mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-30 04:59:31 +02:00
0xMarcio
4.4 KiB
4.4 KiB
CVE-2022-22978
Description
In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+ and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with . in the regular expression are possibly vulnerable to an authorization bypass.
POC
Reference
Github
- https://github.com/0day404/vulnerability-poc
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Agilevatester/SpringSecurity
- https://github.com/Agilevatester/SpringSecurityV1
- https://github.com/BartEichmann/websocket-sharp
- https://github.com/DEOrgGitHub/java-sec-code
- https://github.com/DanEllisHub/java-sec-code-clone
- https://github.com/DawnT0wn/Learning-History
- https://github.com/DeEpinGh0st/CVE-2022-22978
- https://github.com/DimaMend/ava-sec-code
- https://github.com/Dzmitry-Basiachenka/dist-foreign-aliakh
- https://github.com/Feigoss/test
- https://github.com/J1ezds/Vulnerability-Wiki-page
- https://github.com/JakeQwiet/JavaSecCode
- https://github.com/JoyChou93/java-sec-code
- https://github.com/KayCHENvip/vulnerability-poc
- https://github.com/Lay0us/CVE-2022-32532
- https://github.com/Lay0us1/CVE-2022-32532
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/Pear1y/Vuln-Env
- https://github.com/Pecoooo/tttttt
- https://github.com/Prabhu-backslash-gh/java-sec-code
- https://github.com/Raghvendra1207/CVE-2022-22978
- https://github.com/SLS-Polaris/SLS-java-sec-code-polaris
- https://github.com/SYRTI/POC_to_review
- https://github.com/SamShoberWork/SLS-java-sec-code-clone
- https://github.com/Sathyasri1/java-sec-code
- https://github.com/Threekiii/Awesome-POC
- https://github.com/WhooAmii/POC_to_review
- https://github.com/Whoopsunix/PPPVULNS
- https://github.com/Wibellule/java-sec-code-master
- https://github.com/XiaomingX/awesome-poc-for-red-team
- https://github.com/XuCcc/VulEnv
- https://github.com/Xx-otaku/SpringScan
- https://github.com/aeifkz/CVE-2022-22978
- https://github.com/apurvashrikant/Test
- https://github.com/apurvashrikant/test1
- https://github.com/arlington-teste/java-poc-project1
- https://github.com/ax1sX/SpringSecurity
- https://github.com/bd-org-demo/java-sec-code
- https://github.com/cyjhhh/pecker-llm-detect-example
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/davidmechoulan/Javasec2
- https://github.com/dengelken/JavaSecCode
- https://github.com/ducluongtran9121/CVE-2022-22978-PoC
- https://github.com/gunh0/kr-vulhub
- https://github.com/hareeshvp/HVP_Java_Sec_Code
- https://github.com/he-ewo/CVE-2022-22978
- https://github.com/https-feigoss-com/test3
- https://github.com/junxiant/xnat-aws-monailabel
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/louispCx/java-sec-code-circleci
- https://github.com/manas3c/CVE-POC
- https://github.com/mark8arm/java-sec-code-play
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/ongam1/Java-Sec-Code
- https://github.com/ongamse/EV-javaseccode-TestApp
- https://github.com/ongamse/pc-javaseccode-GH
- https://github.com/pavankumarboggarapu/java-sec-code
- https://github.com/pkumarcoverity/java-sec-code
- https://github.com/plzheheplztrying/cve_monitor
- https://github.com/prabhu-backslash/java-sec-code
- https://github.com/subfinder2021/java-sec-code
- https://github.com/t3mp3st19/java-sec-code
- https://github.com/tanjiti/sec_profile
- https://github.com/tindoc/spring-blog
- https://github.com/trhacknon/Pocingit
- https://github.com/umakant76705/CVE-2022-22978
- https://github.com/wan9xx/CVE-2022-22978-demo
- https://github.com/whoforget/CVE-POC
- https://github.com/xandervrpwc/CodeQL-Java
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/youwizard/CVE-POC
- https://github.com/zecool/cve
- https://github.com/zhanpengliu-tencent/medium-cve