Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:6268
HistoryMay 10, 2018 - 6:42 a.m.

Remote Code Execution (RCE)

2018-05-1006:42:48
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8

0.047 Low

EPSS

Percentile

92.7%

JSON

spring-security-oauth2 is vulnerable to remote code execution (RCE) attacks. The vulnerability occurs when a malicious user can insert an RCE payload into an authorization request to the authroization endpoint, and is executed when the resource owner is forwarded to the approval endpoint. This vulnerability only affects applications that contains the role of an Authorization Server, and the use of the default Approval Endpoint.

Related

redhatcve 1
nvd 1
osv 2
prion 1
cve 1
github 1
cvelist 1
f5 1
seebug 1
ibm 1
redhat 2
impervablog 1
redhatcve
redhatcve
CVE-2018-1260
2018-05-30 19:19:20
nvd
nvd
CVE-2018-1260
2018-05-11 20:29:00
osv
osv
Spring Security OAuth vulnerable to remote code execution (RCE)
2018-10-18 18:05:34
CVE-2018-1260
2018-05-11 20:29:00
prion
prion
Remote code execution
2018-05-11 20:29:00
cve
cve
CVE-2018-1260
2018-05-11 20:29:00
github
github
Spring Security OAuth vulnerable to remote code execution (RCE)
2018-10-18 18:05:34
cvelist
cvelist
CVE-2018-1260
2018-05-09 00:00:00
f5
f5
K10520421 : Spring Security OAuth vulnerability CVE-2018-1260
2018-05-29 00:00:00
seebug
seebug
RCE with spring-security-oauth2 分析(CVE-2018-1260)
2018-05-11 00:00:00
ibm
ibm
Security Bulletin: Remote code execution vulnerability (CVE-2018-1260) affects IBM Spectrum Symphony 7.2.0.2 and 7.2.1
2018-09-25 13:15:02
redhat
redhat
(RHSA-2018:1809) Important: Red Hat OpenShift Application Runtimes Spring Boot security and bug fix update
2018-06-07 08:25:02
(RHSA-2018:2939) Critical: Red Hat FIS 2.0 on Fuse 6.3.0 R8 security and bug fix update
2018-10-17 19:27:11
impervablog
impervablog
Imperva Protects from New Spring Framework Zero-Day Vulnerabilities
2022-03-31 15:20:03

0.047 Low

EPSS

Percentile

92.7%

JSON
Related for VERACODE:6268
redhatcve1nvd1osv2prion1cve1github1cvelist1f51seebug1ibm1redhat2impervablog1