4 matches found
CVE-2022-23554
creationtimestamp| type| source ---|---|--- 2022-12-28 22:12:32+00:00| seen| Telegram/lL2p6u07IobovFXu9asgXtyyxvz6mdTSLjnPvUJnO5LYfdM...
CVE-2022-23554
CVE-2022-23554 affects Alpine (Java scaffolding library). Multiple sources confirm: versions prior to 1.10.4 allow an Authentication Filter bypass by relying on the request URI to decide swagger endpoint access. For example, a crafted URL such as /api/foo;%2fapi%2fswagger causes the filter to ret...
CVE-2022-23554 Authentication bypass in Alpine
Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows Authentication Filter bypass. The AuthenticationFilter relies on the request URI to evaluate if the user is accessing the swagger endpoint. By accessing a URL with a path such as /api/foo;%2fapi%2fswagger the contains...
CVE-2022-23554 Authentication bypass in Alpine
Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows Authentication Filter bypass. The AuthenticationFilter relies on the request URI to evaluate if the user is accessing the swagger endpoint. By accessing a URL with a path such as /api/foo;%2fapi%2fswagger the contains...