Lucene search

K

5 matches found

CVE
CVE
added 2022/05/03 4:15 p.m.1129 views

CVE-2022-1292

The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the s...

10CVSS9AI score0.71469EPSS
CVE
CVE
added 2022/05/12 8:15 p.m.1070 views

CVE-2022-22971

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user.

6.5CVSS6.2AI score0.00356EPSS
CVE
CVE
added 2022/05/12 8:15 p.m.336 views

CVE-2022-22970

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object.

5.3CVSS5.6AI score0.00173EPSS
CVE
CVE
added 2022/05/24 7:15 p.m.260 views

CVE-2021-3629

A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.40.Final and...

5.9CVSS6AI score0.00093EPSS
CVE
CVE
added 2022/05/24 7:15 p.m.196 views

CVE-2021-3597

A flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denial of service. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.35.SP1, prior to 2.2.6.SP1, prior to 2.2.7.SP1...

5.9CVSS5.5AI score0.00103EPSS