CVE-2022-25762
A flaw was found in the tomcat package. When a web application sends a WebSocket message concurrently with the WebSocket connection closing, the application may continue to use the socket after it has ...
Continue ReadingMay 30, 2022
Allocation of Resources Without Limits or Throttling in Spring Framework
In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated u ...
Continue ReadingMay 30, 2022
Back to Main