVE-2025-22235
EndpointRequest.to creates a matcher for null/ if the actuator endpoint, for which the EndpointRequest has been created, is disabled or not exposed. Your application may be affected by this if all the following conditions are met: You use Spring Security EndpointRequest.to has been used in a Spri...