Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2025/09/26 9:31 a.m.5 views

WSO2's Input Validation Management Service contains Observable Discrepancy when Multi-Attribute Login is enabled

A username enumeration vulnerability exists in multiple WSO2 products when Multi-Attribute Login is enabled. In this configuration, the system returns a distinct "User does not exist" error message to the login form, regardless of the validateusername setting. This behavior allows malicious actor...

5.3CVSS6.8AI score0.00234EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/09/26 9:31 a.m.5 views

GHSA-W82P-R9VW-4RG5 WSO2's Input Validation Management Service contains Observable Discrepancy when Multi-Attribute Login is enabled

A username enumeration vulnerability exists in multiple WSO2 products when Multi-Attribute Login is enabled. In this configuration, the system returns a distinct "User does not exist" error message to the login form, regardless of the validateusername setting. This behavior allows malicious actor...

3.7CVSS6.8AI score0.00234EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 6:44 p.m.3 views

CVE-2021-39940

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. GitLab Maven Package registry is vulnerable to a regular expression denial of service when a...

6.5CVSS6.3AI score0.0146EPSS
Exploits0References1
OSV
OSV
added 2021/12/13 4:15 p.m.2 views

UBUNTU-CVE-2021-39940

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. GitLab Maven Package registry is vulnerable to a regular expression denial of service when a...

6.5CVSS5.8AI score0.0146EPSS
Exploits0References2
Rows per page
Query Builder