The newly discovered CVE-2022-42889 made some headlines recently. In this short blog we will discuss what the vulnerability is, its impact, and mitigation. The package affected by the CVE is Apache Commons Text, an open-source Apache library that is “focused
2 security issues found on spring function cloud. The Spring Framework application provides a flexible and comprehensive method for programming and configuring Java-based enterprise applications. One of the main purposes of Spring is to relieve developers from many infrastructural tasks
NPM, the package manager for Node.js, is an open source project that serves as a critical part of the JavaScript community and helps support one of the largest developer ecosystems. According to its website, “npm is relied upon by more
Log4j is a highly popular logging package in Java that is used widely by developers, companies such as Google, Steam, Apple, Minecraft, and even on one of NASA’s Mars rovers utilize this package. On December 9th, the most critical zero-day
As part of the beta testing phase that took place earlier this year for our recently launched Software Composition Analysis solution, CxSCA, the Checkmarx Security Research Team investigated Mozilla-Bleach, finding multiple concerning security vulnerabilities. Patches were released in mid-March 2020,
©2023 Checkmarx Ltd. All Rights Reserved. iISO/IEC 27001:2013 Certified
