Brian Vermeer47 articles

This article was originally published at Snyk.io As developers, we’re constantly juggling features, fixes, and deadlines. Yet, a lurking issue has been surprisingly overlooked: the continued use of vulnerable Log4j and Spring Framework versions in many projects. Despite the high-profile …

Nowadays, the security of your applications is just as important as the functionality they provide.

Encryption is converting readable data or plaintext into unreadable data or ciphertext, ensuring that even if encrypted data is intercepted, it remains inaccessible to unauthorized individuals.

Keeping your dependencies in check is crucial to ensure that your Spring Boot projects run smoothly and remain resilient in the face of ever-evolving threats.

An in-depth exploration of utilizing JLink to optimize Docker image sizes, enhancing application security and performance.

In December of last year, we reported CVE-2022-1471 to you. This unsafe deserialization problem could easily lead to arbitrary code execution.

By taking a proactive approach to XSS prevention and using the right resources and tools, developers can help ensure the security and integrity of their Java web applications.

Path traversal vulnerabilities are a serious threat to Java web applications, amongst the top security issues Snyk finds in Java code.

Java is a compiled language, so you should create an SBOM whenever you build a release version of your application. Find out more here!

org.yaml:snakeyaml package is widely used in the Java ecosystem, in part because it is packaged by default in the spring-boot-starter.