Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Studio Security Vulnerabilities - 2023

cve
cve

CVE-2023-39967

WireMock is a tool for mocking HTTP services. When certain request URLs like โ€œ@127.0.0.1:1234" are used in WireMock Studio configuration fields, the request might be forwarded to an arbitrary service reachable from WireMockโ€™s instance. There are 3 identified potential attack vectors: via โ€œTestReque...

10CVSS

9.4AI Score

0.002EPSS

2023-09-06 09:15 PM
27
cve
cve

CVE-2023-41327

WireMock is a tool for mocking HTTP services. WireMock can be configured to only permit proxying (and therefore recording) to certain addresses. This is achieved via a list of allowed address rules and a list of denied address rules, where the allowed list is evaluated first. Until WireMock Webhook...

5.4CVSS

6.2AI Score

0.001EPSS

2023-09-06 09:15 PM
2486
cve
cve

CVE-2023-41329

WireMock is a tool for mocking HTTP services. The proxy mode of WireMock, can be protected by the network restrictions configuration, as documented in Preventing proxying to and recording from specific target addresses. These restrictions can be configured using the domain names, and in such a case...

6.6CVSS

6.4AI Score

0.001EPSS

2023-09-06 09:15 PM
53