PT-2024-9997 · Spring +1 · Spring Ldap +1

Name of the Vulnerable Software and Affected Versions: Spring LDAP versions 2.4.0 through 2.4.3 Spring LDAP versions 3.0.0 through 3.2.7 Description: The issue is related to insufficient case sensitivity checking in the String.toLowerCase and String.toUpperCase functions of the Spring LDAP projec...

PT-2024-8762

Name of the Vulnerable Software and Affected Versions Spring Security affected versions not specified Description The issue is related to the use of String.toLowerCase and String.toUpperCase functions in the Java framework for Spring Security, which can lead to improper authorization. This is due...

This Week in Spring - November 19th, 2024

Hi, Spring fans! How are you? Can you believe we're already staring at the end of the month? It's that time of the year when we see new releases, and the new releases reflect that frenzy! Soon: Spring Boot 3.4.0! Are you updated? Make sure you're updated! Remember: Spring projects leave open sour...

CVE-2024-38828

A flaw was found in the Spring Framework. In certain versions, Spring MVC controller methods with a @RequestBody byte method parameter are vulnerable to a denial of service attack...

GHSA-W3C8-7R8F-9JP8 Spring MVC controller vulnerable to a DoS attack

Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack...

africa.absa:inception-api (>=1.1.0 <=1.2.0), africa.absa:inception-codes-api (>=1.1.0 <=1.2.0) +10746 more potentially affected by CVE-2024-38828 via org.springframework:spring-webmvc (>=5.3.0 <=5.3.4)

org.springframework:spring-webmvc MAVEN version =5.3.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =4.4.0.2, =1.4.2, =1.6.6, =1.6.6.1 - ai.platon:distributed-lock-example =1.4.2 and more Source cves: CVE-2024-38828 Source advisory: OSV:GHSA-W3C8-7R8F-9JP8...

Spring MVC controller vulnerable to a DoS attack

Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack...

CVE-2024-38828

Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack...

CVE-2024-38828

Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack...

DEBIAN-CVE-2024-38828

Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack...

UBUNTU-CVE-2024-38828

Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack...

CVE-2024-38828 CVE-2024-38828: DoS via Spring MVC controller method with byte[] parameter

Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack...

CVE-2024-38828 CVE-2024-38828: DoS via Spring MVC controller method with byte[] parameter

Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack...

CVE-2024-38828

CVE-2024-38828: Spring MVC controller methods with an @RequestBody byte[] parameter are vulnerable to DoS (Uncontrolled Resource Consumption). Publicly documented in IBM OpenPages and related Bulletins; impact centers on Spring MVC data binding and request body handling. Remediation in affected I...

CVE-2024-38828

Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack...

VMware Spring Framework < 5.3.42 DoS Vulnerability - Windows

The VMware Spring Framework is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

VMware Spring Framework < 5.3.42 DoS Vulnerability - Linux

The VMware Spring Framework is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

VMware Spring Framework 安全漏洞

VMware Spring Framework is a set of open source Java, JavaEE application frameworks from VMware. The framework helps developers build high-quality applications. A security vulnerability exists in VMware Spring Framework that stems from the use of the RequestBody byte method parameter in the...

PT-2024-28235 · Unknown +1 · Spring Mvc +1

Name of the Vulnerable Software and Affected Versions: Spring MVC affected versions not specified Description: The issue concerns Spring MVC controller methods that utilize an @RequestBody byte method parameter, making them susceptible to Denial of Service DoS attacks. Recommendations: At the...

Critical: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.4.4 for Spring Boot security update.

Red Hat build of Apache Camel 4.4.4 for Spring Boot release and security update is now available. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...