Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Tenable Nessus
Tenable Nessusadded 2025/08/26 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-38807

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be...

6.3CVSS7.3AI score0.00123EPSS
Exploits0References3
OSV
OSVadded 2024/08/23 9:30 a.m.2 views

GHSA-7CJ3-X93G-GJ76 Signature forgery in Spring Boot's Loader

Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another...

7.2CVSS7.1AI score0.00123EPSS
Exploits0References4
OSV
OSVadded 2024/08/23 9:15 a.m.28 views

CVE-2024-38807

Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another...

6.3CVSS7AI score0.00123EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2024/08/23 9:15 a.m.23 views

CVE-2024-38807

Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another...

6.3CVSS7.1AI score0.00123EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/08/23 8:26 a.m.13 views

CVE-2024-38807 CVE-2024-38807: Signature Forgery Vulnerability in Spring Boot's Loader

Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another...

6.3CVSS7.2AI score0.00123EPSS
Exploits0References1
Debian CVE
Debian CVEadded 2024/08/23 8:26 a.m.14 views

CVE-2024-38807

Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another...

6.3CVSS8.5AI score0.00123EPSS
Exploits0
CVE
CVEadded 2024/08/23 8:26 a.m.94 views

CVE-2024-38807

CVE-2024-38807 describes a signature forgery vulnerability in VMware Spring Boot/loader components where signature verification of nested JARs can be bypassed, enabling content signed by one signer to appear signed by another. The NVD summary matches this description. Connected advisories identif...

6.3CVSS6.5AI score0.00123EPSS
Exploits0References2
Rows per page
Query Builder