HTTP Service Client Enhancements

In this 3rd blog post of the Road to GA series that’s highlighting major features within the Spring portfolio for the next major versions to be released in November we’ll have a look at new features for HTTP service clients, which are a collaborative effort across several Spring projects...

Front-running the Vault721.sol::build(address _user) can DoS the protocol for new users

Lines of code Vulnerability details Impact New users can't register and use the protocol until they discover the deployed address of their proxy, which is detrimental to the protocol's reputation Proof of Concept Attackers/bots are able to DOS the protocol for the new users who wants to create...

Front-Running during Proxy Creation

Lines of code Vulnerability details Impact An ill-intentioned party might front run every proxy contracts creation and deploy one first causing the transaction for every user to revert. It is worth noting that for this attack to succeed, the attacker would need to get their transaction mined in t...

Artica Pandora FMS 跨站脚本漏洞

Artica Pandora FMS is a monitoring system from the Spanish company Artica. The system monitors networks, servers, virtual infrastructures, applications, etc. in a visual way. A security vulnerability exists in Artica Pandora FMS v7.0NG.761 and earlier versions, which stems from the alias paramete...

chromium-browser: same-origin-bypass in V8

Google Chrome before 40.0.2214.91, when the Harmony proxy in Google V8 is enabled, allows remote attackers to bypass the Same Origin Policy via crafted JavaScript code with Proxy.create and console.log calls, related to HTTP responses that lack an "X-Content-Type-Options: nosniff" header...