senooken JP Social
  • FAQ
  • Login
senooken JP Socialはsenookenの専用分散SNSです。

  • Public

    • Public
    • Network
    • Groups
    • Popular
    • People

Conversation

Notices

  1. 欠勤回避 (hina@mstdn.maud.io)'s status on Thursday, 31-Mar-2022 19:55:12 JST 欠勤回避 欠勤回避

    [Spring4Shell: Security Analysis of the latest Java RCE '0-day' vulnerabilities in Spring | LunaSec](https://www.lunasec.io/docs/blog/spring-rce-vulnerabilities/)

    > Praetorian has confirmed that this is exploitable, but we still don't have all the details around how widespread or exploitable this is.

    > Update: The authors of Spring have yet to make an official statement about this but are suspected to be working on a patch to mitigate the vulnerability.

    In conversation Thursday, 31-Mar-2022 19:55:12 JST from mstdn.maud.io permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: www.lunasec.io
      Spring4Shell: Security Analysis of the latest Java RCE '0-day' vulnerabilities in Spring | LunaSec
      from https://github.com/freeqaz,https://github.com/breadchris,https://github.com/factoidforrest
      We've been taking a look at the new zero-day exploit, dubbed Spring4Shell, supposedly discovered in Spring Core to determine if it's a problem or not, as well as explained another RCE vulnerability found in Spring.

    Feeds

    • Activity Streams
    • RSS 2.0
    • Atom
    • Help
    • About
    • FAQ
    • TOS
    • Privacy
    • Source
    • Version
    • Contact

    senooken JP Social is a social network, courtesy of senooken. It runs on GNU social, version 2.0.2-beta0, available under the GNU Affero General Public License.

    Creative Commons Attribution 3.0 All senooken JP Social content and data are available under the Creative Commons Attribution 3.0 license.