Lucene search
K

894 matches found

Cvelist
Cvelist
added 2022/12/28 6:12 p.m.26 views

CVE-2022-23554 Authentication bypass in Alpine

Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows Authentication Filter bypass. The AuthenticationFilter relies on the request URI to evaluate if the user is accessing the swagger endpoint. By accessing a URL with a path such as /api/foo;%2fapi%2fswagger the contains...

6.5CVSS6.8AI score0.00659EPSS
Exploits0References3
OSV
OSV
added 2022/12/28 6:12 p.m.21 views

CVE-2022-23554 Authentication bypass in Alpine

Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows Authentication Filter bypass. The AuthenticationFilter relies on the request URI to evaluate if the user is accessing the swagger endpoint. By accessing a URL with a path such as /api/foo;%2fapi%2fswagger the contains...

6.5CVSS5.8AI score0.00659EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2022/12/28 6:12 p.m.8 views

CVE-2022-23554 Authentication bypass in Alpine

Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows Authentication Filter bypass. The AuthenticationFilter relies on the request URI to evaluate if the user is accessing the swagger endpoint. By accessing a URL with a path such as /api/foo;%2fapi%2fswagger the contains...

6.5CVSS6.9AI score0.00659EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/12/28 6:1 p.m.8 views

CVE-2022-23553 URL access filters bypass in Alpine

Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows URL access filter bypass. This issue has been fixed in version 1.10.4. There are no known workarounds...

7.5CVSS6.7AI score0.0084EPSS
Exploits0References3
OSV
OSV
added 2022/12/28 6:1 p.m.30 views

CVE-2022-23553 URL access filters bypass in Alpine

Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows URL access filter bypass. This issue has been fixed in version 1.10.4. There are no known workarounds...

7.5CVSS7.4AI score0.0084EPSS
Exploits0References5
Cvelist
Cvelist
added 2022/12/28 6:1 p.m.48 views

CVE-2022-23553 URL access filters bypass in Alpine

Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows URL access filter bypass. This issue has been fixed in version 1.10.4. There are no known workarounds...

7.5CVSS7.7AI score0.0084EPSS
Exploits0References3
CVE
CVE
added 2022/12/28 6:1 p.m.78 views

CVE-2022-23553

Alpine is a Java scaffolding library. CVE-2022-23553 describes a URL access filter bypass in Alpine versions prior to 1.10.4. The issue is fixed in version 1.10.4; there are no publicly documented workarounds in the provided sources. Affected component is the URL filtering logic within Alpine’s f...

7.5CVSS7.4AI score0.0084EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2022/12/28 12:0 a.m.4 views

Alpine 授权问题漏洞

Alpine is an email program. An authorization issue vulnerability exists in versions of Alpine prior to 1.10.4 that stems from allowing authentication filters to be bypassed...

6.5CVSS6AI score0.00659EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/12/28 12:0 a.m.22 views

Alpine 安全漏洞

Alpine is an email program. A security vulnerability exists in versions of Alpine prior to 1.10.4, which stems from a vulnerability that allows bypassing URL access filters...

7.5CVSS7.2AI score0.0084EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/12/28 12:0 a.m.6 views

PT-2022-16069 · Alpine · Alpine

Name of the Vulnerable Software and Affected Versions: Alpine versions prior to 1.10.4 Description: The issue concerns Alpine, a Java scaffolding library. It allows an Authentication Filter bypass, where the AuthenticationFilter relies on the request URI to determine if the user is accessing the...

6.5CVSS7.1AI score0.00659EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2022/12/28 12:0 a.m.5 views

PT-2022-16068 · Alpine · Alpine

Name of the Vulnerable Software and Affected Versions: Alpine versions prior to 1.10.4 Description: Alpine is a scaffolding library in Java that allows URL access filter bypass. This issue has been fixed in version 1.10.4. Recommendations: For versions prior to 1.10.4, update to version 1.10.4 to...

8.7CVSS7.1AI score0.0084EPSS
Exploits0References12
Veracode
Veracode
added 2022/12/27 3:26 a.m.27 views

Authentication Bypass

Alpine is vulnerable to authentication bypass.The vulnerability exists in filter function of AuthenticationFilter.java because of by accessing a URL with a path without aborting the request which allows an attacker to bypass administrative restrictions via swagger endpoint...

6.5CVSS5.8AI score0.00659EPSS
Exploits0References4Affected Software1
Veracode
Veracode
added 2022/12/27 2:51 a.m.27 views

Authorization Bypass

Alpine is vulnerable to authorization bypass.The vulnerability exists in doFilter functions of BlacklistUrlFilter.java and WhitelistUrlFilter.java allows an attacker to bypass administrative restrictions via executable WAR files...

7.5CVSS7.3AI score0.0084EPSS
Exploits0References4Affected Software1
Openbugbounty
Openbugbounty
added 2022/12/26 6:18 a.m.9 views

alpinedentalwellness.com Cross Site Scripting vulnerability OBB-3118193

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/12/26 6:16 a.m.13 views

alpineorthopedics.com Cross Site Scripting vulnerability OBB-3118190

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/12/26 5:49 a.m.17 views

alpine-inscription.com Cross Site Scripting vulnerability OBB-3118162

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
OSV
OSV
added 2022/12/05 10:15 p.m.2 views

ALPINE-CVE-2022-35260

curl can be told to parse a .netrc file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause ...

6.5CVSS6.8AI score0.01761EPSS
Exploits1References1
OSV
OSV
added 2022/12/05 7:15 p.m.2 views

ALPINE-CVE-2022-4292

Use After Free in GitHub repository vim/vim prior to 9.0.0882...

7.8CVSS6.8AI score0.00655EPSS
Exploits1References1
OSV
OSV
added 2022/11/18 11:15 p.m.1 views

ALPINE-CVE-2021-33621

The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that use untrusted user input either to generate an HTTP response or to create a CGI::Cookie object...

8.8CVSS6.9AI score0.02287EPSS
Exploits1References1
Veracode
Veracode
added 2022/11/17 4:0 p.m.22 views

Denial Of Service (DoS)

Alpine is vulnerable to denial of service. The vulnerability exists when LIST or LSUB is sent before STARTTLS which allows an attacker to cause an application crash...

5.9CVSS3AI score0.00841EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder