CVE-2021-22112

CVE-2021-22112 involves Spring Security flaws that could enable privilege escalation when the SecurityContext is modified multiple times in a single request. Affected versions: Spring Security 5.4.x before 5.4.4, 5.3.x before 5.3.8.RELEASE, 5.2.x before 5.2.9.RELEASE (and older unsupported versio...

CVE-2021-22113

Applications using the “Sensitive Headers” functionality in Spring Cloud Netflix Zuul 2.2.6.RELEASE and below may be vulnerable to bypassing the “Sensitive Headers” restriction when executing requests with specially constructed URLs. Applications that use Spring Security's StrictHttpFirewall...

CVE-2021-22113

Applications using the “Sensitive Headers” functionality in Spring Cloud Netflix Zuul 2.2.6.RELEASE and below may be vulnerable to bypassing the “Sensitive Headers” restriction when executing requests with specially constructed URLs. Applications that use Spring Security's StrictHttpFirewall...

Design/Logic Flaw

Applications using the “Sensitive Headers” functionality in Spring Cloud Netflix Zuul 2.2.6.RELEASE and below may be vulnerable to bypassing the “Sensitive Headers” restriction when executing requests with specially constructed URLs. Applications that use Spring Security's StrictHttpFirewall...

CVE-2021-22113

Applications using the “Sensitive Headers” functionality in Spring Cloud Netflix Zuul 2.2.6.RELEASE and below may be vulnerable to bypassing the “Sensitive Headers” restriction when executing requests with specially constructed URLs. Applications that use Spring Security's StrictHttpFirewall...

CVE-2021-22112

A flaw was found in jenkins. Unintentional persisted temporary elevated privileges in some circumstances in a user's session can occur in Spring Security. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

Vmware VMware Spring Security Permission License and Access Control Issues Vulnerability

Vmware VMware Spring Security is a suite of security frameworks from Vmware that provide illustrative security protections for Spring-based applications. A vulnerability exists in VMware Spring Security with privilege permission and access control issues. The vulnerability stems from an attacker...

jenkins -- Privilege escalation vulnerability in bundled Spring Security library

Jenkins Security Advisory: Description high SECURITY-2195 / CVE-2021-22112 Privilege escalation vulnerability in bundled Spring Security library...

Authorization Bypass

spring-cloud-netflix-zuul is vulnerable to authorization bypass. An attacker is able to send a request containing a malicious URL to bypass the “Sensitive Headers” restrictions. Applications using Spring Security's StrictHttpFirewall enabled by default for all URLs are not affected by this...

Oracle MySQL Enterprise Monitor Multiple Vulnerabilities (Jan 2021 CPU)

MySQL Enterprise Monitor installed on the remote host is 8.0.x prior to 8.0.23. Therefore, it's affected by multiple vulnerabilities as referenced in the January 2021 CPU advisory. - Vulnerability in the MySQL Enterprise Monitor product of Oracle MySQL component: Service Manager Apache Commons...

The vulnerability of the Spring Framework’s spring-security-saml2-service-provider component, which is used for securing industrial applications with Spring Security. This vulnerability allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Spring Java framework component spring-security-saml2-service-provider related to Spring Security’s industrial application security features is linked to an improper verification of the cryptographic signature. Exploiting this vulnerability could allow a malicious actor t...

Security Bulletin: Multiple Vulnerabilities in IBM Guardium Data Encryption (GDE)

Summary There are multiple vulnerabilities identified in IBM Guardium Data Encryption GDE. These vulnerabilities have been fixed in GDE 4.0.0.4. Please apply the latest version for the fixes. Vulnerability Details CVEID: CVE-2017-7957 DESCRIPTION: XStream is vulnerable to a denial of service,...

Unauthorized access and file upload vulnerabilities in Ruoyi's backend management system

Ruoyi backend management system is based on SpringBoot, Spring Security, JWT, Vue & Element of the front and back end separation of permissions management system , can be used for all Web applications , such as website management backend , website member center , CMS, CRM, OA and so on. If there ...

The vulnerability of the Java framework for securing industrial applications using Spring Security, related to the use of insufficiently random values, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Java framework for securing industrial applications using Spring Security is related to the use of insufficiently random values. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

ai.foremast.metrics:foremast-spring-boot-1x-k8s-metrics-starter (>=0.1.6 <=0.1.7), ai.foremast.metrics:foremast-spring-boot-k8s-metrics-starter (>=0.1.4-SB1X <=0.1.4-SB1X_6) +1217 more potentially affected by CVE-2016-9879 via org.springframework.security:spring-security-core (>=4.0.0.RELEASE <=4.1.3.RELEASE)

org.springframework.security:spring-security-core MAVEN version =4.0.0.RELEASE, =0.1.6, =0.1.4-SB1X, =1.3.1-RELEASE, =0.1, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.6.OSS, =1.0.6.OSS, =1.0.7.OSS, =1.0.8.OSS and more Source cves: CVE-2016-9879 Source advisory: OSV:GHSA-V35C-49J6-Q8HQ...

Security Constraint Bypass in Spring Security

Spring Security does not consider URL path parameters when processing security constraints. By adding a URL path parameter with an encoded "/" to a request, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path...

au.org.consumerdatastandards:client-cli (>=1.1.1 <=1.12.0), cc.kebei:onion-expands-office (>=3.0.3 <=3.0.6) +445 more potentially affected by CVE-2016-9879 via org.springframework.security:spring-security-core (>=4.2.0.RELEASE <=4.2.19.RELEASE)

org.springframework.security:spring-security-core MAVEN version =4.2.0.RELEASE, =1.1.1, =3.0.3, =3.0.3, =3.0.3, =3.0.5, =A.1.1.1, =A.2.0.0, =A.1.1.1, =A.2.0.0, =A.1.1.1, =A.1.1.2, =A.1.1.1, =2.6, =2.6, =2.6, =2.9 and more Source cves: CVE-2016-9879 Source advisory: OSV:GHSA-V35C-49J6-Q8HQ...

be.dnsbelgium:rdap-server (>=0.3.3 <=1.0.3), br.net.woodstock.rockframework:rockframework-domain (>=1.2.1 <=3.0.1) +883 more potentially affected by CVE-2016-9879 via org.springframework.security:spring-security-core (>=2.0.0 <=3.2.0.RELEASE)

org.springframework.security:spring-security-core MAVEN version =2.0.0, =0.3.3, =1.2.1, =2.0.0, =1.0.0, =1.0.0, =1.0.0, =1.2.1, =1.2.1, =1.3.6, =1.4.2 - com.daioware.security:security =1.0.0.RELEASE - com.daioware:daioware-picture =1.0.0-RELEASE and more Source cves: CVE-2016-9879 Source advisory...

GHSA-V35C-49J6-Q8HQ Security Constraint Bypass in Spring Security

Spring Security does not consider URL path parameters when processing security constraints. By adding a URL path parameter with an encoded "/" to a request, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path...

Authorization Bypass in Spring Security

When using Spring Security's CAS Proxy ticket authentication a malicious CAS Service could trick another CAS Service into authenticating a proxy ticket that was not associated. This is due to the fact that the proxy ticket authentication uses the information from the HttpServletRequest which is...