Fuzzing Finds CVE in Spring.io
Code Intelligence‘s fuzzer, integrated into the OSS-Fuzz fuzzing platform by Google, found a CVE in the Spring Framework which causes a DoS (denial-of-service) if exploited. Patches are available.
Published in
2 min readMar 23, 2023
Google cares about open source security. They have skin in the game. I’ve written about this in the past. That’s why they built their fuzzing platform, OSS-Fuzz, reward contributors, and collaborate with partners to integrate more fuzzing capabilities…