Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Spnego Http Authentication Module Project Subscribe
Filtered by product Spnego Http Authentication Module
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-21335 1 Spnego Http Authentication Module Project 1 Spnego Http Authentication Module 2021-03-12 7.5 HIGH 9.8 CRITICAL
In the SPNEGO HTTP Authentication Module for nginx (spnego-http-auth-nginx-module) before version 1.1.1 basic Authentication can be bypassed using a malformed username. This affects users of spnego-http-auth-nginx-module that have enabled basic authentication. This is fixed in version 1.1.1 of spnego-http-auth-nginx-module. As a workaround, one may disable basic authentication.