all InfoSec news
CVE-2022-22965 and CVE-2022-22963 vulnerabilities
April 1, 2022, 7 a.m. |
FortiGuard Labs | FortiGuard Center - IR Advisories fortiguard.fortinet.com
The two vulnerabilities are currently known as :
CVE-2022-22965 or Spring4Shell:
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is …
More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - IR Advisories
Jobs in InfoSec / Cybersecurity
Red Team Operator
@ JPMorgan Chase & Co. | LONDON, United Kingdom
SOC Analyst
@ Resillion | Bengaluru, India
Director of Cyber Security
@ Revinate | San Francisco Bay Area
Jr. Security Incident Response Analyst
@ Kaseya | Miami, Florida, United States
Infrastructure Vulnerability Consultant - (Cloud Security , CSPM)
@ Blue Yonder | Hyderabad
Product Security Lead
@ Lely | Maassluis, Netherlands