3 matches found
CVE-2023-46131
CVE-2023-46131 — Grails data binding DoS : A vulnerability in Grails data binding allows a specially crafted web request to cause a JVM crash or denial of service. Affected: Grails framework applications using data binding. Root cause: improper handling in data binding exposed to request data (as...
CVE-2023-46131 Grails® data binding causes JVM crash and/or DoS
Grails is a framework used to build web applications with the Groovy programming language. A specially crafted web request can lead to a JVM crash or denial of service. Any Grails framework application using Grails data binding is vulnerable. This issue has been patched in version 3.3.17, 4.1.3,...
io.github.matrei:grails-inertia-plugin (=2.0.0), org.grails.plugins:gsp (>=6.0.1 <=6.0.3) +22 more potentially affected by CVE-2023-46131 via org.grails:grails-databinding (=6.0.0)
org.grails:grails-databinding MAVEN version =6.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.grails:grails-databinding and may be impacted: - io.github.matrei:grails-inertia-plugin =2.0.0 - org.grails.plugins:gsp =6.0.1, =6.0.3 -...