CVE-2022-24891
- EPSS 0.94%
- Veröffentlicht 27.04.2022 21:15:08
- Zuletzt bearbeitet 03.11.2025 20:15:53
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Prior to version 2.3.0.0, there is a potential for a cross-site scripting vulnerability in ESAPI caused by a incorrect regular expression for ...
CVE-2022-23457
- EPSS 0.31%
- Veröffentlicht 25.04.2022 20:15:41
- Zuletzt bearbeitet 03.11.2025 20:15:52
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Prior to version 2.3.0.0, the default implementation of `Validator.getValidDirectoryPath(String, String, File, boolean)` may incorrectly treat...
CVE-2013-5679
- EPSS 0.1%
- Veröffentlicht 30.09.2013 17:09:26
- Zuletzt bearbeitet 11.04.2025 00:51:21
The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API (ESAPI) for Java 2.x before 2.1.0 does not properly resist tampering with serialized ciphertext, which makes it easier for remote att...
CVE-2013-5960
- EPSS 0.24%
- Veröffentlicht 30.09.2013 17:09:26
- Zuletzt bearbeitet 11.04.2025 00:51:21
The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API (ESAPI) for Java 2.x before 2.1.0.1 does not properly resist tampering with serialized ciphertext, which makes it easier for remote a...