CVE-2024-22243 - Bypassing Security Checks in UriComponentsBuilder due to URL Host Validation Vulnerabilities
Recently, a new vulnerability has been discovered in the UriComponentsBuilder library (CVE-2024-22243), which may impact applications that perform validation checks on URLs. This vulnerability could
CVE-2024-22233: Spring Framework Denial of Service Vulnerability Affecting Spring MVC and Spring Security Applications
A newly discovered vulnerability, CVE-2024-22233, has been identified in Spring Framework versions 6..15 and 6.1.2. This critical issue could allow an attacker
CVE-2023-34054: Denial-of-Service Vulnerability in Reactor Netty HTTP Server with Micrometer Integration
A recent vulnerability has been discovered in the Reactor Netty HTTP Server, having been assigned the identifier CVE-2023-34054. This vulnerability affects versions 1.1.x
CVE-2023-34047 - Security Vulnerability in Spring for GraphQL's Batch Loader Function Leading to Data Leakage Between Sessions
In this post, we will be discussing a recently discovered vulnerability affecting the Spring for GraphQL framework that allows an attacker to gain access to
CVE-2023-34040: Spring for Apache Kafka Deserialization Vulnerability and Mitigation
A recently discovered vulnerability (CVE-2023-34040) in Spring for Apache Kafka versions 3..9 and earlier, as well as versions 2.9.10 and earlier, has
Episode
00:00:00
00:00:00