exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2019-3795

почти 7 лет назад

Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, and 5.1.x prior to 5.1.5 contain an insecure randomness vulnerability when using SecureRandomFactoryBean#setSeed to configure a SecureRandom instance. In order to be impacted, an honest application must provide a seed and make the resulting random material available to an attacker for inspection.

CVSS3: 5.3

EPSS: Низкий

CVE-2019-3795

почти 7 лет назад

Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, and 5.1.x prior to 5.1.5 contain an insecure randomness vulnerability when using SecureRandomFactoryBean#setSeed to configure a SecureRandom instance. In order to be impacted, an honest application must provide a seed and make the resulting random material available to an attacker for inspection.

CVSS3: 3.3

EPSS: Низкий

CVE-2019-3795

почти 7 лет назад

Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, and 5.1.x prior to 5.1.5 contain an insecure randomness vulnerability when using SecureRandomFactoryBean#setSeed to configure a SecureRandom instance. In order to be impacted, an honest application must provide a seed and make the resulting random material available to an attacker for inspection.

CVSS3: 5.3

EPSS: Низкий

CVE-2019-3795

почти 7 лет назад

Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, ...

CVSS3: 5.3

EPSS: Низкий

GHSA-v2r2-7qm7-jj6v

почти 7 лет назад

Spring Security uses insufficiently random values

CVSS3: 5.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2019-3795 Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, and 5.1.x prior to 5.1.5 contain an insecure randomness vulnerability when using SecureRandomFactoryBean#setSeed to configure a SecureRandom instance. In order to be impacted, an honest application must provide a seed and make the resulting random material available to an attacker for inspection.	CVSS3: 5.3	2% Низкий	почти 7 лет назад
CVE-2019-3795 Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, and 5.1.x prior to 5.1.5 contain an insecure randomness vulnerability when using SecureRandomFactoryBean#setSeed to configure a SecureRandom instance. In order to be impacted, an honest application must provide a seed and make the resulting random material available to an attacker for inspection.	CVSS3: 3.3	2% Низкий	почти 7 лет назад
CVE-2019-3795 Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, and 5.1.x prior to 5.1.5 contain an insecure randomness vulnerability when using SecureRandomFactoryBean#setSeed to configure a SecureRandom instance. In order to be impacted, an honest application must provide a seed and make the resulting random material available to an attacker for inspection.	CVSS3: 5.3	2% Низкий	почти 7 лет назад
CVE-2019-3795 Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, ...	CVSS3: 5.3	2% Низкий	почти 7 лет назад
GHSA-v2r2-7qm7-jj6v Spring Security uses insufficiently random values	CVSS3: 5.3	2% Низкий	почти 7 лет назад

Уязвимостей на страницу