Lucene search
GoogleOSV:GHSA-5XM9-RF63-WJ7HHistoryMay 17, 2022 - 5:18 a.m.
Improper Control of Generation of Code in Spring Security
2022-05-1705:18:15
Google
osv.dev
19
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
77.2%
CRLF injection vulnerability in the logout functionality in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the spring-security-redirect parameter.
Related
packetstorm
packetstorm
Spring Security Header Injection
2011-09-09 00:00:00
securityvulns
securityvulns
CVE-2011-2732: Spring Security header injection vulnerability
2011-09-13 00:00:00
github
github
Improper Control of Generation of Code in Spring Security
2022-05-17 05:18:15
prion
prion
Crlf injection
2012-12-05 17:55:00
cve
cve
CVE-2011-2732
2012-12-05 17:55:00
ubuntucve
ubuntucve
CVE-2011-2732
2012-12-05 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
77.2%
Related for OSV:GHSA-5XM9-RF63-WJ7H