Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Grails® data binding causes JVM crash and/or DoS
Vulnerability Description
Grails is a framework used to build web applications with the Groovy programming language. A specially crafted web request can lead to a JVM crash or denial of service. Any Grails framework application using Grails data binding is vulnerable. This issue has been patched in version 3.3.17, 4.1.3, 5.3.4, 6.1.0.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
Grails 资源管理错误漏洞
Vulnerability Description
Grails是Grails项目的一套基于Groovy编程语言且用于快速开发Web应用的开源框架。 Grails存在资源管理错误漏洞,该漏洞源于允许攻击者通过特制的web请求导致JVM拒绝服务(DOS)。受影响的产品和版本:Grails 6.1.0之前的6.0.0版本,5.3.4之前的5.0.0版本,4.1.3之前的4.0.0版本,3.3.17之前的3.0.0版本,2.0.0至3.0.0之前版本。
CVSS Information
N/A
Vulnerability Type
N/A