Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

Dissecting Spring4Shell

An RCE vulnerability affecting Spring Core’s JDK 9 and later has become a trending topic in cybersecurity networks during the past couple days. This discovery, compared by some to the Log4Shell vulnerability, generated a lot of confusion and even got mistook with a different vulnerability affecting Spring Cloud, which got a CVE assigned the same day, and even linked them to completely unrelated commits on Spring Core’s GitHub.

The Next Log4Shell? Spring4Shell Hitting Waves.

A new vulnerability was found in the Spring Core module of the Spring Framework. This was discovered by a Chinese security researcher, posting a Proof-of-Concept (POC) on GitHub (Figure 1), which later was deleted. This vulnerability is a zero-day, which currently wasn’t assigned a CVE, and was dubbed by security researchers as “Spring4Shell” or “SpringShell”, after the recent vulnerability in the Log4j Java package, discovered last December, and made waves worldwide.

Spring4Shell Zero-Day Vulnerability: Information and Remediation for CVE-2022-22965

Overview The internet is abuzz with the disclosure of CVE-2022-22965, an RCE vulnerability in Spring, one of the most popular open-source frameworks for Java applications in use today. Known as “Spring4Shell” or “SpringShell”, the zero-day vulnerability has triggered widespread concern about the possibility of a wave of malicious attacks targeting vulnerable applications. Is this Log4j 2.0?

Using the Snyk Vulnerability Database to find projects for The Big Fix

As developers, we all have our morning startup routine: make coffee, check Slack/Discord/email, read the latest news. One thing I do as part of my daily startup routine is check the Snyk Vulnerability Database for the latest open source vulnerabilities. It’s been especially interesting to see the types of exploits and vulnerabilities that appear in different ecosystems.

Important Updates on Spring4Shell Vulnerability

In December 2021, the cybersecurity industry was made aware of CVE-2021-44228, known as Log4Shell, a novel vulnerability in a commonly found software component called Java Log4j. Arctic Wolf extensively covered the Log4Shell vulnerability and gave updates as it got involved.

CyRC Vulnerability Analysis: Two distinct Spring vulnerabilities discovered - Spring4Shell and CVE-2022-22963

Two vulnerabilities affecting different Spring projects were identified this week. Here’s what you need to know about Spring4Shell and CVE-2022-22963. The Internet is buzzing with talk about two separate vulnerabilities related to different Spring projects. The two are not related, but have been confused because both vulnerabilities were disclosed at nearly the same time.

Detecting and Mitigating CVE-2022-22963: Spring4Shell RCE Vulnerability

Today, researchers found a new HIGH vulnerability on the famous Spring Cloud Function leading to remote code execution (RCE). The vulnerability CVE-2022-22963 would permit attackers to execute arbitrary code on the machine and compromise the entire host.

Is there such a thing as Spring4Shell?

Very early in the morning on March 30th (for me), my colleague DeveloperSteve posted a “Hey, have you seen this?” message in our slack channel. It was an “advance warning” of a “probable” remote code execution (RCE) in the massively popular Java Spring framework. I would come to find out that even earlier than that, the Snyk Security team started investigation a potential RCE in Spring after seeing a tweet that has since been deleted.

CVE-2022-23648 - Arbitrary Host File Access from containers launched by containerd CRI and its impact on Kubernetes

Recently discovered vulnerability - CVE-2022-23648 - in containerd, a popular container runtime, allows especially containers to gain read-only access to files from the host machine. While general container isolation is expected to prevent such access, in Kubernetes, it is especially dangerous because well-known and highly sensitive files are stored in known locations on the host.