Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:48 a.m.10 views

CVE-2022-31683

Concourse 7.x.y prior to 7.8.3 and 6.x.y prior to 6.7.9 contains an authorization bypass issue. A Concourse user can send a request with body including :teamname=team2 to bypass team scope check to gain access to certain resources belong to any other team...

5.4CVSS7AI score0.00446EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/12/19 12:0 a.m.5 views

CVE-2022-31683

Concourse 7.x.y prior to 7.8.3 and 6.x.y prior to 6.7.9 contains an authorization bypass issue. A Concourse user can send a request with body including :teamname=team2 to bypass team scope check to gain access to certain resources belong to any other team...

7.4AI score0.00446EPSS
Exploits1References1
CVE
CVE
added 2022/12/19 12:0 a.m.86 views

CVE-2022-31683

Concourse (versions 7.x.y before 7.8.3 and 6.x.y before 6.7.9) is vulnerable to an authorization bypass where a user can send a body parameter :team_name to bypass team scope and access resources belonging to other teams. Root cause: HTTP request parsing allowed body parameters to override scope ...

5.4CVSS5.5AI score0.00446EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2022/12/19 12:0 a.m.20 views

CVE-2022-31683

Concourse 7.x.y prior to 7.8.3 and 6.x.y prior to 6.7.9 contains an authorization bypass issue. A Concourse user can send a request with body including :teamname=team2 to bypass team scope check to gain access to certain resources belong to any other team...

5.4CVSS5.6AI score0.00446EPSS
Exploits1References3
Rows per page
Query Builder