1879 matches found
This Week in Spring - November 19th, 2024
Hi, Spring fans! How are you? Can you believe we're already staring at the end of the month? It's that time of the year when we see new releases, and the new releases reflect that frenzy! Soon: Spring Boot 3.4.0! Are you updated? Make sure you're updated! Remember: Spring projects leave open sour...
CVE-2024-38828
A flaw was found in the Spring Framework. In certain versions, Spring MVC controller methods with a @RequestBody byte method parameter are vulnerable to a denial of service attack...
DEBIAN-CVE-2024-38828
Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack...
VMware Spring Framework 安全漏洞
VMware Spring Framework is a set of open source Java, JavaEE application frameworks from VMware. The framework helps developers build high-quality applications. A security vulnerability exists in VMware Spring Framework that stems from the use of the RequestBody byte method parameter in the...
VMware Spring Framework < 5.3.42 DoS Vulnerability - Linux
The VMware Spring Framework is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
VMware Spring Framework < 5.3.42 DoS Vulnerability - Windows
The VMware Spring Framework is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Security Bulletin: IBM Sterling Connect:Direct Web Services is uses spring-web-6.0.21.jar which is vulnerable to denial of service
Summary IBM Sterling Connect:Direct Web Services uses VMware Tanzu Spring Framework is vulnerable to a denial of service, caused by improper input validation. Vulnerability Details CVEID:CVE-2024-38809 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service, caused by...
K000148465: Spring framework vulnerability CVE-2024-38816
Security Advisory Description Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible to the process i...
Exploit for Code Injection in Vmware Spring_Framework
Expoitation-de-la-vuln-rabilit-CVE-2022-22965 La vulnérabilité...
spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression
A flaw was found in the Spring framework package. A maliciously crafted Spring Expression Language SePL may trigger uncontrolled CPU usage, leading to a denial of service in the application consuming it. To be considered vulnerable, one application has to evaluate user-supplied SpEL expressions...
spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression
A flaw was found in the Spring framework package. A maliciously crafted Spring Expression Language SePL may trigger uncontrolled CPU usage, leading to a denial of service in the application consuming it. To be considered vulnerable, one application has to evaluate user-supplied SpEL expressions...
spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression
A flaw was found in the Spring framework package. A maliciously crafted Spring Expression Language SePL may trigger uncontrolled CPU usage, leading to a denial of service in the application consuming it. To be considered vulnerable, one application has to evaluate user-supplied SpEL expressions...
spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression
A flaw was found in the Spring framework package. A maliciously crafted Spring Expression Language SePL may trigger uncontrolled CPU usage, leading to a denial of service in the application consuming it. To be considered vulnerable, one application has to evaluate user-supplied SpEL expressions...
Security Bulletin: IBM PowerVM Novalink is vulnerable because VMware Tanzu Spring Framework is vulnerable to a denial of service, caused by improper input validation.
Summary IBM PowerVM Novalink is vulnerable because VMware Tanzu Spring Framework is vulnerable to a denial of service, caused by improper input validation. By sending a specially crafted Spring Expression Language SpEL expression, a remote attacker could exploit this vulnerability to cause a deni...
Exploit for Code Injection in Vmware Spring_Framework
Project Spring4Shell CVE-2022-22965 Blocker Firewall Se...
Exploit for Code Injection in Vmware Spring_Framework
Project Spring4Shell CVE-2022-22965 Blocker Firewall Se...
The vulnerability of the functional web framework WebFlux.fn within the Spring Framework allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the functional web frameworks WebMvc.fn and WebFlux.fn in the Spring Framework is due to deficiencies in the authentication process. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
K000148349: Spring framework vulnerability CVE-2024-38819
Security Advisory Description The cve record for the cve id does not exist. CVE-2024-38819 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently supported releases for potential vulnerability, and...
The vulnerability of the functional web frameworks WebMvc.fn and WebFlux.f of the Spring Framework allows a attacker to gain access to any file in the file system.
The vulnerability of the functional web frameworks WebMvc.fn and WebFlux.f of the Spring Framework is related to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow an attacker to access any file in the file system...
The vulnerability of the Spring Framework software platform, related to resource release errors, allows attackers to trigger service failures.
The vulnerability of the Spring Framework software platform is related to resource release errors. Exploiting this vulnerability can allow an attacker to cause service failures...