Google protobuf buffer error vulnerability
Cross-boundary memory write
Google protobuf is a data exchange format of Google (Google). A buffer error vulnerability exists in Google protobuf. A remote attacker could exploit this vulnerability to execute code.
Google Guava Code Issue Vulnerability
Resource allocation without limits or adjustments
Google Guava is a Java core library of Google (Google), including graphics library, function type, I/O and string processing. A code issue vulnerability exists in Google Guava versions 11.0 through 24.1.1 (excluding 24.1.1). This vulnerability stems from improper design or implementation problems in the code development process of network systems or products.
Google Guava Access Control Error Vulnerability
Incorrect permission grant for critical resource
Google Guava is a Java core library of Google (Google), including graphics library, function type, I/O and string processing. There is an access control error vulnerability in Guava before version 30.0. The vulnerability stems from a temporary directory creation vulnerability in Guava, which allows an attacker with access to the machine to potentially access files created by Guava com.google.common.io.Files.createTempDir() Data in the temporary directory created. An attacker could exploit this vulnerability to access special directories.
Google protobuf security vulnerability
incorrect sequence of actions
Google protobuf is a data exchange format of Google (Google). There is a security vulnerability in protobuf-java that allows a small malicious payload to tie up the parser for several minutes by creating a large number of short-lived objects causing frequent, repeated pauses.
com.fasterxml.jackson.core:jackson-core has a resource management error vulnerability
resource management error
com.fasterxml.jackson.core:jackson-core is a Core Jackson abstraction, the basic JSON streaming API implementation. Affected versions of this package are vulnerable to a Denial of Service (DoS) attack. If a REST endpoint uses a POST request with JSON or XML data and the data is invalid, print the first unrecognized token to server.log. .If the first token is a word of length 10MB, print the entire word. This is potentially dangerous and can be used to attack the server by filling the disk with logs.
Jackson-core BigDecimal type handles OOM problems
resource management error
com.fasterxml.jackson.core:jackson-core is a core Jackson abstraction, the basic JSON streaming API implementation. Affected versions of this package are prone to OOM when dealing with BigDecimal types, resulting in denial of service (DoS).
no more content
Failed to load, please refresh the page
#Core #Tools #Homepage #Documentation #Downloads #Core #Model #Toolkit #News Fast Delivery