Lucene search
K

6 matches found

Packet Storm News
Packet Storm News
added 2026/05/08 12:0 a.m.7 views

Can I Check What I Designed? Mapping Security Design DSLs to Code Analyzers

When assessing the potential impact of code-level vulnerabilities, e.g., discovered by automated analyzers, it is essential to consider them in the context of the system's security design. However, this is a challenging task due to the abstraction gap between security design, often specified usin...

5.7AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/03/21 12:0 a.m.97 views

This Week in Spring - March 21st, 2023

Hi, Spring fans! Welcome to another rip roaring installment of This Week in Spring! It's March 21st and today they announced Java 20! It's an exciting time to be a Java developer. Java 20, of course, is just another amazing installment before Java 21, which comes out in six short months, includin...

6.6AI score0.03514EPSS
Exploits1
Spring Security Advisories
Spring Security Advisories
added 2023/03/17 12:0 a.m.36 views

Kotlin DSLs in the world of Springdom

Kotlin is a beautiful language that makes it trivial to take old Java libraries and make them much more concise, just by virtue of the Kotlin syntax itself. It shines, however, when you write DSLs. Here's some inside baseball for you: the Spring teams do their level-headed best to be cohesive, to...

7.3AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/03/16 12:0 a.m.16 views

A Bootiful Podcast: Spring Batch lead Mahmoud Ben Hassine on the latest and greatest in 2023

Hi, Spring fans! Welcome to another installment of A Bootiful Podcast! In this installment, Josh Long @starbuxman talks to Spring Batch lead Mahmoud Ben Hassine @FMBENHASSINE about the latest and greatest in Spring Batch. notes Submit your talk to SpringOne@Explore, being held August 21-24, 2023,...

0.6AI score
Exploits0
OSV
OSV
added 2022/05/18 12:0 a.m.25 views

GHSA-2XVX-RW9P-XGFC Sandbox bypass vulnerability through implicitly allowlisted platform Groovy files in Jenkins Pipeline: Groovy Plugin

Pipeline: Groovy Plugin allows pipelines to load Groovy source files. This is intended to be used to allow Global Shared Libraries to execute without sandbox protection. In Pipeline: Groovy Plugin 2689.v434009a31bf1 and earlier, any Groovy source files bundled with Jenkins core and plugins could ...

7.5CVSS8.6AI score0.01244EPSS
Exploits0References6
CNVD
CNVD
added 2022/02/09 12:0 a.m.26 views

Sensio Labs Twig Injection Vulnerability

Sensio Labs Twig is a PHP template engine from the French company Sensio Labs that supports custom tags and filters and the creation of DSLs. Sensio Labs Twig is vulnerable to injection, which can be exploited by attackers to run arbitrary PHP functions...

9.8CVSS3.1AI score0.08209EPSS
Exploits3References1
Rows per page
Query Builder