Lucene search

CVE-2021-21335

🗓️ 08 Mar 2021 21:16:15Reported by GitHub_MType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 40 Views

SPNEGO HTTP Auth Module for nginx vulnerability

Reporter	Title	Published	Views	Family All 4
Cvelist	CVE-2021-21335 Basic Authentication can be bypassed using a malformed username	8 Mar 202120:20	–	cvelist
Prion	Authentication flaw	8 Mar 202121:15	–	prion
NVD	CVE-2021-21335	8 Mar 202121:15	–	nvd
OSV	CVE-2021-21335	8 Mar 202121:15	–	osv

Nvd

Vulners

Node

spnego_http_authentication_module_project spnego_http_authentication_moduleRange<1.1.1nginx

[
  {
    "product": "spnego-http-auth-nginx-module",
    "vendor": "stnoonan",
    "versions": [
      {
        "status": "affected",
        "version": "< 1.1.1"
      }
    ]
  }
]

Source	Link
github	www.github.com/stnoonan/spnego-http-auth-nginx-module/security/advisories/GHSA-ww8q-72rx-hc54
github	www.github.com/stnoonan/spnego-http-auth-nginx-module/releases/tag/v1.1.1
github	www.github.com/stnoonan/spnego-http-auth-nginx-module/commit/a06f9efca373e25328b1c53639a48decd0854570

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

08 Mar 2021 21:15Current

7.2High risk

Vulners AI Score7.2

CVSS27.5

CVSS35.3 - 9.8

EPSS0.00229

CWE-287