Lucene search
K

750 matches found

Cvelist
Cvelist
added 2024/01/31 6:54 a.m.34 views

CVE-2024-22236

In Spring Cloud Contract, versions 4.1.x prior to 4.1.1, versions 4.0.x prior to 4.0.5, and versions 3.1.x prior to 3.1.10, test execution is vulnerable to local information disclosure via temporary directory created with unsafe permissions through the shaded com.google.guava:guava dependency in...

3.3CVSS5.5AI score0.00223EPSS
Exploits0References1
CVE
CVE
added 2024/01/31 6:54 a.m.47 views

CVE-2024-22236

Spring Cloud Contract (org.springframework.cloud:spring-cloud-contract-shade) is affected. Versions 4.1.x before 4.1.1, 4.0.x before 4.0.5, and 3.1.x before 3.1.10 permit local information disclosure due to temporary directories created with unsafe permissions via the shaded com.google.guava:guav...

5.5CVSS5.2AI score0.00223EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/01/31 12:0 a.m.3 views

Spring Cloud Security Vulnerabilities

Spring Cloud is a microservices framework implemented in Spring Boot by the Spring team. A security vulnerability exists in Spring Cloud Contract versions prior to 4.1.1, 4.0.5, and 3.1.10, which can be exploited to disclose local information through a temporary directory created with insecure...

5.5CVSS6.1AI score0.00223EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/01/31 12:0 a.m.6 views

PT-2024-19288 · Google +1 · Guava +1

Name of the Vulnerable Software and Affected Versions: Spring Cloud Contract versions 3.1.x prior to 3.1.10 Spring Cloud Contract versions 4.0.x prior to 4.0.5 Spring Cloud Contract versions 4.1.x prior to 4.1.1 Description: The issue concerns local information disclosure via a temporary director...

5.5CVSS5.2AI score0.00223EPSS
Exploits0References11
Spring Security Advisories
Spring Security Advisories
added 2024/01/30 12:0 a.m.14 views

This Week in Spring - January 30th, 2024

Hi, Spring fans! It's January 30th, and it's a very special week for me as, tomorrow, I celebrate my birthday and the birthday of my biological father with whom I share the same birthday! Happy birthday, dad! Sadly, he passed in 2019. I'm pretty excited! I'm turning 40. Feels good. Almost as good...

7.2AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2024/01/16 12:0 a.m.21 views

This Week in Spring - January 16th, 2024

Hi, Spring fans! Welcome to another installment of This Week in Spring! It's the 16th of January already! We're closer to February than not! I can hardly believe it. As always, we've got a lot to cover so let's dive right into it. the Spring Authorization Server 1.3.0-m1 is now available this is...

7.2AI score
Exploits0
Gitee
Gitee
added 2023/12/22 10:2 p.m.4 views

Exploit for Expression Language Injection in Vmware Spring_Cloud_Gateway

开源工具 SpringBoot-Scan 的GUI图形化版本,对你有用的话麻烦点个Star哈哈 注意:本工具内置相关漏洞的Exp,杀软报毒属于正常现象! 新版本工具使用 python3 main.py VulHub 漏洞测试环境搭建 git clone https://github.com/vulhub/vulhub.git 安装Docker环境 sudo apt-get install docker.io sudo apt install docker-compose 搭建CVE-2022-22965 cd /vulhub/CVE-2022-22965 sudo...

10CVSS8.3AI score0.99939EPSS
Exploits181
Spring Security Advisories
Spring Security Advisories
added 2023/12/12 12:0 a.m.9 views

This Week in Spring - December 12th, 2023

Hi, Spring fans! Welcome to a new installment of This Week in Spring! We've got a ton of stuff to get into, so let's dive right in! Laur Spilca and I look at how to ugprade a Spring Security 5.x application to Spring Security 6.x. Apache SkyWalking with Sheng Wu and Apache ShardingSphere with...

7.1AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/12/05 12:0 a.m.9 views

This Week in Spring - December 5th, 2023

Hi, Spring fans! Welcome to another installment of This Week in Spring! today, Spring Cloud, based on Spring Boot 3.2, goes GA! Don't miss this! I love this blog by Spring Framework legend Sébastien Deleuze on CDS with Spring Framework 6.1 I really enjoyed this discussion with Spring Security...

7.1AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/11/14 12:0 a.m.8 views

This Week in Spring - November 14th, 2023

Hi, Spring fans! Welcome to another installment of This Week in Spring! It's November 14th, and you know what that means? NINE MORE DAYS until Spring Boot 3.2 drops on the day of the US holiday of Thanksgiving, no less! Some key features include: virtual threads initial CRaC support more...

7.1AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/11/07 12:0 a.m.19 views

This Week in Spring - November 7th, 2023

Hi, Spring fans! Can you believe we've already turned the calendar page to November? Time sure is a swift developer, deploying months as if they were minor versions in an ever-evolving application. As we adjust our clocks to fall back, waving a reluctant goodbye to daylight savings time, the...

7AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/10/31 12:0 a.m.16 views

This Week in Spring - October 31st, 2023

Hi Spring fans, and Happy Halloween from the Spring team to those who celebrate! I hope your evening is fun and your day free of scary bugs! My friends, we've got some interesting stuff to look at this week so let's dive right into it. A Bootiful Podcast: Mr. Spring in Action, Craig Walls Spring...

7.4AI score
Exploits0
GithubExploit
GithubExploit
added 2023/10/28 9:42 p.m.402 views

Exploit for Code Injection in Vmware Spring_Cloud_Function

CVE-2022-22963-Poc-Bearcules This is a POC for CVE-2022-229...

9.8CVSS9.5AI score0.99939EPSS
Exploits36
Spring Security Advisories
Spring Security Advisories
added 2023/10/24 12:0 a.m.13 views

A Use Case for Transactions: Outbox Pattern Strategies in Spring Cloud Stream Kafka Binder

Other parts in this blog series Part 1: Introduction to Transactions in Spring Cloud Stream Kafka Applications Part 2: Producer Initiated Transactions in Spring Cloud Stream Kafka Applications Part 3: Synchronizing with External Transaction Managers in Spring Cloud Stream Kafka Applications Part ...

7.3AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/10/17 12:0 a.m.16 views

This Week in Spring - October 17th, 2023

Hi, Spring fans! Welcome to yet another installment of This Week in Spring! It's October 17th, 2023, and I am here in Montreal, Canada, and then I'm off to Salt Lake City, Utah on Thursday for the Java User Group there. Don't miss it! We've got a lot to cover this week so let's dive right into it...

6.8AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/10/16 12:0 a.m.13 views

Apache Kafka’s Exactly-Once Semantics in Spring Cloud Stream Kafka Applications

Other parts in this blog series Part 1: Introduction to Transactions in Spring Cloud Stream Kafka Applications Part 2: Producer Initiated Transactions in Spring Cloud Stream Kafka Applications Part 3: Synchronizing with External Transaction Managers in Spring Cloud Stream Kafka Applications Part ...

6.6AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/10/11 12:0 a.m.25 views

Transactional Rollback Strategies with Spring Cloud Stream and Apache Kafka

Other parts in this blog series Part 1: Introduction to Transactions in Spring Cloud Stream Kafka Applications Part 2: Producer Initiated Transactions in Spring Cloud Stream Kafka Applications Part 3: Synchronizing with External Transaction Managers in Spring Cloud Stream Kafka Applications In th...

6.8AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/10/04 12:0 a.m.24 views

Synchronizing with External Transaction Managers in Spring Cloud Stream Kafka Applications

Other parts in this blog series Part 1: Introduction to Transactions in Spring Cloud Stream Kafka Applications Part 2: Producer Initiated Transactions in Spring Cloud Stream Kafka Applications In the previous part of this blog series, we saw the basics of transaction management, primarily when...

7.2AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/10/03 12:0 a.m.21 views

This Week in Spring - October 3rd, 2023

Hi Spring fans! Welcome to another installment of This Week in Spring! How're you doin'? I've just flown in from Singapore - where I was keynoting and presenting at SpringOne Singapore - and am now in Antwerp, Belgium for the deliriously fun Devoxx Belgium show. I've missed this show, and it's a...

6.8AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2023/09/28 12:0 a.m.23 views

Producer Initiated Transactions in Spring Cloud Stream Kafka Applications

Other parts in this blog series Part 1: Introduction to Transactions in Spring Cloud Stream Kafka Applications This article is part 2 of the blog series in which we look at transactions in detail with Spring Cloud Stream and Apache Kafka. We saw a general introduction to transactions in the...

7AI score
Exploits0
Rows per page
Query Builder