4 matches found
CVE-2023-34454
snappy-java is a fast compressor/decompressor for Java. Due to unchecked multiplications, an integer overflow may occur in versions prior to 1.1.10.1, causing an unrecoverable fatal error. The function compresschar input in the file Snappy.java receives an array of characters and compresses it. I...
Spring Tips: Learn Spring for GraphQL (the last two episodes: parts 7 and 8)
Hi, Spring fans! In thi^^^ these installments, we continue our series introducing the Spring for GraphQL project. This series features Spring for GraphQL lead Rossen Stoyanchev @rstoya05 - whose work you may know from basically everything in the wide and wonderful world of Springdom having to do...
SAP NetWeaver-XML Toolkit for JAVA Information Disclosure Vulnerability
SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. An information disclosure vulnerability exists in SAP NetWeaver-XML Toolkit for JAVA ENGINEAPI. The vulnerabilit...
SAP J2EE Engine Cross-Site Scripting Vulnerability
SAP J2EE Engine is a set of runtime environments for J2EE applications. A cross-site scripting vulnerability exists in SAP J2EE Engine because SAP J2EE Engine/7.01/Fiori fails to validate or filter user input data, resulting in cross-site scripting in the "ctcprotocol" protocol implementation,...