Thursday | Nov 28 2024 |

post-add
post-add

"Spring Break" - Critical Security Vulnerability Found!

BW Online Bureau Mar 06, 2018

Reports are surfacing on "Spring Break"  - a new critical remote code execution (RCE) vulnerability, which is affecting Pivotal Spring frameworks including Spring Boot, the world's most popular framework for building web applications.

Steve Giguere, EMEA engineer at Synopsys' Software Integrity Group, said: “This is another good example of where free and open source software (FOSS) management is essential. Not only would a FOSS analysis tool have found this vulnerability months before this official announcement (the CVE for this is dated January 4th 2018 - https://nvd.nist.gov/vuln/detail/CVE-2017-8046), but those using such a tool would have been alerted of the vulnerability in this framework hours after it was listed on NVD, as opposed to months later.  

"Hackers are looking for low hanging fruit, and understanding how important the gap between the discovery of a serious defect and taking action is essential.  Finding out as early as possible and fixing serious vulnerabilities in FOSS is critical to ensuring companies do not become the next headline.”

Also Read

SECURITY
Sep 11, 2024
CIA’s CIO La’Naia Jones Discusses AI Driving National Security
3 mins read
SECURITY
Aug 27, 2024
OpenAI backs California's AI legislation mandating "watermarking" of synthetic material.
2 mins read
SECURITY
Sep 08, 2021
Wipro and Securonix Announce Partnership to Deliver Managed Security Services
3 mins read
SECURITY
Jun 16, 2021
Factors To Consider For The Security Of Cloud Infrastructure
5 mins read
SECURITY
Feb 25, 2021
Digitalization Brings Forth A New Area Of Expertise For CFOs: Cybersecurity
5 mins read
SECURITY
Dec 29, 2020
Cybersecurity Tips For The Household CIO Of 2020
4 mins read

Stay in the know with our newsletter