CVSS: 9.4EPSS: 48%CPEs: 3EXPL: 3CVE-2024-22243 – CVE-2024-22243: Spring Framework URL Parsing with Host Validation
https://notcve.org/view.php?id=CVE-2024-22243
23 Feb 2024 — Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used after passing validation checks. Las aplicaciones que utilizan UriComponentsBuilder para analizar una URL proporcionada externamente (por ejemplo, a través de un parámetro de consulta) Y realizan comprobacione... • https://github.com/SeanPesce/CVE-2024-22243 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-34061 – CVE-2023-34061 – Gorouter route pruning
https://notcve.org/view.php?id=CVE-2023-34061
12 Jan 2024 — Cloud Foundry routing release versions from v0.163.0 to v0.283.0 are vulnerable to a DOS attack. An unauthenticated attacker can use this vulnerability to force route pruning and therefore degrade the service availability of the Cloud Foundry deployment. Las versiones de enrutamiento de Cloud Foundry desde v0.163.0 hasta v0.283.0 son vulnerables a un ataque de DOS. Un atacante no autenticado puede utilizar esta vulnerabilidad para forzar la poda de rutas y, por lo tanto, degradar la disponibilidad del servi... • https://www.cloudfoundry.org/blog/cve-2023-34061-gorouter-route-pruning • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-34054 – Reactor Netty HTTP Server Metrics DoS Vulnerability
https://notcve.org/view.php?id=CVE-2023-34054
28 Nov 2023 — In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable if Reactor Netty HTTP Server built-in integration with Micrometer is enabled. En Reactor Netty HTTP Server, versiones 1.1.x anteriores a 1.1.13 y versiones 1.0.x anteriores a 1.0.39, es posible que un usuario proporcione solicitudes HTTP especialmente... • https://spring.io/security/cve-2023-34054 •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2023-34062
https://notcve.org/view.php?id=CVE-2023-34062
15 Nov 2023 — In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, a malicious user can send a request using a specially crafted URL that can lead to a directory traversal attack. Specifically, an application is vulnerable if Reactor Netty HTTP Server is configured to serve static resources. En Reactor Netty HTTP Server, versiones 1.1.x anteriores a 1.1.13 y versiones 1.0.x anteriores a 1.0.39, un usuario malintencionado puede enviar una solicitud utilizando una URL especialmen... • https://spring.io/security/cve-2023-34062 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-20885 – CF workflows leak credentials in system audit logs
https://notcve.org/view.php?id=CVE-2023-20885
16 Jun 2023 — Vulnerability in Cloud Foundry Notifications, Cloud Foundry SMB-volume release, Cloud FOundry cf-nfs-volume release.This issue affects Notifications: All versions prior to 63; SMB-volume release: All versions prior to 3.1.19; cf-nfs-volume release: 5.0.X versions prior to 5.0.27, 7.1.X versions prior to 7.1.19. • https://www.cloudfoundry.org/blog/cve-2023-20885-cf-workflows-leak-credentials-in-system-audit-logs • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-31683
https://notcve.org/view.php?id=CVE-2022-31683
19 Dec 2022 — Concourse (7.x.y prior to 7.8.3 and 6.x.y prior to 6.7.9) contains an authorization bypass issue. A Concourse user can send a request with body including :team_name=team2 to bypass team scope check to gain access to certain resources belong to any other team. • https://github.com/concourse/concourse/security/advisories/GHSA-5jp2-vwrj-99rf • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-31684 – reactor-netty-http: Log request headers in some cases of invalid HTTP requests
https://notcve.org/view.php?id=CVE-2022-31684
19 Oct 2022 — Reactor Netty HTTP Server, in versions 1.0.11 - 1.0.23, may log request headers in some cases of invalid HTTP requests. The logged headers may reveal valid access tokens to those with access to server logs. This may affect only invalid HTTP requests where logging at WARN level is enabled. El servidor HTTP de Reactor Netty, en versiones 1.0.11 - 1.0.23, puede registrar los encabezados de petición en algunos casos de peticiones HTTP no válidas. Los encabezados registradas pueden revelar los tokens de acceso v... • https://tanzu.vmware.com/security/cve-2022-31684 • CWE-117: Improper Output Neutralization for Logs CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-22969
https://notcve.org/view.php?id=CVE-2022-22969
21 Apr 2022 —
CVSS: 9.0EPSS: 1%CPEs: 11EXPL: 0CVE-2021-22112
https://notcve.org/view.php?id=CVE-2021-22112
23 Feb 2021 — Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in a single request.A malicious user cannot cause the bug to happen (it must be programmed in). However, if the application's intent is to only allow the user to run with elevated privileges in a small portion of the application, the bug can be leveraged to extend those privileges to the rest of the application. ... • http://www.openwall.com/lists/oss-security/2021/02/19/7 •
CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0CVE-2020-5419 – RabbitMQ arbitrary code execution using local binary planting
https://notcve.org/view.php?id=CVE-2020-5419
31 Aug 2020 — RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a Windows-specific binary planting security vulnerability that allows for arbitrary code execution. An attacker with write privileges to the RabbitMQ installation directory and local access on Windows could carry out a local binary hijacking (planting) attack and execute arbitrary code. RabbitMQ versiones 3.8.x anteriores a 3.8.7, son propensas a una vulnerabilidad de seguridad de plantación de binario específico de Windows que permite una ejecución de cód... • https://tanzu.vmware.com/security/cve-2020-5419 • CWE-427: Uncontrolled Search Path Element •