5 matches found
CVE-2026-56647
CVE-2026-56647 is a Windows vulnerability in the Windows Remote Access Service Infrastructure where an integer overflow/wraparound can let an authorized attacker elevate privileges over a network. The affected component is the Windows Remote Access Service Infrastructure, and the root cause is an...
CVE-2023-30845
ESPv2 is a service proxy that provides API management capabilities using Google Service Infrastructure. ESPv2 2.20.0 through 2.42.0 contains an authentication bypass vulnerability. API clients can craft a malicious X-HTTP-Method-Override header value to bypass JWT authentication in specific cases...
Authentication flaw
ESPv2 is a service proxy that provides API management capabilities using Google Service Infrastructure. ESPv2 2.20.0 through 2.42.0 contains an authentication bypass vulnerability. API clients can craft a malicious X-HTTP-Method-Override header value to bypass JWT authentication in specific cases...
CVE-2023-30845 ESPv2 vulnerable to JWT authentication bypass via `X-HTTP-Method-Override` header
ESPv2 is a service proxy that provides API management capabilities using Google Service Infrastructure. ESPv2 2.20.0 through 2.42.0 contains an authentication bypass vulnerability. API clients can craft a malicious X-HTTP-Method-Override header value to bypass JWT authentication in specific cases...
CVE-2023-30845 ESPv2 vulnerable to JWT authentication bypass via `X-HTTP-Method-Override` header
ESPv2 is a service proxy that provides API management capabilities using Google Service Infrastructure. ESPv2 2.20.0 through 2.42.0 contains an authentication bypass vulnerability. API clients can craft a malicious X-HTTP-Method-Override header value to bypass JWT authentication in specific cases...