Grails Data Binding Vulnerability: JVM Crash and Denial of Service

Grails Data Binding Vulnerability: JVM Crash and Denial of Service

CVE-2023-46131 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Grails is a framework used to build web applications with the Groovy programming language. A specially crafted web request can lead to a JVM crash or denial of service. Any Grails framework application using Grails data binding is vulnerable. This issue has been patched in version 3.3.17, 4.1.3, 5.3.4, 6.1.0.

Learn more about our Cis Benchmark Audit For Bind.