Hypr Server
Approved changes feed: RSS · Atom
cpe:2.3:a:hypr:hypr_server:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Hypr (e9432917-f184-5ccb-a675-4b4fd29a5f75) |
|---|---|
| Product | Hypr Server (f2c884d5-54cd-5fb2-9ef7-a3a518a2b5b5) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-8273 |
vulnerable | 2026-06-08 07:00:23.464579 |
Details available
Authentication Bypass by Spoofing vulnerability in HYPR Server allows Identity Spoofing.This issue affects Server: before 10.1.
Published: 2025-12-11T16:29:32.528Z
Updated: 2025-12-18T20:50:33.535Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-1837 |
vulnerable | 2026-06-08 05:52:37.115974 |
Details available
HIGH (8.5)
Missing Authentication for critical function vulnerability in HYPR Server allows Authentication Bypass when using Legacy APIs.This issue affects HYPR Server: before 8.0 (with enabled Legacy APIs)
Published: 2023-05-23T18:23:04.113Z
Updated: 2025-01-17T17:44:58.132Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-2193 |
vulnerable | 2026-06-08 05:42:50.422192 |
Details available
HIGH (7.5)
Insecure Direct Object Reference vulnerability in HYPR Server before version 6.14.1 allows remote authenticated attackers to add a FIDO2 authenticator to arbitrary accounts via parameter tampering in the Device Manager page. This issue affects: HYPR Server versions prior to 6.14.1.
Published: 2022-07-19T14:07:50.000Z
Updated: 2024-08-03T00:32:08.887Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-2192 |
vulnerable | 2026-06-08 05:42:50.421802 |
Details available
HIGH (7.5)
Forced Browsing vulnerability in HYPR Server version 6.10 to 6.15.1 allows remote attackers with a valid one-time recovery token to elevate privileges via path tampering in the Magic Link page. This issue affects: HYPR Server versions later than 6.10; version 6.15.1 and prior versions.
Published: 2022-07-19T14:07:38.000Z
Updated: 2024-08-03T00:32:08.717Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.