Lucene search
K

7 matches found

vulnersOsv
vulnersOsv
added 2022/05/17 3:56 a.m.10 views

cloud.genesys:web-messaging-sdk (>=3.0.0 <=5.0.0), com.adobe.cq.commerce:cq-commerce-core (>=5.6.0 <=5.13.18) +119 more potentially affected by CVE-2013-5679 via org.owasp.esapi:esapi (=2.0.1)

org.owasp.esapi:esapi MAVEN version =2.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.owasp.esapi:esapi and may be impacted: - cloud.genesys:web-messaging-sdk =3.0.0, =5.6.0, =2.0.54, =5.6.2, =1.0.36, =1.0.24, =5.5.4, =1.0.0, =5.6.4, =1.0.8,...

2.6CVSS5.8AI score0.02426EPSS
Exploits1
Mageia
Mageia
added 2015/02/11 8:47 p.m.51 views

Updated owasp-esapi-java packages fix CVE-2013-5679

Updated owasp-esapi-java packages fix security vulnerability: The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API ESAPI for Java 2.x before 2.1.0 does not properly resist tampering with serialized ciphertext, which makes it easier f...

2.6CVSS3.5AI score0.02426EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2015/01/15 12:0 a.m.22 views

Fedora 20 : owasp-esapi-java-2.1.0-2.fc20 (2015-0259)

Release 2.1.0. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Network...

5.8CVSS8.2AI score0.02426EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2015/01/15 12:0 a.m.20 views

Fedora Update for owasp-esapi-java FEDORA-2015-0259

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5AI score
Exploits0References2
securityvulns
securityvulns
added 2013/10/03 12:0 a.m.87 views

OWASP ESAPI Security Advisory: MAC Bypass in ESAPI Symmetric Encryption

OWASP ESAPI for Java Security Advisory 1 The OWASP Foundation MAC Bypass in ESAPI Symmetric Encryption Summary ======= Category: Symmetric cryptography Module: ESAPI Encryptor interface Announced: 2013-08-23 via ESAPI-Dev mailing list...

2.6CVSS9AI score0.02426EPSS
Exploits1
Cvelist
Cvelist
added 2013/09/30 10:0 a.m.32 views

CVE-2013-5679

The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API ESAPI for Java 2.x before 2.1.0 does not properly resist tampering with serialized ciphertext, which makes it easier for remote attackers to bypass intended cryptographic protectio...

9.2AI score0.02426EPSS
Exploits1References4
CVE
CVE
added 2013/09/30 10:0 a.m.86 views

CVE-2013-5679

CVE-2013-5679 affects OWASP ESAPI for Java 2.x prior to 2.1.0, where the authenticated-encryption path in the symmetric‑encryption implementation fails to properly resist tampering of serialized ciphertext, enabling bypass of cryptographic protection via a default-configuration authenticity flaw ...

2.6CVSS6.5AI score0.02426EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder