VYPR

CWE-178

Improper Handling of Case Sensitivity

BaseIncomplete

Description

The product does not properly account for differences in case sensitivity when accessing or determining the properties of a resource, leading to inconsistent results.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (67)

page 4 of 4
  • CVE-2023-4759Sep 12, 2023
    risk 0.00cvss epss 0.02

    Arbitrary File Overwrite in Eclipse JGit <= 6.6.0 In Eclipse JGit, all versions <= 6.6.0.202305301015-r, a symbolic link present in a specially crafted git repository can be used to write a file to locations outside the working tree when this repository is cloned with JGit to a…

  • CVE-2021-32163Feb 17, 2023
    risk 0.00cvss epss 0.01

    Authentication vulnerability in MOSN v.0.23.0 allows attacker to escalate privileges via case-sensitive JWT authorization.

  • CVE-2022-22968Apr 14, 2022
    risk 0.00cvss epss 0.05

    In Spring Framework versions 5.3.0 - 5.3.18, 5.2.0 - 5.2.20, and older unsupported versions, the patterns for disallowedFields on a DataBinder are case sensitive which means a field is not effectively protected unless it is listed with both upper and lower case for the first…

  • CVE-2021-39134Aug 31, 2021
    risk 0.00cvss epss 0.01

    `@npmcli/arborist`, the library that calculates dependency trees and manages the `node_modules` folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be met, and the extraction of package contents will always be performed…

  • CVE-2021-39155Aug 24, 2021
    risk 0.00cvss epss 0.01

    Istio is an open source platform for providing a uniform way to integrate microservices, manage traffic flow across microservices, enforce policies and aggregate telemetry data. According to [RFC 4343](https://datatracker.ietf.org/doc/html/rfc4343), Istio authorization policy…

  • CVE-2020-15234Oct 2, 2020
    risk 0.00cvss epss 0.01

    ORY Fosite is a security first OAuth2 & OpenID Connect framework for Go. In Fosite before version 0.34.1, the OAuth 2.0 Client's registered redirect URLs and the redirect URL provided at the OAuth2 Authorization Endpoint where compared using strings.ToLower while they should…

  • CVE-2020-5301Apr 21, 2020
    risk 0.00cvss epss 0.01

    SimpleSAMLphp versions before 1.18.6 contain an information disclosure vulnerability. The module controller in `SimpleSAML\Module` that processes requests for pages hosted by modules, has code to identify paths ending with `.php` and process those as PHP code. If no other…