5 matches found
Connect CMS has SSRF in the External Page Migration Feature of its Page Management Plugin
Security Advisory — Page Management Plugin SSRF Summary A Server-Side Request Forgery SSRF issue exists in the external page migration feature of the Page Management Plugin. Affected Versions - 1.x series: = 1.41.0 - 2.x series: = 2.41.0 Patched Versions - 1.41.1 - 2.41.1 Description In the...
PT-2022-26153 · Grails · Grails Spring Security Core Plugin
Name of the Vulnerable Software and Affected Versions: Grails Spring Security Core plugin versions 1.x Grails Spring Security Core plugin versions 2.x Grails Spring Security Core plugin versions 3.0.0 through 3.3.1 Grails Spring Security Core plugin versions 4.0.0 through 4.0.4 Grails Spring...
DEBIAN-CVE-2021-33054
SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not validate the signatures of any SAML assertions it receives. Any actor with network access to the deployment could impersonate users when SAML is the authentication method. Only versions after 2.0.5a are affected...
PT-2020-5475 · Fasterxml +6 · Jackson-Databind +6
Name of the Vulnerable Software and Affected Versions: FasterXML jackson-databind versions 2.x before 2.9.10.4 Description: The issue is related to the interaction between serialization gadgets and typing, specifically with the org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory...
PT-2010-1023 · Debian · Lintian
Name of the Vulnerable Software and Affected Versions: Lintian versions 1.23.x through 1.23.28 Lintian versions 1.24.x through 1.24.2.1 Lintian versions 2.x before 2.3.2 Description: Multiple directory traversal vulnerabilities allow remote attackers to overwrite arbitrary files or obtain sensiti...