On March 29th, 2022, two separate RCE (Remote Code Execution) vulnerabilities related to different Spring projects were published and discussed all over the internet. In addition, a third vulnerability in a Spring project was disclosed – this time a DoS
This is the MOST RECENT update to our previous research blog: APACHE LOG4J REMOTE CODE EXECUTION – CVE-2021-44228 On December 9th the most critical zero-day exploit in recent years was disclosed, affecting most of the biggest enterprise companies. This critical
On December 9th, the most critical zero-day exploit in recent years was discovered affecting most of the biggest enterprise companies. This critical 0-day exploit was discovered in the extremely popular Java logging library log4j which allows RCE (Remote code execution)
This is the third and final blog on Exploitable Path – a unique feature that allows our customers to prioritize vulnerabilities in open-source libraries. In the first blog, we introduced the concept of Exploitable Path and its importance. The conclusion
In my previous blog, I walked you through the reasoning and importance of the Exploitable Path feature in the Checkmarx CxSCA solution. We discussed the challenges of prioritizing vulnerabilities in open source dependencies and defined what it means for a
If you look at the way code is written today vs. a few years back, one of the major changes is the transition to open source. What was once considered an unsafe methodology has grown and matured, and now almost
©2023 Checkmarx Ltd. All Rights Reserved. iISO/IEC 27001:2013 Certified
