Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5
CVE-2022-22969
- EPSS 0.77%
- Published 21.04.2022 19:15:08
- Last modified 21.11.2024 06:47:42
<Issue Description> Spring Security OAuth versions 2.5.x prior to 2.5.2 and older unsupported versions are susceptible to a Denial-of-Service (DoS) attack via the initiation of the Authorization Request in an OAuth 2.0 Client application. A malicious...
8.8
CVE-2016-4977
- EPSS 94.09%
- Published 25.05.2017 17:29:00
- Last modified 20.04.2025 01:37:25
When processing authorization requests using the whitelabel views in Spring Security OAuth 2.0.0 to 2.0.9 and 1.0.0 to 1.0.5, the response_type parameter value was executed as Spring SpEL which enabled a malicious user to trigger remote code executio...
1