6 matches found
USN-8181-1 libowasp-esapi-java vulnerabilities
Jaroslav Lobačevski discovered that ESAPI incorrectly validated directory paths during path verification. An attacker could possibly use this issue to bypass directory validation checks, leading to control-flow bypass. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS,...
[SECURITY] [DLA 4246-1] libowasp-esapi-java security update
Debian LTS Advisory DLA-4246-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany July 22, 2025 https://wiki.debian.org/LTS Package : libowasp-esapi-java Version : 2.4.0.0-0+deb11u1 CVE ID : CVE-2022-23457 CVE-2022-24891 CVE-2025-5878 Debian Bug : 1010339 1109378...
CVE-2025-5878
A vulnerability was found in ESAPI esapi-java-legacy and classified as problematic. This issue affects the interface Encoder.encodeForSQL of the SQL Injection Defense. An attack leads to an improper neutralization of special elements. The attack may be initiated remotely and an exploit has been...
CVE-2025-5878
A vulnerability was found in ESAPI esapi-java-legacy and classified as problematic. This issue affects the interface Encoder.encodeForSQL of the SQL Injection Defense. An attack leads to an improper neutralization of special elements. The attack may be initiated remotely and an exploit has been...
UBUNTU-CVE-2025-5878
A vulnerability was found in ESAPI esapi-java-legacy and classified as problematic. This issue affects the interface Encoder.encodeForSQL of the SQL Injection Defense. An attack leads to an improper neutralization of special elements. The attack may be initiated remotely and an exploit has been...
PT-2025-27359
Name of the Vulnerable Software and Affected Versions: ESAPI esapi-java-legacy versions prior to 2.7.0.0 Description: A vulnerability was found in the interface Encoder.encodeForSQL of the SQL Injection Defense, leading to an improper neutralization of special elements. The attack may be initiate...