39 matches found
EUVD-2014-3586
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2022-22978
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+ and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on...
CVE-2025-41242 CVE-2025-41242: Path traversal vulnerability on non-compliant Servlet containers
Spring Framework MVC applications can be vulnerable to a “Path Traversal Vulnerability” when deployed on a non-compliant Servlet container. An application can be vulnerable when all the following are true: the application is deployed as a WAR or with an embedded Servlet container the Servlet...
VMware Spring Framework 安全漏洞
VMware Spring Framework is a set of open source Java, JavaEE application frameworks from VMware. The framework helps developers build high-quality applications. A security vulnerability exists in VMware Spring Framework that stems from a path traversal vulnerability on a non-compliant servlet...
PT-2025-33358
Name of the Vulnerable Software and Affected Versions: Spring Framework MVC applications affected versions not specified Description: Spring Framework MVC applications can be vulnerable to a “Path Traversal Vulnerability” when deployed on a non-compliant Servlet container. This issue occurs when...
The vulnerability of Eclipse Jetty servlet containers, related to inadequate management of system resources, allows attackers to trigger service failures.
The vulnerability of Eclipse Jetty servlet containers is related to insufficient management of system resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
springframework: Authorization Bypass in RegexRequestMatcher
A flaw was found in Spring Security. When using RegexRequestMatcher, an easy misconfiguration can bypass some servlet containers. Applications using RegexRequestMatcher with . in the regular expression are possibly vulnerable to an authorization bypass...
The vulnerability of Eclipse Jetty servlet containers arises from insufficient validation of input data, allowing attackers to cause failures in the proxy script.
The vulnerability of Eclipse Jetty servlet containers exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause failures in the proxy scenarios...
Spring Security < 5.5.7 / 5.6.x < 5.6.4 Authorization Bypass
The remote host contains a Spring Security version that is prior to 5.5.7 or 5.6.x prior to 5.6.4. It is, therefore, affected by an authorization bypass vulnerability. - In Spring Security versions 5.5.6 and 5.6.3 and older unsupported versions, RegexRequestMatcher can easily be misconfigured to ...
The vulnerability of Eclipse Jetty servlet containers, related to uncontrolled resource consumption, allows attackers to cause service failures.
The vulnerability of Eclipse Jetty servlet containers is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...
The vulnerability of Eclipse Jetty servlet containers, related to errors in information processing, allows attackers to gain unauthorized access to protected information.
The vulnerability of Eclipse Jetty servlet containers is related to errors in information processing. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
CVE-2022-32532
A flaw was sound in Apache Shiro's RegexRequestMatcher, which can be misconfigured and bypassed on some servlet containers. Applications using RegExPatternMatcher with '.' in the regular expression are vulnerable to an authorization bypass...
springframework: Authorization Bypass in RegexRequestMatcher
A flaw was found in Spring Security. When using RegexRequestMatcher, an easy misconfiguration can bypass some servlet containers. Applications using RegexRequestMatcher with . in the regular expression are possibly vulnerable to an authorization bypass...
GHSA-4CF5-XMHP-3XJ7 Improper Authorization in Apache Shiro
Apache Shiro before 1.9.1, A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. Applications using RegExPatternMatcher with . in the regular expression are possibly vulnerable to an authorization bypass...
CVE-2022-32532
Apache Shiro before 1.9.1, A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. Applications using RegExPatternMatcher with . in the regular expression are possibly vulnerable to an authorization bypass...
CVE-2022-32532
Apache Shiro before 1.9.1, A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. Applications using RegExPatternMatcher with . in the regular expression are possibly vulnerable to an authorization bypass...
CVE-2022-32532
Apache Shiro before 1.9.1, A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. Applications using RegExPatternMatcher with . in the regular expression are possibly vulnerable to an authorization bypass...
UBUNTU-CVE-2022-32532
Apache Shiro before 1.9.1, A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. Applications using RegExPatternMatcher with . in the regular expression are possibly vulnerable to an authorization bypass...
CVE-2022-32532
Apache Shiro before 1.9.1, A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. Applications using RegExPatternMatcher with . in the regular expression are possibly vulnerable to an authorization bypass...
GHSA-HH32-7344-CG2F Authorization bypass in Spring Security
In Spring Security versions 5.5.6 and 5.5.7 and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with . in the regular expression are possibly vulnerable to an authorization bypass...