Lucene search
K

11 matches found

vulnersOsv
vulnersOsv
added 2018/10/17 8:1 p.m.5 views

am.ik.blog:blog-domain (>=4.2.1 <=4.3.6), am.ik.blog:blog-mapper (>=4.4.1 <=4.5.0) +4431 more potentially affected by CVE-2018-1199 via org.springframework:spring-core (>=4.3.0.RELEASE <=4.3.13.RELEASE)

org.springframework:spring-core MAVEN version =4.3.0.RELEASE, =4.2.1, =4.4.1, =1.0.0.RELEASE, =1.0.0, =1.0.2, =1.6, =1.6, =1.6, =1.0.10, =0.2.13, =0.2.13, =0.2.13, =0.2.13, =0.2.28 and more Source cves: CVE-2018-1199 Source advisory: OSV:GHSA-V596-FWHQ-8X48...

5.3CVSS6.7AI score0.02857EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2018/10/17 8:1 p.m.7 views

am.ik.home:uaa-client (>=1.0.0 <=1.2.0), am.ik.home:uaa-integration-test (>=1.0.0 <=1.2.0) +690 more potentially affected by CVE-2018-1199 via org.springframework.security:spring-security-core (>=4.1.0.RELEASE <=4.1.4.RELEASE)

org.springframework.security:spring-security-core MAVEN version =4.1.0.RELEASE, =1.0.0, =1.0.0, =1.0.0, =0.1, =1.0.0, =1.0.6.OSS, =1.0.6.OSS, =1.0.7.OSS, =1.0.7.OSS, =3.0.1.3, =3.0.0, =3.0.1.2, =3.0.1.11 and more Source cves: CVE-2018-1199 Source advisory: OSV:GHSA-V596-FWHQ-8X48...

5.3CVSS6.7AI score0.02857EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2018/10/17 8:1 p.m.4 views

am.ik.home:uaa-client (>=1.3.0 <=1.9.0), am.ik.home:uaa-integration-test (>=1.3.0 <=1.9.0) +1654 more potentially affected by CVE-2018-1199 via org.springframework.security:spring-security-core (>=4.2.0.RELEASE <=4.2.3.RELEASE)

org.springframework.security:spring-security-core MAVEN version =4.2.0.RELEASE, =1.3.0, =1.3.0, =1.3.0, =1.1.1, =1.12.0 and more Source cves: CVE-2018-1199 Source advisory: OSV:GHSA-V596-FWHQ-8X48...

5.3CVSS6.6AI score0.02857EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2018/10/17 8:1 p.m.6 views

ch.rasc:wamp2spring-security (=1.0.0), com.github.henkexbg:gallery-api (=0.3.0) +58 more potentially affected by CVE-2018-1199 via org.springframework.security:spring-security-core (=5.0.0.RELEASE)

org.springframework.security:spring-security-core MAVEN version =5.0.0.RELEASE is affected by a known vulnerability. The following packages have a transitive dependency on org.springframework.security:spring-security-core and may be impacted: - ch.rasc:wamp2spring-security =1.0.0 -...

5.3CVSS6.7AI score0.02857EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2018/08/14 7:51 p.m.70 views

Critical: Red Hat Security Advisory: Red Hat FIS 2.0 on Fuse 6.3.0 R7 security and bug fix update

An update is now available for Red Hat Fuse Integration Services. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

9.8CVSS6.9AI score0.72782EPSS
Exploits8References7
Veracode
Veracode
added 2018/04/06 1:47 a.m.45 views

Directory Traversal

spring-webmvc is vulnerable to directory traversal attack. The vulnerability exists due to the improper sanitization of the path values which allows valid Windows files to be served as static resources. This vulnerability only affects spring-webmvc running on Windows which allows serving files wi...

5.9CVSS7.2AI score0.35681EPSS
Exploits1References12Affected Software2
UbuntuCve
UbuntuCve
added 2018/03/16 8:29 p.m.37 views

CVE-2018-1199

Spring Security Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14 and 5.0.x before 5.0.3 does not consider URL path parameters when processing security constraints. By adding a URL path parameter with special encodings, an...

5.3CVSS6.8AI score0.02857EPSS
Exploits0References2
OSV
OSV
added 2018/03/16 8:29 p.m.26 views

CVE-2018-1199

Spring Security Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14 and 5.0.x before 5.0.3 does not consider URL path parameters when processing security constraints. By adding a URL path parameter with special encodings, an...

5.3CVSS5.5AI score0.02857EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2018/03/16 8:0 p.m.25 views

CVE-2018-1199

Spring Security Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14 and 5.0.x before 5.0.3 does not consider URL path parameters when processing security constraints. By adding a URL path parameter with special encodings, an...

5.3CVSS6.6AI score0.02857EPSS
Exploits0
CVE
CVE
added 2018/03/16 8:0 p.m.150 views

CVE-2018-1199

CVE-2018-1199 affects Spring Security (4.1.x before 4.1.5, 4.2.x before 4.2.4, 5.0.x before 5.0.1) and Spring Framework (4.3.x before 4.3.14, 5.0.x before 5.0.3). The issue is that URL path parameters are not consistently handled when evaluating security constraints, allowing an attacker to bypas...

5.3CVSS5.3AI score0.02857EPSS
Exploits0References6Affected Software2
RedhatCVE
RedhatCVE
added 2018/02/05 11:49 a.m.37 views

CVE-2018-1199

Spring Security Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14 and 5.0.x before 5.0.3 does not consider URL path parameters when processing security constraints. By adding a URL path parameter with special encodings, an...

7.5CVSS1.3AI score0.02857EPSS
Exploits0References2
Rows per page
Query Builder