close
close

VMware Tanzu Spring Security: Automatic Protection Arrangement

VMware Tanzu Spring Security: Automatic Protection Arrangement

In VMware Tanzu Spring Security, an important security measure can be taken for automatic security adjustments. Current Software comes with Sicherheitsleck Stopft.

Anzeige


Spring Security has an Authentication and Zugriff Control Framework configuration like Standard for Spring Fundamentals. in Einer Sicherheitsmitteilung warns Spring-Security-EntwicklerBenefit from gewissen Umständen in Spring Webflux-Anwendungen, Spring-Security-Autorisierungsregeln auf statistische Ressourcen einsetzen, jene Regeln umgehbar sind (CVE-2024-38821, CVSS) 9.1“Risk”critical“). A concrete Webflux-Anwendung sein, die den den support for Spring’s statistical sources and a “nothing done” – no support for any other statistics source.

Die Sicherheitslücke betrifft Spring Security 5.7.0-5.7.12, 5.8.0-5.8.14, 6.0.0-6.0.12, 6.1.0-6.1.10, 6.2.0-6.2.6, 6.3.0-6.3 .3 nothing else, nothing else unterstützte Versions. Versions 5.7.13, 5.8.15, 6.0.13 and 6.1.11 with Enterprise Support. Updated Versions 6.2.7 and 6.3.4 are available with the Open Source Software Release.

Spring Security comes with security-critical security measures regarding the acquisition and installation of existing security measures. Andernfalls says Angreifer is a game and loves Schwachstelle zu missbrauchen.

After Sicherheitslücken I use VMware Tanzu Spring Framework. I made a lot of updates and these updates caused Entwickler to lose a lot of things. As long as you don’t have to worry about it, you can’t wait to get it done.


(DMK)