Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Wallarm Lab
Wallarm Labadded 2023/06/19 3:15 p.m.35 views

GCP ESPv2 Hit with Critical API Authorization Bypass CVE-2023-30845

This post delves into a very impactful JWT Authentication Bypass vulnerability CVE-2023-30845 found in ESP-v2, an open-source service proxy that provides API management capabilities using Google Service Infrastructure. This vulnerability allows malicious API clients to bypass JWT authentication...

7.5CVSS7.3AI score0.00178EPSS
Exploits0
Veracode
Veracodeadded 2023/04/27 5:13 a.m.34 views

Authentication Bypass

github.com/GoogleCloudPlatform/esp-v2 is vulnerable to Authentication Bypass. The vulnerability exists because the library does not properly filter the malicious HTTP headers, which allows an attacker to send maliciously crafted X-HTTP-Method-Override header values to bypass JWT authentication in...

9.8CVSS9.1AI score0.00178EPSS
Exploits0References5Affected Software1
ossfuzz
ossfuzzadded 2020/03/12 11:49 a.m.20 views

esp-v2:service_control_filter_fuzz_test: Global-buffer-overflow in google::api_proxy::service_control::set_response_code_class

Project: https://github.com/GoogleCloudPlatform/esp-v2.git Detailed Report: https://oss-fuzz.com/testcase?key=5753507539058688 Project: esp-v2 Fuzzing Engine: libFuzzer Fuzz Target: servicecontrolfilterfuzztest Job Type: libfuzzerasanesp-v2 Platform Id: linux Crash Type: Global-buffer-overflow RE...

6.8AI score
Exploits0Affected Software1
Rows per page
Query Builder