Tag
rce-vulnerability
Safeguard articles tagged "rce-vulnerability" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Vulnerability Analysis
Apache Commons FileUpload RCE (CVE-2016-1000031)
CVE-2016-1000031 is a critical Apache Commons FileUpload deserialization RCE that still lurks in transitive Java dependencies years after its fix.
Dec 24, 20257 min read
Vulnerability Analysis
Spring Cloud Function SpEL injection RCE (CVE-2022-22963)
CVE-2022-22963 lets attackers RCE unpatched Spring Cloud Function apps via one SpEL header. CVSS 9.8. Here's the fix, fast.
Dec 24, 20258 min read
Vulnerability Analysis
Spring Cloud Gateway actuator RCE (CVE-2022-22947)
A critical SpEL injection flaw in Spring Cloud Gateway's actuator API let unauthenticated attackers run code. Here's the impact, timeline, and fixes.
Dec 23, 20257 min read