mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-13 14:14:44 +02:00
0xMarcio
3.1 KiB
3.1 KiB
CVE-2022-22978
Description
In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+ and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with . in the regular expression are possibly vulnerable to an authorization bypass.
POC
Reference
Github
- https://github.com/0day404/vulnerability-poc
- https://github.com/ARPSyndicate/cvemon
- https://github.com/BartEichmann/websocket-sharp
- https://github.com/DEOrgGitHub/java-sec-code
- https://github.com/DeEpinGh0st/CVE-2022-22978
- https://github.com/DimaMend/ava-sec-code
- https://github.com/Dzmitry-Basiachenka/dist-foreign-aliakh
- https://github.com/JakeQwiet/JavaSecCode
- https://github.com/JoyChou93/java-sec-code
- https://github.com/KayCHENvip/vulnerability-poc
- https://github.com/Lay0us/CVE-2022-32532
- https://github.com/Lay0us1/CVE-2022-32532
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/Pear1y/Vuln-Env
- https://github.com/Pecoooo/tttttt
- https://github.com/Raghvendra1207/CVE-2022-22978
- https://github.com/SYRTI/POC_to_review
- https://github.com/SamShoberWork/SLS-java-sec-code-clone
- https://github.com/Sathyasri1/java-sec-code
- https://github.com/Threekiii/Awesome-POC
- https://github.com/WhooAmii/POC_to_review
- https://github.com/Whoopsunix/PPPVULNS
- https://github.com/Wibellule/java-sec-code-master
- https://github.com/XuCcc/VulEnv
- https://github.com/aeifkz/CVE-2022-22978
- https://github.com/arlington-teste/java-poc-project1
- https://github.com/ax1sX/SpringSecurity
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/davidmechoulan/Javasec2
- https://github.com/dengelken/JavaSecCode
- https://github.com/ducluongtran9121/CVE-2022-22978-PoC
- https://github.com/https-feigoss-com/test3
- https://github.com/junxiant/xnat-aws-monailabel
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/louispCx/java-sec-code-circleci
- https://github.com/manas3c/CVE-POC
- https://github.com/mark8arm/java-sec-code-play
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/ongam1/Java-Sec-Code
- https://github.com/pkumarcoverity/java-sec-code
- https://github.com/prabhu-backslash/java-sec-code
- https://github.com/subfinder2021/java-sec-code
- https://github.com/tanjiti/sec_profile
- https://github.com/tindoc/spring-blog
- https://github.com/trhacknon/Pocingit
- https://github.com/umakant76705/CVE-2022-22978
- https://github.com/whoforget/CVE-POC
- https://github.com/xandervrpwc/CodeQL-Java
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/youwizard/CVE-POC
- https://github.com/zecool/cve