CVE-2024-38828

This repository contains a functional proof-of-concept for CVE-2024-38828, a DoS vulnerability in Spring Framework's ByteArrayHttpMessageConverter. It includes a custom converter to mitigate the issue and a load test script to demonstrate the vulnerability.

This repository contains a functional proof-of-concept for CVE-2024-38828, demonstrating a denial-of-service (DoS) vulnerability in Spring applications by exploiting improper handling of large byte array inputs. The test case simulates an attack by sending a request with a Content-Length header set to Integer.MAX_VALUE, which triggers an exception.

This repository contains a functional PoC for CVE-2024-38828, demonstrating a DoS vulnerability in Spring Framework's ByteArrayHttpMessageConverter. The exploit leverages a crafted Content-Length header to trigger an exception, causing resource exhaustion.

This repository demonstrates a partial fix for CVE-2024-38828, a DoS vulnerability in Spring Framework where large or malformed byte[] requests can exhaust memory. It includes a custom ByteArrayConverter to enforce size limits and prevent resource exhaustion.