what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2022-31690

Status Candidate

Overview

Spring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can modify a request initiated by the Client (via the browser) to the Authorization Server which can lead to a privilege escalation on the subsequent approval. This scenario can happen if the Authorization Server responds with an OAuth2 Access Token Response containing an empty scope list (per RFC 6749, Section 5.1) on the subsequent request to the token endpoint to obtain the access token.

Related Files

Red Hat Security Advisory 2023-3296-01
Posted May 25, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3296-01 - Multicluster Engine for Kubernetes 2.2.4 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-2795, CVE-2022-2928, CVE-2022-2929, CVE-2022-31690, CVE-2022-31692, CVE-2022-3172, CVE-2022-36227, CVE-2022-41973, CVE-2022-42889, CVE-2023-0361, CVE-2023-24422, CVE-2023-2491, CVE-2023-25725, CVE-2023-27535
SHA-256 | 0d190181de187a85cca97396c686e2bf391eef8e2f72f844b36951fbeb15a493
Red Hat Security Advisory 2023-2041-01
Posted Apr 27, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-2041-01 - Migration Toolkit for Applications 6.1.0 Images. Issues addressed include denial of service, privilege escalation, server-side request forgery, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-4235, CVE-2022-1705, CVE-2022-27664, CVE-2022-2879, CVE-2022-2880, CVE-2022-2995, CVE-2022-30631, CVE-2022-3162, CVE-2022-31690, CVE-2022-3172, CVE-2022-32148, CVE-2022-32189, CVE-2022-32190, CVE-2022-3259
SHA-256 | cdceaf94ffb5f08d7907643b99fcb01c885eb8b1a5f5162002e04ee9e67c6574
Red Hat Security Advisory 2023-1656-01
Posted Apr 12, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1656-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.56.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-20329, CVE-2022-31690, CVE-2022-31692, CVE-2022-3172, CVE-2022-42889, CVE-2023-0266, CVE-2023-0286, CVE-2023-0461, CVE-2023-24422, CVE-2023-27898, CVE-2023-27899, CVE-2023-27903, CVE-2023-27904
SHA-256 | 240de720e001bf838375281c8974f3f4db8855a03923fc43cfd177237fada857
Red Hat Security Advisory 2023-1655-01
Posted Apr 12, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1655-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.56. Issues addressed include bypass, cross site scripting, information leakage, insecure permissions, and privilege escalation vulnerabilities.

tags | advisory, vulnerability, xss
systems | linux, redhat
advisories | CVE-2022-31690, CVE-2022-31692, CVE-2022-3172, CVE-2022-42889, CVE-2023-24422, CVE-2023-27898, CVE-2023-27899, CVE-2023-27903, CVE-2023-27904
SHA-256 | f5fdb00ee615b9b2fbc00838a17e11fc10b0748dec647bfe139f3c9248ea106e
Red Hat Security Advisory 2023-1286-01
Posted Mar 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1286-01 - Migration Toolkit for Runtimes 1.0.2 Images. Issues addressed include denial of service, privilege escalation, and server-side request forgery vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-46848, CVE-2022-2056, CVE-2022-2057, CVE-2022-2058, CVE-2022-2519, CVE-2022-2520, CVE-2022-2521, CVE-2022-2867, CVE-2022-2868, CVE-2022-2869, CVE-2022-2953, CVE-2022-31690, CVE-2022-35737, CVE-2022-40303
SHA-256 | b6aeb9fcd298c51ea745ab2408444b545077335be2e3494910e6f630ad0116c8
Red Hat Security Advisory 2023-1285-01
Posted Mar 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1285-01 - Migration Toolkit for Runtimes 1.0.2 ZIP artifacts. Issues addressed include privilege escalation, server-side request forgery, and traversal vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2022-31690, CVE-2022-3782, CVE-2022-46364
SHA-256 | fba0bc9c40f8531e652357bd8a648a346250378dc0b43249ddd4aabace8918a3
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close