Synopsys Coverity Connect 安全漏洞

Synopsys Coverity Connect is a Web-based platform from Synopsys. It consists primarily of static code analysis and dynamic code analysis tools. A security vulnerability exists in versions prior to Coverity 2023.3.2 that stems from the presence of a forced browsing vulnerability, which exposes...

PT-2023-17153 · Synopsys +1 · Coverity +1

Name of the Vulnerable Software and Affected Versions: Coverity versions prior to 2023.3.2 Description: The issue is related to forced browsing, which exposes authenticated resources to unauthorized actors due to an insecurely configured servlet mapping for the underlying Apache Tomcat server. Th...