Lucene search
K

4 matches found

Circl
Circl
added 2022/12/28 10:12 p.m.5 views

CVE-2022-23554

creationtimestamp| type| source ---|---|--- 2022-12-28 22:12:32+00:00| seen| Telegram/lL2p6u07IobovFXu9asgXtyyxvz6mdTSLjnPvUJnO5LYfdM...

6.5CVSS5.8AI score0.00659EPSS
Exploits0
CVE
CVE
added 2022/12/28 6:12 p.m.77 views

CVE-2022-23554

CVE-2022-23554 affects Alpine (Java scaffolding library). Multiple sources confirm: versions prior to 1.10.4 allow an Authentication Filter bypass by relying on the request URI to decide swagger endpoint access. For example, a crafted URL such as /api/foo;%2fapi%2fswagger causes the filter to ret...

6.5CVSS5.8AI score0.00659EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/12/28 6:12 p.m.26 views

CVE-2022-23554 Authentication bypass in Alpine

Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows Authentication Filter bypass. The AuthenticationFilter relies on the request URI to evaluate if the user is accessing the swagger endpoint. By accessing a URL with a path such as /api/foo;%2fapi%2fswagger the contains...

6.5CVSS6.8AI score0.00659EPSS
Exploits0References3
OSV
OSV
added 2022/12/28 6:12 p.m.22 views

CVE-2022-23554 Authentication bypass in Alpine

Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows Authentication Filter bypass. The AuthenticationFilter relies on the request URI to evaluate if the user is accessing the swagger endpoint. By accessing a URL with a path such as /api/foo;%2fapi%2fswagger the contains...

6.5CVSS5.8AI score0.00659EPSS
Exploits0References5
Rows per page
Query Builder