Lucene search
K

8 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/05/13 2:58 p.m.45 views

Security Bulletin: IBM Sterling B2B Integrator vulnerable to multiple vulnerabilities due to Spring Security

Summary Spring Security is used by IBM Sterling B2B Integrator. Multiple Spring Security vulnerabilities have been addressed. Vulnerability Details CVEID: CVE-2019-3795 DESCRIPTION: Pivotal Spring Security could provide weaker than expected security, caused by an insecure randomness flaw when usi...

7.5CVSS1.2AI score0.01884EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2020/04/09 12:7 p.m.29 views

CVE-2019-3795

Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, and 5.1.x prior to 5.1.5 contain an insecure randomness vulnerability when using SecureRandomFactoryBeansetSeed to configure a SecureRandom instance. In order to be impacted, an honest application must provide a seed and make...

5.3CVSS3.9AI score0.01884EPSS
Exploits0References3
Debian
Debian
added 2019/05/20 3:52 a.m.120 views

[SECURITY] [DLA 1794-1] libspring-security-2.0-java security update

Package : libspring-security-2.0-java Version : 2.0.7.RELEASE-3+deb8u1 CVE ID : CVE-2019-3795 A vulnerability was discovered in libspring-security-2.0-java, a modular Java/J2EE application security framework, when using SecureRandomFactoryBeansetSeed to configure a SecureRandom instance, resultin...

5.3CVSS6AI score0.01884EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2019/04/16 3:10 p.m.6 views

ai.foremast.metrics:foremast-spring-boot-k8s-metrics-starter (>=0.1.2 <=0.1.6), ai.hyacinth.framework:core-service-gateway-server (=0.5.0) +1506 more potentially affected by CVE-2019-3795 via org.springframework.security:spring-security-core (>=5.1.0.RELEASE <=5.1.4.RELEASE)

org.springframework.security:spring-security-core MAVEN version =5.1.0.RELEASE, =0.1.2, =1.2.1.aghost-fix.20201109, =1.2.1.aghost-fix.20201109, =1.2.1.aghost-fix.20201109, =1.2.1.aghost-fix.20201109, =1.2.1.aghost-fix.20201109, =1.2.1.aghost-fix.20201109, =1.2.1.aghost-fix.20201109,...

5.3CVSS6.1AI score0.01884EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2019/04/16 3:10 p.m.12 views

ch.rasc:wamp2spring-security (=1.0.0), com.antelopesystem.authframework:auth-framework (=0.0.2) +177 more potentially affected by CVE-2019-3795 via org.springframework.security:spring-security-core (>=5.0.0.RELEASE <=5.0.11.RELEASE)

org.springframework.security:spring-security-core MAVEN version =5.0.0.RELEASE, =2.21.8, =2017.11.28, =2018.1.20 - com.netflix.genie:genie-app =4.0.0-rc.2 - com.netflix.genie:genie-security =4.0.0-rc.2 - de.codecentric:spring-boot-admin-sample-consul =2.0.5 -...

5.3CVSS6.1AI score0.01884EPSS
Exploits0
OSV
OSV
added 2019/04/09 4:29 p.m.29 views

CVE-2019-3795

Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, and 5.1.x prior to 5.1.5 contain an insecure randomness vulnerability when using SecureRandomFactoryBeansetSeed to configure a SecureRandom instance. In order to be impacted, an honest application must provide a seed and make...

5.3CVSS5.1AI score0.01884EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/04/09 3:29 p.m.28 views

CVE-2019-3795 Insecure Randomness When Using a SecureRandom Instance Constructed by Spring Security

Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, and 5.1.x prior to 5.1.5 contain an insecure randomness vulnerability when using SecureRandomFactoryBeansetSeed to configure a SecureRandom instance. In order to be impacted, an honest application must provide a seed and make...

3.8CVSS5.5AI score0.01884EPSS
Exploits0References3
CVE
CVE
added 2019/04/09 3:29 p.m.117 views

CVE-2019-3795

CVE-2019-3795 affects Spring Security: insecure randomness when SecureRandomFactoryBean#setSeed is used to configure a SecureRandom. Impact requires the application to supply a seed and expose the resulting random material to an attacker. Affected releases include Spring Security 4.2.x before 4.2...

5.3CVSS4.8AI score0.01884EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder