fluent-reader icon indicating copy to clipboard operation
fluent-reader copied to clipboard
verified publisher icon yang991178

CVE-2022-22965: Spring Framework RCE via Data Binding on JDK 9+

Open t3dium opened this issue 3 years ago • 1 comments

A new windows defender definition breaks fluent-reader as it's vulnerable to remote code execution. ClamAV also picks this up.

https://www.cyberkendra.com/2022/03/springshell-rce-0-day-vulnerability.html https://tanzu.vmware.com/security/cve-2022-22965

image

As a result on second load, the app isn't functional due to having files quarantined: image

Suggested solutions: Updating the spring framework, https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement

t3dium avatar Jun 09 '22 20:06 t3dium

This looks strange, as no component of the spring framework is contained in this app. It seems that the quarantined files are just data files for the indexedDB database used for storing subscriptions and articles.

yang991178 avatar Jun 09 '22 21:06 yang991178

defender is still quarantining this to this day, it seems to do so every once a while breaking the app until the user manually restores what it considers a "threat".

t3dium avatar Dec 25 '22 03:12 t3dium