Описание
OpenAM Web Policy Agent (OpenAM Consortium Edition) provided by OpenAM Consortium parses URLs improperly, leading to a path traversal vulnerability(CWE-22). Furthermore, a crafted URL may be evaluated incorrectly.
Ссылки
- Issue TrackingThird Party Advisory
- Broken Link
- Issue TrackingThird Party Advisory
- Broken Link
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:openam:openam:4.1.0:*:*:*:consortium:*:*:*
EPSS
Процентиль: 61%
0.00413
Низкий
7.5 High
CVSS3
Дефекты
CWE-22
CWE-22
Связанные уязвимости
CVSS3: 7.5
ubuntu
около 3 лет назад
OpenAM Web Policy Agent (OpenAM Consortium Edition) provided by OpenAM Consortium parses URLs improperly, leading to a path traversal vulnerability(CWE-22). Furthermore, a crafted URL may be evaluated incorrectly.
CVSS3: 7.5
github
около 3 лет назад
OpenAM Web Policy Agent (OpenAM Consortium Edition) provided by OpenAM Consortium parses URLs improperly, leading to a path traversal vulnerability(CWE-22). Furthermore, a crafted URL may be evaluated incorrectly.
EPSS
Процентиль: 61%
0.00413
Низкий
7.5 High
CVSS3
Дефекты
CWE-22
CWE-22