CVE-2025-6445
- EPSS 0.49%
- Veröffentlicht 25.06.2025 17:42:05
- Zuletzt bearbeitet 08.08.2025 19:17:57
ServiceStack FindType Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ServiceStack. Interaction with this library is required to exploit this v...
CVE-2025-6444
- EPSS 0.05%
- Veröffentlicht 25.06.2025 17:41:36
- Zuletzt bearbeitet 08.08.2025 19:18:00
ServiceStack GetErrorResponse Improper Input Validation NTLM Relay Vulnerability. This vulnerability allows remote attackers to relay NTLM credentials on affected installations of ServiceStack. Interaction with this library is required to exploit thi...
CVE-2020-28042
- EPSS 36%
- Veröffentlicht 02.11.2020 21:15:31
- Zuletzt bearbeitet 21.11.2024 05:22:15
ServiceStack before 5.9.2 mishandles JWT signature verification unless an application has a custom ValidateToken function that establishes a valid minimum length for a signature.
CVE-2019-1010199
- EPSS 0.24%
- Veröffentlicht 23.07.2019 18:15:14
- Zuletzt bearbeitet 21.11.2024 04:18:02
ServiceStack ServiceStack Framework 4.5.14 is affected by: Cross Site Scripting (XSS). The impact is: JavaScrpit is reflected in the server response, hence executed by the browser. The component is: the query used in the GET request is prone. The att...