Lucene search
K

7 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/06/27 11:1 a.m.44 views

Security Bulletin: Vulnerability in Spring Security affects IBM Process Mining . Multiple CVEs

Summary There is a vulnerability in Spring Security that could allow a local authenticated attacker launch further attacks on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details...

5.3CVSS7.2AI score0.02139EPSS
Exploits0Affected Software1
Circl
Circl
added 2022/05/19 6:29 p.m.7 views

CVE-2022-22976

creationtimestamp| type| source ---|---|--- 2022-05-19 18:29:37+00:00| seen| https://t.me/cibsecurity/42981 2024-01-28 05:12:59+00:00| seen| https://t.me/arpsyndicate/3213...

5.3CVSS7.1AI score0.02139EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2022/05/19 3:15 p.m.52 views

CVE-2022-22976

Spring Security versions 5.5.x prior to 5.5.7, 5.6.x prior to 5.6.4, and earlier unsupported versions contain an integer overflow vulnerability. When using the BCrypt class with the maximum work factor 31, the encoder does not perform any salt rounds, due to an integer overflow error. The default...

5.3CVSS6.9AI score0.02139EPSS
Exploits0References2
CVE
CVE
added 2022/05/19 2:50 p.m.221 views

CVE-2022-22976

CVE-2022-22976 affects Spring Security: when using BCrypt with maximum work factor (31), the encoder skips salt rounds due to an integer overflow. Affected: Spring Security 5.5.x before 5.5.7 and 5.6.x before 5.6.4 (plus unsupported earlier versions). Default settings are not affected. Remediatio...

5.3CVSS5.5AI score0.02139EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/05/19 2:50 p.m.37 views

CVE-2022-22976

Spring Security versions 5.5.x prior to 5.5.7, 5.6.x prior to 5.6.4, and earlier unsupported versions contain an integer overflow vulnerability. When using the BCrypt class with the maximum work factor 31, the encoder does not perform any salt rounds, due to an integer overflow error. The default...

5.3CVSS6.8AI score0.02139EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2022/05/17 4:10 p.m.58 views

CVE-2022-22976

A flaw was found in Spring Framework. The encoder does not perform any salt rounds when using the BCrypt class with the maximum work factor 31 due to an integer overflow error...

5.3CVSS2.8AI score0.02139EPSS
Exploits0References4
Spring Security Advisories
Spring Security Advisories
added 2022/05/16 5:32 a.m.88 views

CVE-2022-22976: BCrypt skips salt rounds for work factor of 31

Spring Security 5.7.0, 5.6.4, 5.5.7 were released to fix CVE-2022-22976: BCrypt skips salt rounds for work factor of 31. Please update as soon as possible...

7.5CVSS1.6AI score0.10037EPSS
Exploits6
Rows per page
Query Builder