bugalert
By BugAlertDotOrg
spring-rce-vulnerable-app
Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228) and the possible Spring RCE vulnerability. (by lunasec-io)
bugalert | spring-rce-vulnerable-app | |
---|---|---|
8 | 1 | |
207 | 30 | |
0.0% | - | |
4.7 | 7.2 | |
5 months ago | about 2 years ago | |
Python | Java | |
MIT License | Apache License 2.0 |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
bugalert
Posts with mentions or reviews of bugalert.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-03-30.
- Confirmed remote code execution (RCE) in Spring Core, an extremely popular Java framework
- Spring Core RCE has been confirmed
- Spring4Shell: 0-day RCE on Spring Core
-
Spring Cloud Function SPEL Expression Injection Vulnerability Alert
Also: https://github.com/BugAlertDotOrg/bugalert/blob/main/content/notices/2022-03-29-spring.md
- Possible Spring core RCE
-
We desperately need a way to notify people of high-impact vulns, so I built one
etc
Category list is found at: https://github.com/BugAlertDotOrg/bugalert#category
Again, working on getting this all up on the site soon if you'd prefer to just check back later.
-
We desperately need a way to rapidly notify people of high-impact vulnerabilities, so I built one
Feel free to open a GitHub issue! https://github.com/BugAlertDotOrg/bugalert/issues
spring-rce-vulnerable-app
Posts with mentions or reviews of spring-rce-vulnerable-app.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-03-30.
-
Spring4Shell: 0-day RCE on Spring Core
Thank you, this does clarify things a bit. What confused me is the constant referencing of SerializationUtils as in https://github.com/lunasec-io/spring-rce-vulnerable-app/blob/main/src/main/java/fr/christophetd/log4shell/vulnerableapp/MainController.java
What are some alternatives?
When comparing bugalert and spring-rce-vulnerable-app you can also consider the following projects:
Spring - Spring Framework
Spring4Shell-POC - Dockerized Spring4Shell (CVE-2022-22965) PoC application and exploit
SpringCore0day - SpringCore0day from https://share.vx-underground.org/ & some additional links
Spring4Shell-POC - Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965