8 matches found
Oracle MySQL Enterprise Monitor (Oct 2021 CPU)
The 8.0.25 versions of MySQL Enterprise Monitor installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2021 CPU advisory. - Vulnerability in the MySQL Enterprise Monitor product of Oracle MySQL component: Monitoring: General Spring Security. Supported...
br.com.damsete:logging (=0.0.2), br.com.damsete:spring-security-jwt (=0.0.1) +1422 more potentially affected by CVE-2021-22112 via org.springframework.security:spring-security-web (>=5.3.0.RELEASE <=5.3.7.RELEASE)
org.springframework.security:spring-security-web MAVEN version =5.3.0.RELEASE, =1.0.1, =0.5.0.RELEASE, =0.0.1, =0.0.3, =0.0.3, =0.0.3, =0.0.3, =0.3, =0.3, =0.3, =0.5 and more Source cves: CVE-2021-22112 Source advisory: OSV:GHSA-GQ28-H5VG-8PRX...
ai.aitia:arrowhead-application-library-java-spring (>=4.4.0.0 <=4.4.0.1), ai.foremast.metrics:foremast-spring-boot-15x-starter (>=0.1.8 <=0.1.11) +4734 more potentially affected by CVE-2021-22112 via org.springframework.security:spring-security-web (>=3.0.0.RELEASE <=5.2.8.RELEASE)
org.springframework.security:spring-security-web MAVEN version =3.0.0.RELEASE, =4.4.0.0, =0.1.8, =0.1.6, =0.1.2, =0.5.0, =1.0.0, =1.0.0, =1.0.0, =0.0.2, =0.0.3, =1.1.0.RELEASE, =0.3, =0.3, =0.3, =0.3, =0.6 and more Source cves: CVE-2021-22112 Source advisory: OSV:GHSA-GQ28-H5VG-8PRX...
CVE-2021-22112
Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in a single request.A malicious user cannot cause the bug to happen it must be programmed in...
CVE-2021-22112
Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in a single request.A malicious user cannot cause the bug to happen it must be programmed in...
CVE-2021-22112
Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in a single request.A malicious user cannot cause the bug to happen it must be programmed in...
CVE-2021-22112
CVE-2021-22112 involves Spring Security flaws that could enable privilege escalation when the SecurityContext is modified multiple times in a single request. Affected versions: Spring Security 5.4.x before 5.4.4, 5.3.x before 5.3.8.RELEASE, 5.2.x before 5.2.9.RELEASE (and older unsupported versio...
jenkins -- Privilege escalation vulnerability in bundled Spring Security library
Jenkins Security Advisory: Description high SECURITY-2195 / CVE-2021-22112 Privilege escalation vulnerability in bundled Spring Security library...