3 matches found
GHSA-293Q-567P-WMWQ Spring Security Vulnerable to Unauthorized User Impersonation when Using X.509 Client Certificates
In Spring Security Web, SubjectDnX509PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the username. In a carefully crafted certificate, this can lead to an attacker impersonating another user...
Linux Distros Unpatched Vulnerability : CVE-2020-2922
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0....
UBUNTU-CVE-2017-3313
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: MyISAM. Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure wher...