6 matches found
be.dnsbelgium:rdap-server (>=0.3.3 <=1.0.3), br.net.woodstock.rockframework:rockframework-domain (>=1.2.1 <=3.0.1) +795 more potentially affected by CVE-2014-3527 via org.springframework.security:spring-security-core (>=2.0.0 <=3.1.6.RELEASE)
org.springframework.security:spring-security-core MAVEN version =2.0.0, =0.3.3, =1.2.1, =2.0.0, =1.0.0, =1.0.0, =1.0.0, =1.2.1, =1.2.1, =1.3.6, =1.0.0.1, =1.0.0.1, =1.0.0.1, =1.0.0.1, =1.0.0.1, =1.0.0.3 and more Source cves: CVE-2014-3527 Source advisory: OSV:GHSA-WMV4-5W76-VP9G...
CVE-2014-3527
When using the CAS Proxy ticket authentication from Spring Security 3.1 to 3.2.4 a malicious CAS Service could trick another CAS Service into authenticating a proxy ticket that was not associated. This is due to the fact that the proxy ticket authentication uses the information from the...
CVE-2014-3527
The CVE-2014-3527 issue affects Spring Security’s CAS Proxy ticket authentication (versions 3.1 to 3.2.4). The root cause is that the proxy ticket authentication relies on HttpServletRequest data that can be populated from untrusted information, enabling a malicious CAS service to bypass access c...
Fedora Update for springframework-security FEDORA-2014-9648
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for springframework-security FEDORA-2014-9646
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 19 : springframework-security-3.1.7-1.fc19 (2014-9646)
Security fix for CVE-2014-3527 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...