Lucene search
K

6 matches found

vulnersOsv
vulnersOsv
added 2020/09/15 8:16 p.m.3 views

be.dnsbelgium:rdap-server (>=0.3.3 <=1.0.3), br.net.woodstock.rockframework:rockframework-domain (>=1.2.1 <=3.0.1) +795 more potentially affected by CVE-2014-3527 via org.springframework.security:spring-security-core (>=2.0.0 <=3.1.6.RELEASE)

org.springframework.security:spring-security-core MAVEN version =2.0.0, =0.3.3, =1.2.1, =2.0.0, =1.0.0, =1.0.0, =1.0.0, =1.2.1, =1.2.1, =1.3.6, =1.0.0.1, =1.0.0.1, =1.0.0.1, =1.0.0.1, =1.0.0.1, =1.0.0.3 and more Source cves: CVE-2014-3527 Source advisory: OSV:GHSA-WMV4-5W76-VP9G...

9.8CVSS7.2AI score0.01808EPSS
Exploits0
NVD
NVD
added 2017/05/25 5:29 p.m.24 views

CVE-2014-3527

When using the CAS Proxy ticket authentication from Spring Security 3.1 to 3.2.4 a malicious CAS Service could trick another CAS Service into authenticating a proxy ticket that was not associated. This is due to the fact that the proxy ticket authentication uses the information from the...

9.8CVSS9.5AI score0.01808EPSS
Exploits0References1
CVE
CVE
added 2017/05/25 5:0 p.m.88 views

CVE-2014-3527

The CVE-2014-3527 issue affects Spring Security’s CAS Proxy ticket authentication (versions 3.1 to 3.2.4). The root cause is that the proxy ticket authentication relies on HttpServletRequest data that can be populated from untrusted information, enabling a malicious CAS service to bypass access c...

9.8CVSS8.2AI score0.01808EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2014/08/31 12:0 a.m.19 views

Fedora Update for springframework-security FEDORA-2014-9648

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.3AI score0.01808EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2014/08/31 12:0 a.m.28 views

Fedora Update for springframework-security FEDORA-2014-9646

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.3AI score0.01808EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/08/30 12:0 a.m.30 views

Fedora 19 : springframework-security-3.1.7-1.fc19 (2014-9646)

Security fix for CVE-2014-3527 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

9.8CVSS8.3AI score0.01808EPSS
Exploits0References3
Rows per page
Query Builder