CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java Spring ecosystem.
Bloomberg L.P.

API Library

Supported Releases: These releases have been certified by Bloomberg’s Enterprise Products team for use by Bloomberg customers. Experimental Releases: These releases have not yet been certified for use ...