CVE-2025-46822 – Apache Spring Boot Java Path Traversal Vulnerability

May 21, 2025

CVE ID : CVE-2025-46822

Published : May 21, 2025, 6:15 p.m. | 2 hours, 26 minutes ago

Description : OsamaTaher/Java-springboot-codebase is a collection of Java and Spring Boot code snippets, applications, and projects. Prior to commit c835c6f7799eacada4c0fc77e0816f250af01ad2, insufficient path traversal mechanisms make absolute path traversal possible. This vulnerability allows unauthorized access to sensitive internal files. Commit c835c6f7799eacada4c0fc77e0816f250af01ad2 contains a patch for the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-47291 – Containerd CRI Kubernetes Cgroup Bypass Denial of Service

Next Article CVE-2025-2102 – HYPR Passwordless Link Following Privilege Escalation Vulnerability

Highlights

CVE-2025-5887 – jsnjfz WebStack-Guns Cross-Site Scripting Vulnerability

June 9, 2025

CVE ID : CVE-2025-5887

Published : June 9, 2025, 5:15 p.m. | 3 hours, 12 minutes ago

Description : A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been classified as problematic. Affected is an unknown function of the file UserMgrController.java of the component File Upload. The manipulation of the argument File leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

Blackstone portfolio company R Systems Acquires Novigo Solutions, Strengthening its Product Engineering and Full-Stack Agentic-AI Capabilities

HoundDog.ai Launches Industry’s First Privacy-by-Design Code Scanner for AI Applications

The Double-Edged Sustainability Sword Of AI In Web Design

Explore the best of GitHub Universe: 9 spaces built to spark creativity, connection, and joy

From Facts & Metrics to Media Machine Learning: Evolving the Data Engineering Function at Netflix

Developer Spotlight: Ruud Luijten

A Countable

Copy Errors as Markdown to Share With AI in Laravel 12.25

Copy Errors as Markdown to Share With AI in Laravel 12.25

Deconstructing the Request Lifecycle in Sitecore Headless – Part 2: SSG and ISR Modes in Next.js

Susan Etlinger, AI Analyst and Industry Watcher on Building Trust

Kdenlive 25.08 Enhances Audio Mixer, Adds 10-bit H.265 Support

Kdenlive 25.08 Enhances Audio Mixer, Adds 10-bit H.265 Support

Thunderbird Shares New Details on Upcoming Pro Features

Rilasciata Besgnulinux 3.0: Leggerezza Debian con desktop JWM

CVE-2025-46822 – Apache Spring Boot Java Path Traversal Vulnerability

CVE-2025-52352 – Aikaan IoT Management Platform Sign-up API Authentication Bypass

CVE-2025-7051 – N-central Syslog Configuration Privilege Escalation Vulnerability

SteamOS saves the Legion Go S — and you can save on the superior version this 4th of July

Cisco fixes two critical make-me-root bugs on Identity Services Engine components

Pedestrians now walk faster and linger less, researchers find

CVE-2025-8814 – Atjiu Pybbs Cross-Site Request Forgery Vulnerability

CVE-2025-5887 – jsnjfz WebStack-Guns Cross-Site Scripting Vulnerability

PowerToys Run adds Internet speed test, video downloader & more

CVE-2025-31359 – Parallels Desktop Directory Traversal Vulnerability

Representative Line: What the FFFFFFFF

CVE-2025-46822 – Apache Spring Boot Java Path Traversal Vulnerability

Related Posts