exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2022-22978

больше 3 лет назад

In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+ and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass.

CVSS3: 9.8

EPSS: Критический

CVE-2022-22978

больше 3 лет назад

In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+ and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass.

CVSS3: 9.8

EPSS: Критический

CVE-2022-22978

больше 3 лет назад

In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+ and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass.

CVSS3: 9.8

EPSS: Критический

CVE-2022-22978

больше 3 лет назад

In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+ and olde ...

CVSS3: 9.8

EPSS: Критический

GHSA-hh32-7344-cg2f

больше 3 лет назад

Authorization bypass in Spring Security

CVSS3: 9.8

EPSS: Критический

BDU:2022-04236

больше 3 лет назад

Уязвимость компонента RegexRequestMatcher Java-фреймворка для обеспечения безопасности промышленных приложений Spring Security, позволяющая нарушителю повысить свои привилегии

CVSS3: 9.8

EPSS: Критический

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2022-22978 In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+ and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass.	CVSS3: 9.8	90% Критический	больше 3 лет назад
CVE-2022-22978 In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+ and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass.	CVSS3: 9.8	90% Критический	больше 3 лет назад
CVE-2022-22978 In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+ and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass.	CVSS3: 9.8	90% Критический	больше 3 лет назад
CVE-2022-22978 In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+ and olde ...	CVSS3: 9.8	90% Критический	больше 3 лет назад
GHSA-hh32-7344-cg2f Authorization bypass in Spring Security	CVSS3: 9.8	90% Критический	больше 3 лет назад
BDU:2022-04236 Уязвимость компонента RegexRequestMatcher Java-фреймворка для обеспечения безопасности промышленных приложений Spring Security, позволяющая нарушителю повысить свои привилегии	CVSS3: 9.8	90% Критический	больше 3 лет назад

Уязвимостей на страницу