Lucene search
K

4 matches found

BDU FSTEC
BDU FSTEC
added 2021/09/10 12:0 a.m.4 views

The vulnerability of the Oauth extension for the software environment used to implement the MediaWiki hypertext environment allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Oauth extension MWOAuthConsumerSubmitControl.php of the MediaWiki software arises from the use of cryptographic algorithms that contain defects or risks. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and...

10CVSS7.7AI score0.01615EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2021/08/25 9:37 a.m.3 views

envoyproxy/envoy: HTTP request with multiple value headers can bypass authorization policies

An authorization bypass vulnerability was found in envoyproxy/envoy. Envoy incorrectly evaluates an HTTP request with multiple value headers. This flaw allows an attacker to bypass rule policies that use the extauthz extension. The highest threat from this vulnerability is to confidentiality,...

8.6CVSS5.8AI score0.03325EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2021/08/24 12:0 a.m.4 views

PT-2021-19922 · Envoy · Envoy

Name of the Vulnerable Software and Affected Versions: Envoy versions 1.16.5 through 1.19.0 Description: The issue affects Envoy, an open source L7 proxy and communication bus. In the affected versions, when the ext-authz extension sends request headers to the external authorization service, it...

8.6CVSS8.6AI score0.03325EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2021/04/22 12:0 a.m.2 views

PT-2021-19426 · Mediawiki +2 · Mediawiki +2

Name of the Vulnerable Software and Affected Versions: MediaWiki versions through 1.35.2 Description: An issue was discovered in the Oauth extension for MediaWiki. It did not validate the oarc version also known as oauth registered consumer.oarc version parameter's length. Recommendations: For...

9.8CVSS6.1AI score0.03832EPSS
Exploits18References75
Rows per page
Query Builder