Skip to main content

Armeria

4 CVEs product

Monthly

CVE-2024-1735 Maven CRITICAL PATCH Act Now

A vulnerability has been identified in armeria-saml versions less than 1.27.2, allowing the use of malicious SAML messages to bypass authentication. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Armeria
NVD GitHub
CVSS 3.1
9.1
EPSS
0.8%
CVE-2023-38493 Maven HIGH PATCH This Week

Armeria is a microservice framework Spring supports Matrix variables. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Java Authentication Bypass Armeria
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-43795 Maven HIGH PATCH This Week

Armeria is an open source microservice framework. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Armeria
NVD GitHub
CVSS 3.1
7.5
EPSS
1.6%
CVE-2019-16771 Maven MEDIUM PATCH This Month

Versions of Armeria 0.85.0 through and including 0.96.0 are vulnerable to HTTP response splitting, which allows remote attackers to inject arbitrary HTTP headers via CRLF sequences when unsanitized. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Armeria
NVD GitHub
CVSS 3.1
6.5
EPSS
1.0%
EPSS 1% CVSS 9.1
CRITICAL PATCH Act Now

A vulnerability has been identified in armeria-saml versions less than 1.27.2, allowing the use of malicious SAML messages to bypass authentication. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Armeria
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Armeria is a microservice framework Spring supports Matrix variables. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Java Authentication Bypass Armeria
NVD GitHub
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Armeria is an open source microservice framework. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Armeria
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Versions of Armeria 0.85.0 through and including 0.96.0 are vulnerable to HTTP response splitting, which allows remote attackers to inject arbitrary HTTP headers via CRLF sequences when unsanitized. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Armeria
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy