A write-up of my (so far inconclusive) look into CVE-2022-31691
CVE-2022-31691 A write-up of my (so far inconclusive) look into CVE-2022-31691 Background I'm a frequent user of the Spring Tool Suite (STS) for Eclipse, and tend to rely on it to initialise new Spring Boot projects This vulnerability (see tanzuvmwarecom/security/cve-2022-31691) is an RCE which can be induced through unsafe loading of content from a yaml config