168 matches found
OpenMetadata Security Vulnerabilities
OpenMetadata is a unified discovery, observability and governance platform powered by a central metadata repository, deep along and seamless team collaboration. A security vulnerability exists in OpenMetadata versions prior to 1.2.4 that stems from a SpEL injection vulnerability in PUT...
OpenMetadata Security Vulnerabilities
OpenMetadata is OpenMetadata open source a unified discovery, observability and governance platform powered by a central metadata repository, deep along and seamless team collaboration. A security vulnerability exists in OpenMetadata versions prior to 1.2.4, which stems from a SpEL injection...
PT-2024-3066 · Unknown · Openmetadata
Name of the Vulnerable Software and Affected Versions: OpenMetadata versions prior to 1.2.4 Description: The issue is related to the CompiledRule::validateExpression method, which evaluates an SpEL expression using a StandardEvaluationContext. This allows the expression to interact with Java...
springframework: Spring Expression DoS Vulnerability
A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service DoS...
The vulnerability of the Spring Framework software platform, related to unlimited resource distribution, allows attackers to trigger service failures.
The vulnerability of the Spring Framework software platform is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures by using a specially created SpEL expression...
PT-2023-35623 · Spring · Spring
Name of the Vulnerable Software and Affected Versions: Spring versions affected versions not specified Description: The issue is related to a security exception in the org.springframework.expression.spel.ast.OpPlus.getValueInternal function. It involves the...
The vulnerability of the Spring Framework software, related to errors in processing SpEL expressions, allows attackers to execute arbitrary code.
The vulnerability of the Spring Framework software is related to errors in processing SpEL expressions. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
springframework: Spring Expression DoS Vulnerability
A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service DoS...
springframework: Spring Expression DoS Vulnerability
A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service DoS...
Apache Ambari 安全漏洞
Apache Ambari is an application from the Apache USA Foundation. It provides software developed to configure, manage and monitor Apache Hadoop clusters to simplify Hadoop management. A security vulnerability exists in Apache Ambari versions 2.7.0 through 2.7.6, which originates from a SpringEL...
Apache Ambari 安全漏洞
Apache Ambari is an application from the Apache USA Foundation. Provides software developed to configure, manage and monitor Apache Hadoop clusters to simplify Hadoop management. A security vulnerability exists in Apache Ambari, which originates from a SpringEL injection in the metrics source and...
springframework: Spring Expression DoS Vulnerability
A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service DoS...
OSV-2023-517 Security exception in org.springframework.expression.spel.ast.OpPlus.getValueInternal
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=60112 Crash type: Security exception Crash state: org.springframework.expression.spel.ast.OpPlus.getValueInternal java.base/sun.reflect.generics.reflectiveObjects.TypeVariableImpl.hashCode java.base/java.util.Arrays.hashCode...
RHEL 8 : Red Hat Virtualization (RHSA-2023:3771)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:3771 advisory. The VDSM service is required by a Virtualization Manager to manage the Linux hosts. VDSM manages and monitors the host's storage, memory and...
springframework: Spring Expression DoS Vulnerability
A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service DoS...
Important: Red Hat Security Advisory: Red Hat Virtualization security and bug fix update
An update is now available for Red Hat Virtualization 4 Tools for Red Hat Enterprise Linux 8, Red Hat Virtualization 4 for Red Hat Enterprise Linux 8, and Red Hat Virtualization Engine 4.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common...
springframework: Spring Expression DoS Vulnerability
A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service DoS...
springframework: Spring Expression DoS Vulnerability
A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service DoS...
springframework: Spring Expression DoS Vulnerability
A flaw found was found in Spring Framework. This flaw allows a malicious user to use a specially crafted SpEL expression that causes a denial of service DoS...
Security Bulletin: IBM ECM Content Management Interoperability Services (CMIS) spring-expression security vulnerability CVE-2023-20861
Summary IBM ECM Content Management Interoperability Services CMIS spring-expression security vulnerability CVE-2023-20861, affected, not vulnerable Vulnerability Details CVEID:CVE-2023-20861 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service. By sending a specially...