exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2023-20860

около 2 лет назад

Spring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using "**" as a pattern in Spring Security configuration with the mvcRequestMatcher creates a mismatch in pattern matching between Spring Security and Spring MVC, and the potential for a security bypass.

CVSS3: 7.5

EPSS: Средний

CVE-2023-20860

около 2 лет назад

Spring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using "**" as a pattern in Spring Security configuration with the mvcRequestMatcher creates a mismatch in pattern matching between Spring Security and Spring MVC, and the potential for a security bypass.

CVSS3: 7.5

EPSS: Средний

CVE-2023-20860

около 2 лет назад

Spring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using "**" as a pattern in Spring Security configuration with the mvcRequestMatcher creates a mismatch in pattern matching between Spring Security and Spring MVC, and the potential for a security bypass.

CVSS3: 7.5

EPSS: Средний

CVE-2023-20860

около 2 лет назад

Spring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using ...

CVSS3: 7.5

EPSS: Средний

GHSA-7phw-cxx7-q9vq

около 2 лет назад

Spring Framework is vulnerable to security bypass via mvcRequestMatcher pattern mismatch

CVSS3: 9.1

EPSS: Средний

BDU:2023-02018

около 2 лет назад

Уязвимость компонента mvcRequestMatche Java-фреймворка для обеспечения безопасности промышленных приложений Spring Security, позволяющая нарушителю оказать воздействие на целостность защищаемой информации

CVSS3: 7.5

EPSS: Средний

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2023-20860 Spring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using "**" as a pattern in Spring Security configuration with the mvcRequestMatcher creates a mismatch in pattern matching between Spring Security and Spring MVC, and the potential for a security bypass.	CVSS3: 7.5	56% Средний	около 2 лет назад
CVE-2023-20860 Spring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using "**" as a pattern in Spring Security configuration with the mvcRequestMatcher creates a mismatch in pattern matching between Spring Security and Spring MVC, and the potential for a security bypass.	CVSS3: 7.5	56% Средний	около 2 лет назад
CVE-2023-20860 Spring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using "**" as a pattern in Spring Security configuration with the mvcRequestMatcher creates a mismatch in pattern matching between Spring Security and Spring MVC, and the potential for a security bypass.	CVSS3: 7.5	56% Средний	около 2 лет назад
CVE-2023-20860 Spring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using ...	CVSS3: 7.5	56% Средний	около 2 лет назад
GHSA-7phw-cxx7-q9vq Spring Framework is vulnerable to security bypass via mvcRequestMatcher pattern mismatch	CVSS3: 9.1	56% Средний	около 2 лет назад
BDU:2023-02018 Уязвимость компонента mvcRequestMatche Java-фреймворка для обеспечения безопасности промышленных приложений Spring Security, позволяющая нарушителю оказать воздействие на целостность защищаемой информации	CVSS3: 7.5	56% Средний	около 2 лет назад

Уязвимостей на страницу