Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2021/10/20 12:0 a.m.46 views

Oracle MySQL Enterprise Monitor (Oct 2021 CPU)

The 8.0.25 versions of MySQL Enterprise Monitor installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2021 CPU advisory. - Vulnerability in the MySQL Enterprise Monitor product of Oracle MySQL component: Monitoring: General Spring Security. Supported...

9CVSS6.5AI score0.75353EPSS
Exploits2References7
vulnersOsv
vulnersOsv
added 2021/05/10 3:22 p.m.5 views

br.com.damsete:logging (=0.0.2), br.com.damsete:spring-security-jwt (=0.0.1) +1422 more potentially affected by CVE-2021-22112 via org.springframework.security:spring-security-web (>=5.3.0.RELEASE <=5.3.7.RELEASE)

org.springframework.security:spring-security-web MAVEN version =5.3.0.RELEASE, =1.0.1, =0.5.0.RELEASE, =0.0.1, =0.0.3, =0.0.3, =0.0.3, =0.0.3, =0.3, =0.3, =0.3, =0.5 and more Source cves: CVE-2021-22112 Source advisory: OSV:GHSA-GQ28-H5VG-8PRX...

9CVSS6.9AI score0.03197EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/05/10 3:22 p.m.6 views

ai.aitia:arrowhead-application-library-java-spring (>=4.4.0.0 <=4.4.0.1), ai.foremast.metrics:foremast-spring-boot-15x-starter (>=0.1.8 <=0.1.11) +4734 more potentially affected by CVE-2021-22112 via org.springframework.security:spring-security-web (>=3.0.0.RELEASE <=5.2.8.RELEASE)

org.springframework.security:spring-security-web MAVEN version =3.0.0.RELEASE, =4.4.0.0, =0.1.8, =0.1.6, =0.1.2, =0.5.0, =1.0.0, =1.0.0, =1.0.0, =0.0.2, =0.0.3, =1.1.0.RELEASE, =0.3, =0.3, =0.3, =0.3, =0.6 and more Source cves: CVE-2021-22112 Source advisory: OSV:GHSA-GQ28-H5VG-8PRX...

9CVSS7.2AI score0.03197EPSS
Exploits0
NVD
NVD
added 2021/02/23 7:15 p.m.27 views

CVE-2021-22112

Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in a single request.A malicious user cannot cause the bug to happen it must be programmed in...

9CVSS0.03197EPSS
Exploits0References15
OSV
OSV
added 2021/02/23 7:15 p.m.25 views

CVE-2021-22112

Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in a single request.A malicious user cannot cause the bug to happen it must be programmed in...

8.8CVSS6.5AI score0.03197EPSS
Exploits0References15
Cvelist
Cvelist
added 2021/02/23 6:48 p.m.51 views

CVE-2021-22112

Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in a single request.A malicious user cannot cause the bug to happen it must be programmed in...

8.7AI score0.03197EPSS
Exploits0References15
CVE
CVE
added 2021/02/23 6:48 p.m.192 views

CVE-2021-22112

CVE-2021-22112 involves Spring Security flaws that could enable privilege escalation when the SecurityContext is modified multiple times in a single request. Affected versions: Spring Security 5.4.x before 5.4.4, 5.3.x before 5.3.8.RELEASE, 5.2.x before 5.2.9.RELEASE (and older unsupported versio...

9CVSS8.4AI score0.03197EPSS
Exploits0References15Affected Software2
FreeBSD
FreeBSD
added 2021/02/19 12:0 a.m.73 views

jenkins -- Privilege escalation vulnerability in bundled Spring Security library

Jenkins Security Advisory: Description high SECURITY-2195 / CVE-2021-22112 Privilege escalation vulnerability in bundled Spring Security library...

9CVSS2.3AI score0.03197EPSS
Exploits0References1
Rows per page
Query Builder