all InfoSec news
Spring4Shell and CVE-2022-22963 vulnerabilities
April 1, 2022, 7 a.m. |
FortiGuard Labs | FortiGuard Center - IR Advisories fortiguard.fortinet.com
The two vulnerabilities are currently known as :
Spring4Shell:
There is currently no fix available for the Spring4Shell vulnerability. However we know that it affects
products using the spring framework with a JDK 9 or above.
https://www.cyberkendra.com/2022/03/springshell-rce-0-day-vulnerability.html?fbclid=IwAR2fXxKQjG9vnJiOaXyZ1N_Ypx91TOzO6f48qGZRfKRzinYtD5nUCIptIjg&m=1
CVE-2022-22963:
In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing
functionality it is possible for a user to provide a specially …
More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - IR Advisories
Jobs in InfoSec / Cybersecurity
Lead Security Engineer
@ JPMorgan Chase & Co. | Tampa, FL, United States
GTI Manager of Cybersecurity Operations
@ Grant Thornton | Tulsa, OK, United States
GCP Incident Response Engineer
@ Publicis Groupe | Dallas, Texas, United States
DevSecOps Engineer - CL - Santiago
@ Globant | Santiago de Chile, Santiago, CL
IT Security Analyst - State Government & Healthcare
@ NTT DATA | Little Rock, AR, US
Exploit Developer
@ Peraton | Fort Meade, MD, United States