Security Bulletin: IBM OpenPages for Cloud Pak for Data is Vulnerable to Multiple Spring Framework Vulnerabilities (CVE-2024-38820,CVE-2025-22233)
Summary Spring MVC controller vulnerable to a DoS attack and DataBinder Case Sensitive Match Exception. These vulnerabilities were remediated. Vulnerability Details CVEID:CVE-2024-38820 DESCRIPTION: The fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive. However,...