Lucene search
K

10 matches found

Nuclei
Nuclei
added 2026/06/16 7:13 a.m.10 views

Hitachi Pentaho Business Analytics Server - Bypass Authorization

Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented. id: CVE-2022-43939 info: name: Hitachi Pentaho Business Analytics Server - Bypass Authorization author: daffainf...

9.8CVSS8.1AI score0.9767EPSS
Exploits7References3
Snyk
Snyk
added 2025/12/08 4:26 p.m.5 views

Use of Non-Canonical URL Paths for Authorization Decisions

Overview astro is an Astro is a modern site builder with web best practices, performance, and DX front-of-mind. Affected versions of this package are vulnerable to Use of Non-Canonical URL Paths for Authorization Decisions due to improper URL decoding logic. The pathname validation used for...

6.9CVSS6.9AI score0.0047EPSS
Exploits1References2
NVD
NVD
added 2023/04/03 7:15 p.m.17 views

CVE-2022-43939

Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented...

9.8CVSS9.1AI score0.92266EPSS
Exploits6References3
OSV
OSV
added 2023/04/03 7:15 p.m.5 views

CVE-2022-43939

Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented...

9.8CVSS5.8AI score0.92266EPSS
Exploits6References3
Prion
Prion
added 2023/04/03 7:15 p.m.23 views

Design/Logic Flaw

Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented...

7.5CVSS9.4AI score0.92266EPSS
Exploits6References2Affected Software1
Cvelist
Cvelist
added 2023/04/03 6:10 p.m.32 views

CVE-2022-43939 Hitachi Vantara Pentaho Business Analytics Server - Use of Non-Canonical URL Paths for Authorization Decisions

Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented...

8.6CVSS9.8AI score0.92266EPSS
Exploits6References2
ATTACKERKB
ATTACKERKB
added 2023/04/03 12:0 a.m.15 views

CVE-2022-43939

Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented. Recent assessments: gwillcox-r7 at May 10, 2023 5:02pm UTC reported: This is an authentication bypass in Hitachi...

9.8CVSS7.6AI score0.9767EPSS
In wildExploits7References3
Positive Technologies
Positive Technologies
added 2023/04/03 12:0 a.m.15 views

PT-2023-2238

Name of the Vulnerable Software and Affected Versions Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x Description The issue is related to the use of non-canonical URL paths for authorization solutions, which can be circumvented. This can allo...

9.8CVSS6.8AI score0.92266EPSS
Exploits6References22
Mageia
Mageia
added 2013/11/30 9:37 p.m.38 views

Updated subversion package fixes security vulnerabilities

moddontdothat allows you to block update REPORT requests against certain paths in the repository. It expects the paths in the REPORT request to be absolute URLs. Serf based clients send relative URLs instead of absolute URLs in many cases. As a result these clients are not blocked as configured b...

3.5CVSS0.4AI score0.07858EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2013/11/15 12:0 a.m.22 views

subversion -- multiple vulnerabilities

Subversion Project reports: moddontdothat does not restrict requests from serf based clients moddontdothat allows you to block update REPORT requests against certain paths in the repository. It expects the paths in the REPORT request to be absolute URLs. Serf based clients send relative URLs...

3.5CVSS6.3AI score0.07858EPSS
Exploits0References2
Rows per page
Query Builder