GHSA-2w4p-2hf7-gh8x

Опубликовано: 05 авг. 2024

Источник: github

Github: Прошло ревью

CVSS4: 8.7

CVSS3: 7.5

Описание

Alpine allows URL access filter bypass

Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows URL access filter bypass. This issue has been fixed in version 1.10.4. There are no known workarounds.

Ссылки

Пакеты

Наименование

us.springett:alpine

maven

Затронутые версииВерсия исправления

< 1.10.4

1.10.4

EPSS

Процентиль: 47%

0.00237

Низкий

8.7 High

CVSS4

7.5 High

CVSS3

CVE ID

CVE-2022-23553

Дефекты

CWE-863

Связанные уязвимости

CVE-2022-23553

CVSS3: 7.5

nvd

около 3 лет назад

Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows URL access filter bypass. This issue has been fixed in version 1.10.4. There are no known workarounds.

EPSS

Процентиль: 47%

0.00237

Низкий

8.7 High

CVSS4

7.5 High

CVSS3

CVE ID

CVE-2022-23553

Дефекты

CWE-863