EUVD-2022-6263

Malicious code in bioql PyPI...

GHSA-3PJV-R7W4-2CF5 Grails data binding causes JVM crash and/or other denial of service

Impact A specially crafted web request can lead to a JVM crash or denial of service. Any Grails framework application using Grails data binding is vulnerable. Patches Patches are available for Grails 3 and later. Workarounds No workaround is possible except to avoid data binding to request data...

PT-2023-29864 · Grails · Grails

Name of the Vulnerable Software and Affected Versions: Grails versions prior to 3.3.17 Grails versions prior to 4.1.3 Grails versions prior to 5.3.4 Grails versions prior to 6.1.0 Description: A specially crafted web request can lead to a JVM crash or denial of service. Any Grails framework...

CVE-2022-35912

In grails-databinding in Grails before 3.3.15, 4.x before 4.1.1, 5.x before 5.1.9, and 5.2.x before 5.2.1 at least when certain Java 8 configurations are used, data binding allows a remote attacker to execute code by gaining access to the class loader...

Grails 代码注入漏洞

Grails is the Grails project is based on the Groovy programming language and a set of rapid development of Web applications for the open source framework . A security vulnerability in Grails-databinding versions prior to 3.3.15, 4.x versions prior to 4.1.1, 5.x versions prior to 5.1.9, and 5.2.x...