feemstr / webgoat_2.0_8.1.0 Goto Github PK
View Code? Open in Web Editor NEWLicense: Other
License: Other
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (jjwt version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2022-42004 | High | 7.5 | jackson-databind-2.10.1.jar | Transitive | 0.12.0 | ✅ |
CVE-2022-42003 | High | 7.5 | jackson-databind-2.10.1.jar | Transitive | 0.12.0 | ✅ |
CVE-2021-46877 | High | 7.5 | jackson-databind-2.10.1.jar | Transitive | 0.8.0 | ✅ |
CVE-2020-36518 | High | 7.5 | jackson-databind-2.10.1.jar | Transitive | 0.12.0 | ✅ |
CVE-2020-25649 | High | 7.5 | jackson-databind-2.10.1.jar | Transitive | 0.8.0 | ✅ |
WS-2021-0616 | Medium | 5.9 | jackson-databind-2.10.1.jar | Transitive | 0.8.0 | ✅ |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
General data-binding functionality for Jackson: works on core streaming API
Library home page: http://github.com/FasterXML/jackson
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.
Publish Date: 2022-10-02
URL: CVE-2022-42004
Base Score Metrics:
Type: Upgrade version
Release Date: 2022-10-02
Fix Resolution (com.fasterxml.jackson.core:jackson-databind): 2.12.7.1
Direct dependency fix Resolution (io.jsonwebtoken:jjwt): 0.12.0
⛑️ Automatic Remediation will be attempted for this issue.
General data-binding functionality for Jackson: works on core streaming API
Library home page: http://github.com/FasterXML/jackson
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled.
Publish Date: 2022-10-02
URL: CVE-2022-42003
Base Score Metrics:
Type: Upgrade version
Release Date: 2022-10-02
Fix Resolution (com.fasterxml.jackson.core:jackson-databind): 2.12.7.1
Direct dependency fix Resolution (io.jsonwebtoken:jjwt): 0.12.0
⛑️ Automatic Remediation will be attempted for this issue.
General data-binding functionality for Jackson: works on core streaming API
Library home page: http://github.com/FasterXML/jackson
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
jackson-databind 2.10.x through 2.12.x before 2.12.6 and 2.13.x before 2.13.1 allows attackers to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization.
Publish Date: 2023-03-18
URL: CVE-2021-46877
Base Score Metrics:
Type: Upgrade version
Origin: https://www.cve.org/CVERecord?id=CVE-2021-46877
Release Date: 2023-03-18
Fix Resolution (com.fasterxml.jackson.core:jackson-databind): 2.12.6
Direct dependency fix Resolution (io.jsonwebtoken:jjwt): 0.8.0
⛑️ Automatic Remediation will be attempted for this issue.
General data-binding functionality for Jackson: works on core streaming API
Library home page: http://github.com/FasterXML/jackson
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.
Mend Note: After conducting further research, Mend has determined that all versions of com.fasterxml.jackson.core:jackson-databind up to version 2.13.2 are vulnerable to CVE-2020-36518.
Publish Date: 2022-03-11
URL: CVE-2020-36518
Base Score Metrics:
Type: Upgrade version
Release Date: 2022-03-11
Fix Resolution (com.fasterxml.jackson.core:jackson-databind): 2.12.6.1
Direct dependency fix Resolution (io.jsonwebtoken:jjwt): 0.12.0
⛑️ Automatic Remediation will be attempted for this issue.
General data-binding functionality for Jackson: works on core streaming API
Library home page: http://github.com/FasterXML/jackson
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.
Publish Date: 2020-12-03
URL: CVE-2020-25649
Base Score Metrics:
Type: Upgrade version
Release Date: 2020-12-03
Fix Resolution (com.fasterxml.jackson.core:jackson-databind): 2.10.5.1
Direct dependency fix Resolution (io.jsonwebtoken:jjwt): 0.8.0
⛑️ Automatic Remediation will be attempted for this issue.
General data-binding functionality for Jackson: works on core streaming API
Library home page: http://github.com/FasterXML/jackson
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
FasterXML jackson-databind before 2.12.6 and 2.13.1 there is DoS when using JDK serialization to serialize JsonNode.
Publish Date: 2021-11-20
URL: WS-2021-0616
Base Score Metrics:
Type: Upgrade version
Release Date: 2021-11-20
Fix Resolution (com.fasterxml.jackson.core:jackson-databind): 2.10.2
Direct dependency fix Resolution (io.jsonwebtoken:jjwt): 0.8.0
⛑️ Automatic Remediation will be attempted for this issue.
⛑️Automatic Remediation will be attempted for this issue.
WebJar for jQuery
Library home page: http://webjars.org
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/webjars/jquery/3.2.1/jquery-3.2.1.jar,/home/wss-scanner/.m2/repository/org/webjars/jquery/3.2.1/jquery-3.2.1.jar
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (jquery version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2020-11023 | Medium | 6.1 | jquery-3.2.1.jar | Direct | 3.5.0 | ✅ |
CVE-2020-11022 | Medium | 6.1 | jquery-3.2.1.jar | Direct | 3.5.0 | ✅ |
CVE-2019-11358 | Medium | 6.1 | jquery-3.2.1.jar | Direct | 3.4.0 | ✅ |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
WebJar for jQuery
Library home page: http://webjars.org
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/webjars/jquery/3.2.1/jquery-3.2.1.jar,/home/wss-scanner/.m2/repository/org/webjars/jquery/3.2.1/jquery-3.2.1.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Publish Date: 2020-04-29
URL: CVE-2020-11023
Base Score Metrics:
Type: Upgrade version
Release Date: 2020-04-29
Fix Resolution: 3.5.0
⛑️ Automatic Remediation will be attempted for this issue.
WebJar for jQuery
Library home page: http://webjars.org
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/webjars/jquery/3.2.1/jquery-3.2.1.jar,/home/wss-scanner/.m2/repository/org/webjars/jquery/3.2.1/jquery-3.2.1.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Publish Date: 2020-04-29
URL: CVE-2020-11022
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022
Release Date: 2020-04-29
Fix Resolution: 3.5.0
⛑️ Automatic Remediation will be attempted for this issue.
WebJar for jQuery
Library home page: http://webjars.org
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/webjars/jquery/3.2.1/jquery-3.2.1.jar,/home/wss-scanner/.m2/repository/org/webjars/jquery/3.2.1/jquery-3.2.1.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype.
Publish Date: 2019-04-20
URL: CVE-2019-11358
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358
Release Date: 2019-04-20
Fix Resolution: 3.4.0
⛑️ Automatic Remediation will be attempted for this issue.
⛑️Automatic Remediation will be attempted for this issue.
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.1.1/js/bootstrap.min.js
Path to vulnerable library: /webgoat-lessons/challenge/target/classes/js/bootstrap.min.js,/webgoat-lessons/challenge/src/main/resources/js/bootstrap.min.js
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (bootstrap version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2019-8331 | Medium | 6.1 | bootstrap-3.1.1.min.js | Direct | bootstrap - 3.4.1,4.3.1;bootstrap-sass - 3.4.1,4.3.1 | ❌ |
CVE-2018-20677 | Medium | 6.1 | bootstrap-3.1.1.min.js | Direct | Bootstrap - v3.4.0;NorDroN.AngularTemplate - 0.1.6;Dynamic.NET.Express.ProjectTemplates - 0.8.0;dotnetng.template - 1.0.0.4;ZNxtApp.Core.Module.Theme - 1.0.9-Beta;JMeter - 5.0.0 | ❌ |
CVE-2018-20676 | Medium | 6.1 | bootstrap-3.1.1.min.js | Direct | bootstrap - 3.4.0 | ❌ |
CVE-2018-14042 | Medium | 6.1 | bootstrap-3.1.1.min.js | Direct | bootstrap - 3.4.0,4.1.2 | ❌ |
CVE-2016-10735 | Medium | 6.1 | bootstrap-3.1.1.min.js | Direct | bootstrap - 3.4.0, 4.0.0-beta.2 | ❌ |
CVE-2018-14040 | Low | 3.7 | bootstrap-3.1.1.min.js | Direct | bootstrap - 3.4.0,4.1.2 | ❌ |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.1.1/js/bootstrap.min.js
Path to vulnerable library: /webgoat-lessons/challenge/target/classes/js/bootstrap.min.js,/webgoat-lessons/challenge/src/main/resources/js/bootstrap.min.js
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
Publish Date: 2019-02-20
URL: CVE-2019-8331
Base Score Metrics:
Type: Upgrade version
Release Date: 2019-02-20
Fix Resolution: bootstrap - 3.4.1,4.3.1;bootstrap-sass - 3.4.1,4.3.1
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.1.1/js/bootstrap.min.js
Path to vulnerable library: /webgoat-lessons/challenge/target/classes/js/bootstrap.min.js,/webgoat-lessons/challenge/src/main/resources/js/bootstrap.min.js
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
Publish Date: 2019-01-09
URL: CVE-2018-20677
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20677
Release Date: 2019-01-09
Fix Resolution: Bootstrap - v3.4.0;NorDroN.AngularTemplate - 0.1.6;Dynamic.NET.Express.ProjectTemplates - 0.8.0;dotnetng.template - 1.0.0.4;ZNxtApp.Core.Module.Theme - 1.0.9-Beta;JMeter - 5.0.0
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.1.1/js/bootstrap.min.js
Path to vulnerable library: /webgoat-lessons/challenge/target/classes/js/bootstrap.min.js,/webgoat-lessons/challenge/src/main/resources/js/bootstrap.min.js
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
Publish Date: 2019-01-09
URL: CVE-2018-20676
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20676
Release Date: 2019-01-09
Fix Resolution: bootstrap - 3.4.0
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.1.1/js/bootstrap.min.js
Path to vulnerable library: /webgoat-lessons/challenge/target/classes/js/bootstrap.min.js,/webgoat-lessons/challenge/src/main/resources/js/bootstrap.min.js
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
Publish Date: 2018-07-13
URL: CVE-2018-14042
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2018-14042
Release Date: 2018-07-13
Fix Resolution: bootstrap - 3.4.0,4.1.2
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.1.1/js/bootstrap.min.js
Path to vulnerable library: /webgoat-lessons/challenge/target/classes/js/bootstrap.min.js,/webgoat-lessons/challenge/src/main/resources/js/bootstrap.min.js
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
Mend Note: Converted from WS-2018-0021, on 2022-11-08.
Publish Date: 2019-01-09
URL: CVE-2016-10735
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10735
Release Date: 2019-01-09
Fix Resolution: bootstrap - 3.4.0, 4.0.0-beta.2
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.1.1/js/bootstrap.min.js
Path to vulnerable library: /webgoat-lessons/challenge/target/classes/js/bootstrap.min.js,/webgoat-lessons/challenge/src/main/resources/js/bootstrap.min.js
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
Publish Date: 2018-07-13
URL: CVE-2018-14040
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2018-14040
Release Date: 2018-07-13
Fix Resolution: bootstrap - 3.4.0,4.1.2
Path to dependency file: /webgoat-server/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-webmvc/5.2.2.RELEASE/spring-webmvc-5.2.2.RELEASE.jar
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (spring-boot-starter-web version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2022-22965 | Critical | 9.8 | spring-beans-5.2.2.RELEASE.jar | Transitive | 2.4.0 | ✅ |
CVE-2022-1471 | Critical | 9.8 | snakeyaml-1.25.jar | Transitive | 3.2.0 | ✅ |
CVE-2016-1000027 | Critical | 9.8 | spring-web-5.2.2.RELEASE.jar | Transitive | 2.4.0 | ✅ |
CVE-2024-22262 | High | 8.1 | spring-web-5.2.2.RELEASE.jar | Transitive | 3.0.0 | ✅ |
CVE-2024-22259 | High | 8.1 | spring-web-5.2.2.RELEASE.jar | Transitive | 3.0.0 | ✅ |
CVE-2024-22243 | High | 8.1 | spring-web-5.2.2.RELEASE.jar | Transitive | 3.0.0 | ✅ |
CVE-2022-27772 | High | 7.8 | spring-boot-2.2.2.RELEASE.jar | Transitive | 2.2.11.RELEASE | ✅ |
CVE-2021-22118 | High | 7.8 | spring-web-5.2.2.RELEASE.jar | Transitive | 2.3.11.RELEASE | ✅ |
CVE-2023-6481 | High | 7.5 | logback-core-1.2.3.jar | Transitive | 3.2.1 | ✅ |
CVE-2023-6378 | High | 7.5 | logback-classic-1.2.3.jar | Transitive | 3.2.1 | ✅ |
CVE-2023-20883 | High | 7.5 | spring-boot-autoconfigure-2.2.2.RELEASE.jar | Transitive | 2.5.15 | ✅ |
CVE-2022-25857 | High | 7.5 | snakeyaml-1.25.jar | Transitive | 3.0.0 | ✅ |
CVE-2020-5398 | High | 7.5 | spring-web-5.2.2.RELEASE.jar | Transitive | 2.2.3.RELEASE | ✅ |
CVE-2017-18640 | High | 7.5 | snakeyaml-1.25.jar | Transitive | 2.3.0.RELEASE | ✅ |
CVE-2021-42550 | Medium | 6.6 | detected in multiple dependencies | Transitive | 2.5.8 | ✅ |
CVE-2023-34055 | Medium | 6.5 | spring-boot-2.2.2.RELEASE.jar | Transitive | 2.7.18 | ✅ |
CVE-2023-20863 | Medium | 6.5 | spring-expression-5.2.2.RELEASE.jar | Transitive | 2.4.0 | ✅ |
CVE-2023-20861 | Medium | 6.5 | spring-expression-5.2.2.RELEASE.jar | Transitive | 2.4.0 | ✅ |
CVE-2022-38752 | Medium | 6.5 | snakeyaml-1.25.jar | Transitive | 3.0.0 | ✅ |
CVE-2022-38751 | Medium | 6.5 | snakeyaml-1.25.jar | Transitive | 3.0.0 | ✅ |
CVE-2022-38749 | Medium | 6.5 | snakeyaml-1.25.jar | Transitive | 3.0.0 | ✅ |
CVE-2022-22950 | Medium | 6.5 | spring-expression-5.2.2.RELEASE.jar | Transitive | 2.4.0 | ✅ |
CVE-2020-5421 | Medium | 6.5 | spring-web-5.2.2.RELEASE.jar | Transitive | 2.2.10.RELEASE | ✅ |
CVE-2023-1932 | Medium | 6.1 | hibernate-validator-6.0.18.Final.jar | Transitive | 2.3.0.RELEASE | ✅ |
CVE-2022-41854 | Medium | 5.8 | snakeyaml-1.25.jar | Transitive | 3.0.0 | ✅ |
CVE-2022-38750 | Medium | 5.5 | snakeyaml-1.25.jar | Transitive | 3.0.0 | ✅ |
CVE-2022-22970 | Medium | 5.3 | detected in multiple dependencies | Transitive | 2.4.0 | ✅ |
CVE-2022-22968 | Medium | 5.3 | spring-context-5.2.2.RELEASE.jar | Transitive | 2.4.0 | ✅ |
CVE-2020-5397 | Medium | 5.3 | detected in multiple dependencies | Transitive | 2.2.3.RELEASE | ✅ |
CVE-2020-10693 | Medium | 5.3 | hibernate-validator-6.0.18.Final.jar | Transitive | 2.2.8.RELEASE | ✅ |
CVE-2021-22096 | Medium | 4.3 | detected in multiple dependencies | Transitive | 2.4.0 | ✅ |
CVE-2021-22060 | Medium | 4.3 | detected in multiple dependencies | Transitive | 2.4.0 | ✅ |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Partial details (21 vulnerabilities) are displayed below due to a content size limitation in GitHub. To view information on the remaining vulnerabilities, navigate to the Mend Application.
Spring Beans
Library home page: https://github.com/spring-projects/spring-framework
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-beans/5.2.2.RELEASE/spring-beans-5.2.2.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
Mend Note: Converted from WS-2022-0107, on 2022-11-07.
Publish Date: 2022-04-01
URL: CVE-2022-22965
Base Score Metrics:
Type: Upgrade version
Origin: https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement
Release Date: 2022-04-01
Fix Resolution (org.springframework:spring-beans): 5.2.20.RELEASE
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-web): 2.4.0
⛑️ Automatic Remediation will be attempted for this issue.
YAML 1.1 parser and emitter for Java
Library home page: http://www.snakeyaml.org
Path to dependency file: /webgoat-container/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar,/home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar,/home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar,/home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization. We recommend upgrading to version 2.0 and beyond.
Publish Date: 2022-12-01
URL: CVE-2022-1471
Base Score Metrics:
Type: Upgrade version
Origin: https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64634374
Release Date: 2022-12-01
Fix Resolution (org.yaml:snakeyaml): 2.0
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-web): 3.2.0
⛑️ Automatic Remediation will be attempted for this issue.
Spring Web
Library home page: https://github.com/spring-projects/spring-framework
Path to dependency file: /webgoat-container/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/5.2.2.RELEASE/spring-web-5.2.2.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
Pivotal Spring Framework through 5.3.16 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication may be required. NOTE: the vendor's position is that untrusted data is not an intended use case. The product's behavior will not be changed because some users rely on deserialization of trusted data.
Mend Note: After conducting further research, Mend has determined that all versions of spring-web up to version 6.0.0 are vulnerable to CVE-2016-1000027.
Publish Date: 2020-01-02
URL: CVE-2016-1000027
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-4wrc-f8pq-fpqp
Release Date: 2020-01-02
Fix Resolution (org.springframework:spring-web): 5.2.23.RELEASE
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-web): 2.4.0
⛑️ Automatic Remediation will be attempted for this issue.
Spring Web
Library home page: https://github.com/spring-projects/spring-framework
Path to dependency file: /webgoat-container/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/5.2.2.RELEASE/spring-web-5.2.2.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used after passing validation checks.
This is the same as CVE-2024-22259 https://spring.io/security/cve-2024-22259 and CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.
Publish Date: 2024-04-16
URL: CVE-2024-22262
Base Score Metrics:
Type: Upgrade version
Origin: https://spring.io/security/cve-2024-22262
Release Date: 2024-04-16
Fix Resolution (org.springframework:spring-web): 5.3.34
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-web): 3.0.0
⛑️ Automatic Remediation will be attempted for this issue.
Spring Web
Library home page: https://github.com/spring-projects/spring-framework
Path to dependency file: /webgoat-container/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/5.2.2.RELEASE/spring-web-5.2.2.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
Applications that use UriComponentsBuilder in Spring Framework to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used after passing validation checks.
This is the same as CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.
Publish Date: 2024-03-16
URL: CVE-2024-22259
Base Score Metrics:
Type: Upgrade version
Origin: https://spring.io/security/cve-2024-22259
Release Date: 2024-03-16
Fix Resolution (org.springframework:spring-web): 5.3.33
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-web): 3.0.0
⛑️ Automatic Remediation will be attempted for this issue.
Spring Web
Library home page: https://github.com/spring-projects/spring-framework
Path to dependency file: /webgoat-container/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/5.2.2.RELEASE/spring-web-5.2.2.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to a SSRF attack if the URL is used after passing validation checks.
Publish Date: 2024-02-23
URL: CVE-2024-22243
Base Score Metrics:
Type: Upgrade version
Origin: https://spring.io/security/cve-2024-22243
Release Date: 2024-02-23
Fix Resolution (org.springframework:spring-web): 5.3.32
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-web): 3.0.0
⛑️ Automatic Remediation will be attempted for this issue.
Spring Boot
Library home page: https://projects.spring.io/spring-boot/#/spring-boot-parent/spring-boot
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/boot/spring-boot/2.2.2.RELEASE/spring-boot-2.2.2.RELEASE.jar,/home/wss-scanner/.m2/repository/org/springframework/boot/spring-boot/2.2.2.RELEASE/spring-boot-2.2.2.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
spring-boot versions prior to version v2.2.11.RELEASE was vulnerable to temporary directory hijacking. This vulnerability impacted the org.springframework.boot.web.server.AbstractConfigurableWebServerFactory.createTempDir method. NOTE: This vulnerability only affects products and/or versions that are no longer supported by the maintainer
Publish Date: 2022-03-30
URL: CVE-2022-27772
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-cm59-pr5q-cw85
Release Date: 2022-03-30
Fix Resolution (org.springframework.boot:spring-boot): 2.2.11.RELEASE
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-web): 2.2.11.RELEASE
⛑️ Automatic Remediation will be attempted for this issue.
Spring Web
Library home page: https://github.com/spring-projects/spring-framework
Path to dependency file: /webgoat-container/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/5.2.2.RELEASE/spring-web-5.2.2.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFlux application, or overwrite arbitrary files with multipart request data.
Publish Date: 2021-05-27
URL: CVE-2021-22118
Base Score Metrics:
Type: Upgrade version
Origin: https://tanzu.vmware.com/security/cve-2021-22118
Release Date: 2021-05-27
Fix Resolution (org.springframework:spring-web): 5.2.15.RELEASE
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-web): 2.3.11.RELEASE
⛑️ Automatic Remediation will be attempted for this issue.
logback-core module
Library home page: http://logback.qos.ch
Path to dependency file: /webgoat-server/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/ch/qos/logback/logback-core/1.2.3/logback-core-1.2.3.jar,/home/wss-scanner/.m2/repository/ch/qos/logback/logback-core/1.2.3/logback-core-1.2.3.jar,/home/wss-scanner/.m2/repository/ch/qos/logback/logback-core/1.2.3/logback-core-1.2.3.jar,/home/wss-scanner/.m2/repository/ch/qos/logback/logback-core/1.2.3/logback-core-1.2.3.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A serialization vulnerability in logback receiver component part of
logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service
attack by sending poisoned data.
Publish Date: 2023-12-04
URL: CVE-2023-6481
Base Score Metrics:
Type: Upgrade version
Origin: https://www.cve.org/CVERecord?id=CVE-2023-6481
Release Date: 2023-12-04
Fix Resolution (ch.qos.logback:logback-core): 1.2.13
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-web): 3.2.1
⛑️ Automatic Remediation will be attempted for this issue.
logback-classic module
Library home page: http://logback.qos.ch
Path to dependency file: /webgoat-container/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/ch/qos/logback/logback-classic/1.2.3/logback-classic-1.2.3.jar,/home/wss-scanner/.m2/repository/ch/qos/logback/logback-classic/1.2.3/logback-classic-1.2.3.jar,/home/wss-scanner/.m2/repository/ch/qos/logback/logback-classic/1.2.3/logback-classic-1.2.3.jar,/home/wss-scanner/.m2/repository/ch/qos/logback/logback-classic/1.2.3/logback-classic-1.2.3.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A serialization vulnerability in logback receiver component part of
logback version 1.4.11 allows an attacker to mount a Denial-Of-Service
attack by sending poisoned data.
Publish Date: 2023-11-29
URL: CVE-2023-6378
Base Score Metrics:
Type: Upgrade version
Origin: https://logback.qos.ch/news.html#1.3.12
Release Date: 2023-11-29
Fix Resolution (ch.qos.logback:logback-classic): 1.2.13
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-web): 3.2.1
⛑️ Automatic Remediation will be attempted for this issue.
Spring Boot AutoConfigure
Library home page: https://projects.spring.io/spring-boot/#/spring-boot-parent/spring-boot-autoconfigure
Path to dependency file: /webgoat-server/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/boot/spring-boot-autoconfigure/2.2.2.RELEASE/spring-boot-autoconfigure-2.2.2.RELEASE.jar,/home/wss-scanner/.m2/repository/org/springframework/boot/spring-boot-autoconfigure/2.2.2.RELEASE/spring-boot-autoconfigure-2.2.2.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Spring Boot versions 3.0.0 - 3.0.6, 2.7.0 - 2.7.11, 2.6.0 - 2.6.14, 2.5.0 - 2.5.14 and older unsupported versions, there is potential for a denial-of-service (DoS) attack if Spring MVC is used together with a reverse proxy cache.
Publish Date: 2023-05-26
URL: CVE-2023-20883
Base Score Metrics:
Type: Upgrade version
Origin: https://spring.io/security/cve-2023-20883
Release Date: 2023-05-26
Fix Resolution (org.springframework.boot:spring-boot-autoconfigure): 2.5.15
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-web): 2.5.15
⛑️ Automatic Remediation will be attempted for this issue.
YAML 1.1 parser and emitter for Java
Library home page: http://www.snakeyaml.org
Path to dependency file: /webgoat-container/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar,/home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar,/home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar,/home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.
Publish Date: 2022-08-30
URL: CVE-2022-25857
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25857
Release Date: 2022-08-30
Fix Resolution (org.yaml:snakeyaml): 1.31
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-web): 3.0.0
⛑️ Automatic Remediation will be attempted for this issue.
Spring Web
Library home page: https://github.com/spring-projects/spring-framework
Path to dependency file: /webgoat-container/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/5.2.2.RELEASE/spring-web-5.2.2.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input.
Publish Date: 2020-01-17
URL: CVE-2020-5398
Base Score Metrics:
Type: Upgrade version
Origin: https://pivotal.io/security/cve-2020-5398
Release Date: 2020-01-17
Fix Resolution (org.springframework:spring-web): 5.2.3.RELEASE
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-web): 2.2.3.RELEASE
⛑️ Automatic Remediation will be attempted for this issue.
YAML 1.1 parser and emitter for Java
Library home page: http://www.snakeyaml.org
Path to dependency file: /webgoat-container/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar,/home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar,/home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar,/home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564.
Publish Date: 2019-12-12
URL: CVE-2017-18640
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18640
Release Date: 2019-12-12
Fix Resolution (org.yaml:snakeyaml): 1.26
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-web): 2.3.0.RELEASE
⛑️ Automatic Remediation will be attempted for this issue.
logback-core module
Library home page: http://logback.qos.ch
Path to dependency file: /webgoat-server/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/ch/qos/logback/logback-core/1.2.3/logback-core-1.2.3.jar,/home/wss-scanner/.m2/repository/ch/qos/logback/logback-core/1.2.3/logback-core-1.2.3.jar,/home/wss-scanner/.m2/repository/ch/qos/logback/logback-core/1.2.3/logback-core-1.2.3.jar,/home/wss-scanner/.m2/repository/ch/qos/logback/logback-core/1.2.3/logback-core-1.2.3.jar
Dependency Hierarchy:
logback-classic module
Library home page: http://logback.qos.ch
Path to dependency file: /webgoat-container/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/ch/qos/logback/logback-classic/1.2.3/logback-classic-1.2.3.jar,/home/wss-scanner/.m2/repository/ch/qos/logback/logback-classic/1.2.3/logback-classic-1.2.3.jar,/home/wss-scanner/.m2/repository/ch/qos/logback/logback-classic/1.2.3/logback-classic-1.2.3.jar,/home/wss-scanner/.m2/repository/ch/qos/logback/logback-classic/1.2.3/logback-classic-1.2.3.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.
Mend Note: Converted from WS-2021-0491, on 2022-11-07.
Publish Date: 2021-12-16
URL: CVE-2021-42550
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=VE-2021-42550
Release Date: 2021-12-16
Fix Resolution (ch.qos.logback:logback-core): 1.2.8
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-web): 2.5.8
Fix Resolution (ch.qos.logback:logback-classic): 1.2.8
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-web): 2.5.8
⛑️ Automatic Remediation will be attempted for this issue.
Spring Boot
Library home page: https://projects.spring.io/spring-boot/#/spring-boot-parent/spring-boot
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/boot/spring-boot/2.2.2.RELEASE/spring-boot-2.2.2.RELEASE.jar,/home/wss-scanner/.m2/repository/org/springframework/boot/spring-boot/2.2.2.RELEASE/spring-boot-2.2.2.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Spring Boot versions 2.7.0 - 2.7.17, 3.0.0-3.0.12 and 3.1.0-3.1.5, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.
Specifically, an application is vulnerable when all of the following are true:
Publish Date: 2023-11-28
URL: CVE-2023-34055
Base Score Metrics:
Type: Upgrade version
Origin: https://spring.io/security/cve-2023-34055
Release Date: 2023-11-28
Fix Resolution (org.springframework.boot:spring-boot): 2.7.18
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-web): 2.7.18
⛑️ Automatic Remediation will be attempted for this issue.
Spring Expression Language (SpEL)
Library home page: https://github.com/spring-projects/spring-framework
Path to dependency file: /webgoat-container/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-expression/5.2.2.RELEASE/spring-expression-5.2.2.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In spring framework versions prior to 5.2.24 release+ ,5.3.27+ and 6.0.8+ , it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition.
Publish Date: 2023-04-13
URL: CVE-2023-20863
Base Score Metrics:
Type: Upgrade version
Origin: https://spring.io/security/cve-2023-20863
Release Date: 2023-04-13
Fix Resolution (org.springframework:spring-expression): 5.2.24.RELEASE
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-web): 2.4.0
⛑️ Automatic Remediation will be attempted for this issue.
Spring Expression Language (SpEL)
Library home page: https://github.com/spring-projects/spring-framework
Path to dependency file: /webgoat-container/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-expression/5.2.2.RELEASE/spring-expression-5.2.2.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Spring Framework versions 6.0.0 - 6.0.6, 5.3.0 - 5.3.25, 5.2.0.RELEASE - 5.2.22.RELEASE, and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition.
Publish Date: 2023-03-23
URL: CVE-2023-20861
Base Score Metrics:
Type: Upgrade version
Origin: https://spring.io/security/cve-2023-20861
Release Date: 2023-03-23
Fix Resolution (org.springframework:spring-expression): 5.2.23.RELEASE
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-web): 2.4.0
⛑️ Automatic Remediation will be attempted for this issue.
YAML 1.1 parser and emitter for Java
Library home page: http://www.snakeyaml.org
Path to dependency file: /webgoat-container/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar,/home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar,/home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar,/home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow.
Publish Date: 2022-09-05
URL: CVE-2022-38752
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-9w3m-gqgf-c4p9
Release Date: 2022-09-05
Fix Resolution (org.yaml:snakeyaml): 1.32
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-web): 3.0.0
⛑️ Automatic Remediation will be attempted for this issue.
YAML 1.1 parser and emitter for Java
Library home page: http://www.snakeyaml.org
Path to dependency file: /webgoat-container/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar,/home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar,/home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar,/home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.
Publish Date: 2022-09-05
URL: CVE-2022-38751
Base Score Metrics:
Type: Upgrade version
Origin: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47039
Release Date: 2022-09-05
Fix Resolution (org.yaml:snakeyaml): 1.31
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-web): 3.0.0
⛑️ Automatic Remediation will be attempted for this issue.
YAML 1.1 parser and emitter for Java
Library home page: http://www.snakeyaml.org
Path to dependency file: /webgoat-container/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar,/home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar,/home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar,/home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.25/snakeyaml-1.25.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow.
Publish Date: 2022-09-05
URL: CVE-2022-38749
Base Score Metrics:
Type: Upgrade version
Origin: https://bitbucket.org/snakeyaml/snakeyaml/issues/526/stackoverflow-oss-fuzz-47027
Release Date: 2022-09-05
Fix Resolution (org.yaml:snakeyaml): 1.31
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-web): 3.0.0
⛑️ Automatic Remediation will be attempted for this issue.
⛑️Automatic Remediation will be attempted for this issue.
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/thymeleaf/thymeleaf/3.0.11.RELEASE/thymeleaf-3.0.11.RELEASE.jar
CVE | Severity | CVSS | Dependency | Type | Fixed in (spring-boot-starter-thymeleaf version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2023-38286 | High | 7.5 | thymeleaf-3.0.11.RELEASE.jar | Transitive | N/A* | ❌ |
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Modern server-side Java template engine for both web and standalone environments
Library home page: http://www.thymeleaf.org
Path to dependency file: /webgoat-server/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/thymeleaf/thymeleaf/3.0.11.RELEASE/thymeleaf-3.0.11.RELEASE.jar
Dependency Hierarchy:
Found in base branch: main
Thymeleaf through 3.1.1.RELEASE, as used in spring-boot-admin (aka Spring Boot Admin) through 3.1.1 and other products, allows sandbox bypass via crafted HTML. This may be relevant for SSTI (Server Side Template Injection) and code execution in spring-boot-admin if MailNotifier is enabled and there is write access to environment variables via the UI.
Publish Date: 2023-07-14
URL: CVE-2023-38286
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-7gj7-224w-vpr3
Release Date: 2023-07-14
Fix Resolution: de.codecentric:spring-boot-admin-server:3.1.2;rg.thymeleaf:thymeleaf:3.1.2.RELEASE
XStream is a serialization library from Java objects to XML and back.
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (xstream version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2021-21345 | Critical | 9.9 | xstream-1.4.5.jar | Direct | 1.4.16 | ✅ |
CVE-2021-21350 | Critical | 9.8 | xstream-1.4.5.jar | Direct | 1.4.16 | ✅ |
CVE-2021-21347 | Critical | 9.8 | xstream-1.4.5.jar | Direct | 1.4.16 | ✅ |
CVE-2021-21346 | Critical | 9.8 | xstream-1.4.5.jar | Direct | 1.4.16 | ✅ |
CVE-2021-21344 | Critical | 9.8 | xstream-1.4.5.jar | Direct | 1.4.16 | ✅ |
CVE-2013-7285 | Critical | 9.8 | xstream-1.4.5.jar | Direct | 1.4.10-java7 | ✅ |
CVE-2021-21351 | Critical | 9.1 | xstream-1.4.5.jar | Direct | 1.4.16 | ✅ |
CVE-2021-21342 | Critical | 9.1 | xstream-1.4.5.jar | Direct | 1.4.16 | ✅ |
CVE-2021-39139 | High | 8.8 | xstream-1.4.5.jar | Direct | 1.4.18 | ✅ |
CVE-2021-29505 | High | 8.8 | xstream-1.4.5.jar | Direct | 1.4.17 | ✅ |
CVE-2020-26217 | High | 8.8 | xstream-1.4.5.jar | Direct | 1.4.13-java7 | ✅ |
CVE-2021-21349 | High | 8.6 | xstream-1.4.5.jar | Direct | 1.4.16 | ✅ |
CVE-2021-39154 | High | 8.5 | xstream-1.4.5.jar | Direct | 1.4.18 | ✅ |
CVE-2021-39153 | High | 8.5 | xstream-1.4.5.jar | Direct | 1.4.18 | ✅ |
CVE-2021-39152 | High | 8.5 | xstream-1.4.5.jar | Direct | 1.4.18 | ✅ |
CVE-2021-39151 | High | 8.5 | xstream-1.4.5.jar | Direct | 1.4.18 | ✅ |
CVE-2021-39150 | High | 8.5 | xstream-1.4.5.jar | Direct | 1.4.18 | ✅ |
CVE-2021-39149 | High | 8.5 | xstream-1.4.5.jar | Direct | 1.4.18 | ✅ |
CVE-2021-39148 | High | 8.5 | xstream-1.4.5.jar | Direct | 1.4.18 | ✅ |
CVE-2021-39147 | High | 8.5 | xstream-1.4.5.jar | Direct | 1.4.18 | ✅ |
CVE-2021-39146 | High | 8.5 | xstream-1.4.5.jar | Direct | 1.4.18 | ✅ |
CVE-2021-39145 | High | 8.5 | xstream-1.4.5.jar | Direct | 1.4.18 | ✅ |
CVE-2021-39144 | High | 8.5 | xstream-1.4.5.jar | Direct | 1.4.18 | ✅ |
CVE-2021-39141 | High | 8.5 | xstream-1.4.5.jar | Direct | 1.4.18 | ✅ |
CVE-2020-26258 | High | 7.7 | xstream-1.4.5.jar | Direct | 1.4.14-jdk7 | ✅ |
CVE-2022-41966 | High | 7.5 | xstream-1.4.5.jar | Direct | 1.4.12-java7 | ✅ |
CVE-2022-40151 | High | 7.5 | xstream-1.4.5.jar | Direct | 1.4.20 | ✅ |
CVE-2021-43859 | High | 7.5 | xstream-1.4.5.jar | Direct | 1.4.6 | ✅ |
CVE-2021-21348 | High | 7.5 | xstream-1.4.5.jar | Direct | 1.4.16 | ✅ |
CVE-2021-21343 | High | 7.5 | xstream-1.4.5.jar | Direct | 1.4.16 | ✅ |
CVE-2021-21341 | High | 7.5 | xstream-1.4.5.jar | Direct | 1.4.16 | ✅ |
CVE-2017-7957 | High | 7.5 | xstream-1.4.5.jar | Direct | 1.4.10 | ✅ |
CVE-2016-3674 | High | 7.5 | xstream-1.4.5.jar | Direct | 1.4.9 | ✅ |
CVE-2020-26259 | Medium | 6.8 | xstream-1.4.5.jar | Direct | 1.4.14-jdk7 | ✅ |
CVE-2021-39140 | Medium | 6.3 | xstream-1.4.5.jar | Direct | 1.4.18 | ✅ |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Partial details (21 vulnerabilities) are displayed below due to a content size limitation in GitHub. To view information on the remaining vulnerabilities, navigate to the Mend Application.
XStream is a serialization library from Java objects to XML and back.
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker who has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16.
Publish Date: 2021-03-23
URL: CVE-2021-21345
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-hwpc-8xqv-jvj4
Release Date: 2021-03-23
Fix Resolution: 1.4.16
⛑️ Automatic Remediation will be attempted for this issue.
XStream is a serialization library from Java objects to XML and back.
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to execute arbitrary code only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16.
Publish Date: 2021-03-23
URL: CVE-2021-21350
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-43gc-mjxg-gvrq
Release Date: 2021-03-23
Fix Resolution: 1.4.16
⛑️ Automatic Remediation will be attempted for this issue.
XStream is a serialization library from Java objects to XML and back.
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16.
Publish Date: 2021-03-23
URL: CVE-2021-21347
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-qpfq-ph7r-qv6f
Release Date: 2021-03-23
Fix Resolution: 1.4.16
⛑️ Automatic Remediation will be attempted for this issue.
XStream is a serialization library from Java objects to XML and back.
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16.
Publish Date: 2021-03-23
URL: CVE-2021-21346
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-4hrm-m67v-5cxr
Release Date: 2021-03-23
Fix Resolution: 1.4.16
⛑️ Automatic Remediation will be attempted for this issue.
XStream is a serialization library from Java objects to XML and back.
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16.
Publish Date: 2021-03-23
URL: CVE-2021-21344
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-59jw-jqf4-3wq3
Release Date: 2021-03-23
Fix Resolution: 1.4.16
⛑️ Automatic Remediation will be attempted for this issue.
XStream is a serialization library from Java objects to XML and back.
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
Xstream API versions up to 1.4.6 and version 1.4.10, if the security framework has not been initialized, may allow a remote attacker to run arbitrary shell commands by manipulating the processed input stream when unmarshaling XML or any supported format. e.g. JSON.
Publish Date: 2019-05-15
URL: CVE-2013-7285
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7285
Release Date: 2019-05-15
Fix Resolution: 1.4.10-java7
⛑️ Automatic Remediation will be attempted for this issue.
XStream is a serialization library from Java objects to XML and back.
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16.
Publish Date: 2021-03-23
URL: CVE-2021-21351
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-hrcp-8f3q-4w2c
Release Date: 2021-03-23
Fix Resolution: 1.4.16
⛑️ Automatic Remediation will be attempted for this issue.
XStream is a serialization library from Java objects to XML and back.
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new instances based on these type information. An attacker can manipulate the processed input stream and replace or inject objects, that result in a server-side forgery request. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16.
Publish Date: 2021-03-23
URL: CVE-2021-21342
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-hvv8-336g-rx3m
Release Date: 2021-03-23
Fix Resolution: 1.4.16
⛑️ Automatic Remediation will be attempted for this issue.
XStream is a serialization library from Java objects to XML and back.
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. A user is only affected if using the version out of the box with JDK 1.7u21 or below. However, this scenario can be adjusted easily to an external Xalan that works regardless of the version of the Java runtime. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.
Publish Date: 2021-08-23
URL: CVE-2021-39139
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-64xx-cq4q-mf44
Release Date: 2021-08-23
Fix Resolution: 1.4.18
⛑️ Automatic Remediation will be attempted for this issue.
XStream is a serialization library from Java objects to XML and back.
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
XStream is software for serializing Java objects to XML and back again. A vulnerability in XStream versions prior to 1.4.17 may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types is affected. The vulnerability is patched in version 1.4.17.
Publish Date: 2021-05-28
URL: CVE-2021-29505
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-7chv-rrw6-w6fc
Release Date: 2021-05-28
Fix Resolution: 1.4.17
⛑️ Automatic Remediation will be attempted for this issue.
XStream is a serialization library from Java objects to XML and back.
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream. Only users who rely on blocklists are affected. Anyone using XStream's Security Framework allowlist is not affected. The linked advisory provides code workarounds for users who cannot upgrade. The issue is fixed in version 1.4.14.
Publish Date: 2020-11-16
URL: CVE-2020-26217
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-mw36-7c6c-q4q2
Release Date: 2020-11-16
Fix Resolution: 1.4.13-java7
⛑️ Automatic Remediation will be attempted for this issue.
XStream is a serialization library from Java objects to XML and back.
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16.
Publish Date: 2021-03-23
URL: CVE-2021-21349
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-f6hm-88x3-mfjv
Release Date: 2021-03-23
Fix Resolution: 1.4.16
⛑️ Automatic Remediation will be attempted for this issue.
XStream is a serialization library from Java objects to XML and back.
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.
Publish Date: 2021-08-23
URL: CVE-2021-39154
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-6w62-hx7r-mw68
Release Date: 2021-08-23
Fix Resolution: 1.4.18
⛑️ Automatic Remediation will be attempted for this issue.
XStream is a serialization library from Java objects to XML and back.
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream, if using the version out of the box with Java runtime version 14 to 8 or with JavaFX installed. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.
Publish Date: 2021-08-23
URL: CVE-2021-39153
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39153
Release Date: 2021-08-23
Fix Resolution: 1.4.18
⛑️ Automatic Remediation will be attempted for this issue.
XStream is a serialization library from Java objects to XML and back.
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream with a Java runtime version 14 to 8. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.18.
Publish Date: 2021-08-23
URL: CVE-2021-39152
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-xw4p-crpj-vjx2
Release Date: 2021-08-23
Fix Resolution: 1.4.18
⛑️ Automatic Remediation will be attempted for this issue.
XStream is a serialization library from Java objects to XML and back.
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.
Publish Date: 2021-08-23
URL: CVE-2021-39151
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-hph2-m3g5-xxv4
Release Date: 2021-08-23
Fix Resolution: 1.4.18
⛑️ Automatic Remediation will be attempted for this issue.
XStream is a serialization library from Java objects to XML and back.
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream with a Java runtime version 14 to 8. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.18.
Publish Date: 2021-08-23
URL: CVE-2021-39150
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-hph2-m3g5-xxv4
Release Date: 2021-08-23
Fix Resolution: 1.4.18
⛑️ Automatic Remediation will be attempted for this issue.
XStream is a serialization library from Java objects to XML and back.
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.
Publish Date: 2021-08-23
URL: CVE-2021-39149
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-3ccq-5vw3-2p6x
Release Date: 2021-08-23
Fix Resolution: 1.4.18
⛑️ Automatic Remediation will be attempted for this issue.
XStream is a serialization library from Java objects to XML and back.
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.
Publish Date: 2021-08-23
URL: CVE-2021-39148
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-qrx8-8545-4wg2
Release Date: 2021-08-23
Fix Resolution: 1.4.18
⛑️ Automatic Remediation will be attempted for this issue.
XStream is a serialization library from Java objects to XML and back.
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.
Publish Date: 2021-08-23
URL: CVE-2021-39147
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-h7v4-7xg3-hxcc
Release Date: 2021-08-23
Fix Resolution: 1.4.18
⛑️ Automatic Remediation will be attempted for this issue.
XStream is a serialization library from Java objects to XML and back.
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar,/home/wss-scanner/.m2/repository/com/thoughtworks/xstream/xstream/1.4.5/xstream-1.4.5.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.
Publish Date: 2021-08-23
URL: CVE-2021-39146
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-p8pq-r894-fm8f
Release Date: 2021-08-23
Fix Resolution: 1.4.18
⛑️ Automatic Remediation will be attempted for this issue.
⛑️Automatic Remediation will be attempted for this issue.
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library home page: https://registry.npmjs.org/bootstrap/-/bootstrap-4.2.1.tgz
Path to dependency file: /docs/package.json
Path to vulnerable library: /docs/package.json
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (bootstrap version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2019-8331 | Medium | 6.1 | bootstrap-4.2.1.tgz | Direct | 4.3.1 | ✅ |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
The most popular front-end framework for developing responsive, mobile first projects on the web.
Library home page: https://registry.npmjs.org/bootstrap/-/bootstrap-4.2.1.tgz
Path to dependency file: /docs/package.json
Path to vulnerable library: /docs/package.json
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
Publish Date: 2019-02-20
URL: CVE-2019-8331
Base Score Metrics:
Type: Upgrade version
Release Date: 2019-02-20
Fix Resolution: 4.3.1
⛑️ Automatic Remediation will be attempted for this issue.
⛑️Automatic Remediation will be attempted for this issue.
The Apache Commons IO library contains utility classes, stream implementations, file filters, file comparators, endian transformation classes, and much more.
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-io/commons-io/2.6/commons-io-2.6.jar,/home/wss-scanner/.m2/repository/commons-io/commons-io/2.6/commons-io-2.6.jar
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (commons-io version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2021-29425 | Medium | 4.8 | commons-io-2.6.jar | Direct | 2.7 | ✅ |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
The Apache Commons IO library contains utility classes, stream implementations, file filters, file comparators, endian transformation classes, and much more.
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-io/commons-io/2.6/commons-io-2.6.jar,/home/wss-scanner/.m2/repository/commons-io/commons-io/2.6/commons-io-2.6.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value.
Publish Date: 2021-04-13
URL: CVE-2021-29425
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29425
Release Date: 2021-04-13
Fix Resolution: 2.7
⛑️ Automatic Remediation will be attempted for this issue.
⛑️Automatic Remediation will be attempted for this issue.
HSQLDB - Lightweight 100% Java SQL Database Engine
Library home page: http://hsqldb.org
Path to dependency file: /webgoat-container/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/hsqldb/hsqldb/2.5.0/hsqldb-2.5.0.jar,/home/wss-scanner/.m2/repository/org/hsqldb/hsqldb/2.5.0/hsqldb-2.5.0.jar,/home/wss-scanner/.m2/repository/org/hsqldb/hsqldb/2.5.0/hsqldb-2.5.0.jar,/home/wss-scanner/.m2/repository/org/hsqldb/hsqldb/2.5.0/hsqldb-2.5.0.jar
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (hsqldb version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2022-41853 | Critical | 9.8 | hsqldb-2.5.0.jar | Direct | 2.7.1 | ✅ |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
HSQLDB - Lightweight 100% Java SQL Database Engine
Library home page: http://hsqldb.org
Path to dependency file: /webgoat-container/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/hsqldb/hsqldb/2.5.0/hsqldb-2.5.0.jar,/home/wss-scanner/.m2/repository/org/hsqldb/hsqldb/2.5.0/hsqldb-2.5.0.jar,/home/wss-scanner/.m2/repository/org/hsqldb/hsqldb/2.5.0/hsqldb-2.5.0.jar,/home/wss-scanner/.m2/repository/org/hsqldb/hsqldb/2.5.0/hsqldb-2.5.0.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb (HyperSQL DataBase) to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code execution. The issue can be prevented by updating to 2.7.1 or by setting the system property "hsqldb.method_class_names" to classes which are allowed to be called. For example, System.setProperty("hsqldb.method_class_names", "abc") or Java argument -Dhsqldb.method_class_names="abc" can be used. From version 2.7.1 all classes by default are not accessible except those in java.lang.Math and need to be manually enabled.
Publish Date: 2022-10-06
URL: CVE-2022-41853
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-77xx-rxvh-q682
Release Date: 2022-10-06
Fix Resolution: 2.7.1
⛑️ Automatic Remediation will be attempted for this issue.
⛑️Automatic Remediation will be attempted for this issue.
JavaScript library for DOM operations
Library home page: https://registry.npmjs.org/jquery/-/jquery-3.3.1.tgz
Path to dependency file: /docs/package.json
Path to vulnerable library: /docs/package.json
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (jquery version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2020-11023 | Medium | 6.1 | jquery-3.3.1.tgz | Direct | 3.5.0 | ✅ |
CVE-2020-11022 | Medium | 6.1 | jquery-3.3.1.tgz | Direct | 3.5.0 | ✅ |
CVE-2019-11358 | Medium | 6.1 | jquery-3.3.1.tgz | Direct | 3.4.0 | ✅ |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
JavaScript library for DOM operations
Library home page: https://registry.npmjs.org/jquery/-/jquery-3.3.1.tgz
Path to dependency file: /docs/package.json
Path to vulnerable library: /docs/package.json
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Publish Date: 2020-04-29
URL: CVE-2020-11023
Base Score Metrics:
Type: Upgrade version
Release Date: 2020-04-29
Fix Resolution: 3.5.0
⛑️ Automatic Remediation will be attempted for this issue.
JavaScript library for DOM operations
Library home page: https://registry.npmjs.org/jquery/-/jquery-3.3.1.tgz
Path to dependency file: /docs/package.json
Path to vulnerable library: /docs/package.json
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Publish Date: 2020-04-29
URL: CVE-2020-11022
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022
Release Date: 2020-04-29
Fix Resolution: 3.5.0
⛑️ Automatic Remediation will be attempted for this issue.
JavaScript library for DOM operations
Library home page: https://registry.npmjs.org/jquery/-/jquery-3.3.1.tgz
Path to dependency file: /docs/package.json
Path to vulnerable library: /docs/package.json
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype.
Publish Date: 2019-04-20
URL: CVE-2019-11358
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358
Release Date: 2019-04-20
Fix Resolution: 3.4.0
⛑️ Automatic Remediation will be attempted for this issue.
⛑️Automatic Remediation will be attempted for this issue.
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
Path to vulnerable library: /webgoat-container/src/main/resources/static/js/libs/jquery-2.1.4.min.js,/webgoat-container/target/classes/static/js/libs/jquery-2.1.4.min.js
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (jquery version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2020-11023 | Medium | 6.1 | jquery-2.1.4.min.js | Direct | jquery - 3.5.0;jquery-rails - 4.4.0 | ❌ |
CVE-2020-11022 | Medium | 6.1 | jquery-2.1.4.min.js | Direct | jQuery - 3.5.0 | ❌ |
CVE-2019-11358 | Medium | 6.1 | jquery-2.1.4.min.js | Direct | jquery - 3.4.0 | ❌ |
CVE-2015-9251 | Medium | 6.1 | jquery-2.1.4.min.js | Direct | jQuery - 3.0.0 | ❌ |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
Path to vulnerable library: /webgoat-container/src/main/resources/static/js/libs/jquery-2.1.4.min.js,/webgoat-container/target/classes/static/js/libs/jquery-2.1.4.min.js
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Publish Date: 2020-04-29
URL: CVE-2020-11023
Base Score Metrics:
Type: Upgrade version
Release Date: 2020-04-29
Fix Resolution: jquery - 3.5.0;jquery-rails - 4.4.0
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
Path to vulnerable library: /webgoat-container/src/main/resources/static/js/libs/jquery-2.1.4.min.js,/webgoat-container/target/classes/static/js/libs/jquery-2.1.4.min.js
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Publish Date: 2020-04-29
URL: CVE-2020-11022
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022
Release Date: 2020-04-29
Fix Resolution: jQuery - 3.5.0
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
Path to vulnerable library: /webgoat-container/src/main/resources/static/js/libs/jquery-2.1.4.min.js,/webgoat-container/target/classes/static/js/libs/jquery-2.1.4.min.js
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype.
Publish Date: 2019-04-20
URL: CVE-2019-11358
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358
Release Date: 2019-04-20
Fix Resolution: jquery - 3.4.0
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js
Path to vulnerable library: /webgoat-container/src/main/resources/static/js/libs/jquery-2.1.4.min.js,/webgoat-container/target/classes/static/js/libs/jquery-2.1.4.min.js
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
Publish Date: 2018-01-18
URL: CVE-2015-9251
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2015-9251
Release Date: 2018-01-18
Fix Resolution: jQuery - 3.0.0
JavaScript's functional programming helper library.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.10.2/underscore-min.js
Path to vulnerable library: /webgoat-container/target/classes/static/js/libs/underscore-min.js,/webgoat-container/src/main/resources/static/js/libs/underscore-min.js
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (underscore-min version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2021-23358 | High | 7.2 | underscore-min-1.10.2.js | Direct | underscore - 1.12.1,1.13.0-2 | ❌ |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
JavaScript's functional programming helper library.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.10.2/underscore-min.js
Path to vulnerable library: /webgoat-container/target/classes/static/js/libs/underscore-min.js,/webgoat-container/src/main/resources/static/js/libs/underscore-min.js
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized.
Publish Date: 2021-03-29
URL: CVE-2021-23358
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23358
Release Date: 2021-03-29
Fix Resolution: underscore - 1.12.1,1.13.0-2
Java JDBC 4.2 (JRE 8+) driver for PostgreSQL database
Library home page: https://github.com/pgjdbc/pgjdbc
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/postgresql/postgresql/42.2.8/postgresql-42.2.8.jar,/home/wss-scanner/.m2/repository/org/postgresql/postgresql/42.2.8/postgresql-42.2.8.jar,/home/wss-scanner/.m2/repository/org/postgresql/postgresql/42.2.8/postgresql-42.2.8.jar
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (postgresql version) | Remediation Possible** |
---|---|---|---|---|---|---|
WS-2022-0080 | Critical | 9.8 | postgresql-42.2.8.jar | Direct | org.postgresql:postgresql:42.3.3 | ✅ |
CVE-2022-26520 | Critical | 9.8 | postgresql-42.2.8.jar | Direct | 42.2.26 | ✅ |
CVE-2022-21724 | Critical | 9.8 | postgresql-42.2.8.jar | Direct | org.postgresql:postgresql:42.2.25,42.3.2 | ✅ |
CVE-2022-31197 | High | 8.0 | postgresql-42.2.8.jar | Direct | 42.2.25.jre6 | ✅ |
CVE-2020-13692 | High | 7.7 | postgresql-42.2.8.jar | Direct | 42.2.12.jre6 | ✅ |
CVE-2022-41946 | Medium | 5.5 | postgresql-42.2.8.jar | Direct | 42.2.26.jre6 | ✅ |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Java JDBC 4.2 (JRE 8+) driver for PostgreSQL database
Library home page: https://github.com/pgjdbc/pgjdbc
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/postgresql/postgresql/42.2.8/postgresql-42.2.8.jar,/home/wss-scanner/.m2/repository/org/postgresql/postgresql/42.2.8/postgresql-42.2.8.jar,/home/wss-scanner/.m2/repository/org/postgresql/postgresql/42.2.8/postgresql-42.2.8.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In org.postgresql:postgresql before 42.3.3 the connection properties for configuring a pgjdbc connection are not meant to be exposed to an unauthenticated attacker. While allowing an attacker to specify arbitrary connection properties could lead to a compromise of a system, that's a defect of an application that allows unauthenticated attackers that level of control.
Publish Date: 2022-02-16
URL: WS-2022-0080
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-673j-qm5f-xpv8
Release Date: 2022-02-16
Fix Resolution: org.postgresql:postgresql:42.3.3
⛑️ Automatic Remediation will be attempted for this issue.
Java JDBC 4.2 (JRE 8+) driver for PostgreSQL database
Library home page: https://github.com/pgjdbc/pgjdbc
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/postgresql/postgresql/42.2.8/postgresql-42.2.8.jar,/home/wss-scanner/.m2/repository/org/postgresql/postgresql/42.2.8/postgresql-42.2.8.jar,/home/wss-scanner/.m2/repository/org/postgresql/postgresql/42.2.8/postgresql-42.2.8.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In pgjdbc before 42.3.3, an attacker (who controls the jdbc URL or properties) can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. An example situation is that an attacker could create an executable JSP file under a Tomcat web root. NOTE: the vendor's position is that there is no pgjdbc vulnerability; instead, it is a vulnerability for any application to use the pgjdbc driver with untrusted connection properties
Publish Date: 2022-03-10
URL: CVE-2022-26520
Base Score Metrics:
Type: Upgrade version
Origin: https://security-tracker.debian.org/tracker/CVE-2022-26520
Release Date: 2022-03-10
Fix Resolution: 42.2.26
⛑️ Automatic Remediation will be attempted for this issue.
Java JDBC 4.2 (JRE 8+) driver for PostgreSQL database
Library home page: https://github.com/pgjdbc/pgjdbc
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/postgresql/postgresql/42.2.8/postgresql-42.2.8.jar,/home/wss-scanner/.m2/repository/org/postgresql/postgresql/42.2.8/postgresql-42.2.8.jar,/home/wss-scanner/.m2/repository/org/postgresql/postgresql/42.2.8/postgresql-42.2.8.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc instantiates plugin instances based on class names provided via authenticationPluginClassName
, sslhostnameverifier
, socketFactory
, sslfactory
, sslpasswordcallback
connection properties. However, the driver did not verify if the class implements the expected interface before instantiating the class. This can lead to code execution loaded via arbitrary classes. Users using plugins are advised to upgrade. There are no known workarounds for this issue.
Publish Date: 2022-02-02
URL: CVE-2022-21724
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-v7wg-cpwc-24m4
Release Date: 2022-02-02
Fix Resolution: org.postgresql:postgresql:42.2.25,42.3.2
⛑️ Automatic Remediation will be attempted for this issue.
Java JDBC 4.2 (JRE 8+) driver for PostgreSQL database
Library home page: https://github.com/pgjdbc/pgjdbc
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/postgresql/postgresql/42.2.8/postgresql-42.2.8.jar,/home/wss-scanner/.m2/repository/org/postgresql/postgresql/42.2.8/postgresql-42.2.8.jar,/home/wss-scanner/.m2/repository/org/postgresql/postgresql/42.2.8/postgresql-42.2.8.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
PostgreSQL JDBC Driver (PgJDBC for short) allows Java programs to connect to a PostgreSQL database using standard, database independent Java code. The PGJDBC implementation of the java.sql.ResultRow.refreshRow()
method is not performing escaping of column names so a malicious column name that contains a statement terminator, e.g. ;
, could lead to SQL injection. This could lead to executing additional SQL commands as the application's JDBC user. User applications that do not invoke the ResultSet.refreshRow()
method are not impacted. User application that do invoke that method are impacted if the underlying database that they are querying via their JDBC application may be under the control of an attacker. The attack requires the attacker to trick the user into executing SQL against a table name who's column names would contain the malicious SQL and subsequently invoke the refreshRow()
method on the ResultSet. Note that the application's JDBC user and the schema owner need not be the same. A JDBC application that executes as a privileged user querying database schemas owned by potentially malicious less-privileged users would be vulnerable. In that situation it may be possible for the malicious user to craft a schema that causes the application to execute commands as the privileged user. Patched versions will be released as 42.2.26
and 42.4.1
. Users are advised to upgrade. There are no known workarounds for this issue.
Publish Date: 2022-08-03
URL: CVE-2022-31197
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-r38f-c4h4-hqq2
Release Date: 2022-08-03
Fix Resolution: 42.2.25.jre6
⛑️ Automatic Remediation will be attempted for this issue.
Java JDBC 4.2 (JRE 8+) driver for PostgreSQL database
Library home page: https://github.com/pgjdbc/pgjdbc
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/postgresql/postgresql/42.2.8/postgresql-42.2.8.jar,/home/wss-scanner/.m2/repository/org/postgresql/postgresql/42.2.8/postgresql-42.2.8.jar,/home/wss-scanner/.m2/repository/org/postgresql/postgresql/42.2.8/postgresql-42.2.8.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
PostgreSQL JDBC Driver (aka PgJDBC) before 42.2.13 allows XXE.
Publish Date: 2020-06-04
URL: CVE-2020-13692
Base Score Metrics:
Type: Upgrade version
Origin: https://jdbc.postgresql.org/documentation/changelog.html#version_42.2.13
Release Date: 2020-06-04
Fix Resolution: 42.2.12.jre6
⛑️ Automatic Remediation will be attempted for this issue.
Java JDBC 4.2 (JRE 8+) driver for PostgreSQL database
Library home page: https://github.com/pgjdbc/pgjdbc
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/postgresql/postgresql/42.2.8/postgresql-42.2.8.jar,/home/wss-scanner/.m2/repository/org/postgresql/postgresql/42.2.8/postgresql-42.2.8.jar,/home/wss-scanner/.m2/repository/org/postgresql/postgresql/42.2.8/postgresql-42.2.8.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
pgjdbc is an open source postgresql JDBC Driver. In affected versions a prepared statement using either PreparedStatement.setText(int, InputStream)
or PreparedStatemet.setBytea(int, InputStream)
will create a temporary file if the InputStream is larger than 2k. This will create a temporary file which is readable by other users on Unix like systems, but not MacOS. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability does not allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. Java 1.7 and higher users: this vulnerability is fixed in 4.5.0. Java 1.6 and lower users: no patch is available. If you are unable to patch, or are stuck running on Java 1.6, specifying the java.io.tmpdir system environment variable to a directory that is exclusively owned by the executing user will mitigate this vulnerability.
Publish Date: 2022-11-23
URL: CVE-2022-41946
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-562r-vg33-8x8h
Release Date: 2022-11-23
Fix Resolution: 42.2.26.jre6
⛑️ Automatic Remediation will be attempted for this issue.
⛑️Automatic Remediation will be attempted for this issue.
Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more.
Guava has only one code dependency - javax.annotation,
per the JSR-305 spec.</p>
Library home page: http://code.google.com/p/guava-libraries
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/google/guava/guava/18.0/guava-18.0.jar,/home/wss-scanner/.m2/repository/com/google/guava/guava/18.0/guava-18.0.jar
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (guava version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2023-2976 | High | 7.1 | guava-18.0.jar | Direct | 32.0.1-android | ✅ |
CVE-2018-10237 | Medium | 5.9 | guava-18.0.jar | Direct | 24.1.1-android | ✅ |
CVE-2020-8908 | Low | 3.3 | guava-18.0.jar | Direct | 30.0-android | ✅ |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more.
Guava has only one code dependency - javax.annotation,
per the JSR-305 spec.</p>
Library home page: http://code.google.com/p/guava-libraries
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/google/guava/guava/18.0/guava-18.0.jar,/home/wss-scanner/.m2/repository/com/google/guava/guava/18.0/guava-18.0.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
Use of Java's default temporary directory for file creation in FileBackedOutputStream
in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class.
Even though the security vulnerability is fixed in version 32.0.0, we recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.
Mend Note: Even though the security vulnerability is fixed in version 32.0.0, maintainers recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.
Publish Date: 2023-06-14
URL: CVE-2023-2976
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-7g45-4rm6-3mm3
Release Date: 2023-06-14
Fix Resolution: 32.0.1-android
⛑️ Automatic Remediation will be attempted for this issue.
Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more.
Guava has only one code dependency - javax.annotation,
per the JSR-305 spec.</p>
Library home page: http://code.google.com/p/guava-libraries
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/google/guava/guava/18.0/guava-18.0.jar,/home/wss-scanner/.m2/repository/com/google/guava/guava/18.0/guava-18.0.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable.
Publish Date: 2018-04-26
URL: CVE-2018-10237
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2018-10237
Release Date: 2018-04-26
Fix Resolution: 24.1.1-android
⛑️ Automatic Remediation will be attempted for this issue.
Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more.
Guava has only one code dependency - javax.annotation,
per the JSR-305 spec.</p>
Library home page: http://code.google.com/p/guava-libraries
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/google/guava/guava/18.0/guava-18.0.jar,/home/wss-scanner/.m2/repository/com/google/guava/guava/18.0/guava-18.0.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured.
Publish Date: 2020-12-10
URL: CVE-2020-8908
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2020-8908
Release Date: 2020-12-10
Fix Resolution: 30.0-android
⛑️ Automatic Remediation will be attempted for this issue.
⛑️Automatic Remediation will be attempted for this issue.
Path to dependency file: /webgoat-container/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (spring-boot-starter-undertow version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2020-1745 | Critical | 9.8 | undertow-core-2.0.28.Final.jar | Transitive | 2.2.6.RELEASE | ✅ |
CVE-2020-1757 | High | 8.1 | undertow-core-2.0.28.Final.jar | Transitive | 2.2.6.RELEASE | ✅ |
CVE-2024-1635 | High | 7.5 | undertow-core-2.0.28.Final.jar | Transitive | 3.0.0 | ✅ |
CVE-2023-5685 | High | 7.5 | xnio-api-3.3.8.Final.jar | Transitive | N/A* | ❌ |
CVE-2023-3223 | High | 7.5 | undertow-servlet-2.0.28.Final.jar | Transitive | 2.7.15 | ✅ |
CVE-2023-1973 | High | 7.5 | undertow-core-2.0.28.Final.jar | Transitive | 3.0.0 | ✅ |
CVE-2023-1108 | High | 7.5 | undertow-core-2.0.28.Final.jar | Transitive | 2.5.15 | ✅ |
CVE-2022-4492 | High | 7.5 | undertow-core-2.0.28.Final.jar | Transitive | 2.5.15 | ✅ |
CVE-2022-2053 | High | 7.5 | undertow-core-2.0.28.Final.jar | Transitive | N/A* | ❌ |
CVE-2022-1319 | High | 7.5 | undertow-core-2.0.28.Final.jar | Transitive | N/A* | ❌ |
CVE-2022-1259 | High | 7.5 | undertow-core-2.0.28.Final.jar | Transitive | 2.7.15 | ✅ |
CVE-2022-0084 | High | 7.5 | xnio-api-3.3.8.Final.jar | Transitive | N/A* | ❌ |
CVE-2021-3859 | High | 7.5 | undertow-core-2.0.28.Final.jar | Transitive | 2.5.10 | ✅ |
CVE-2021-3690 | High | 7.5 | undertow-websockets-jsr-2.0.28.Final.jar | Transitive | 2.3.0.RELEASE | ✅ |
CVE-2020-27782 | High | 7.5 | undertow-core-2.0.28.Final.jar | Transitive | 2.2.12.RELEASE | ✅ |
CVE-2020-10705 | High | 7.5 | undertow-core-2.0.28.Final.jar | Transitive | 2.2.10.RELEASE | ✅ |
CVE-2019-14888 | High | 7.5 | undertow-core-2.0.28.Final.jar | Transitive | 2.2.3.RELEASE | ✅ |
CVE-2023-4639 | High | 7.4 | undertow-core-2.0.28.Final.jar | Transitive | 3.0.0 | ✅ |
CVE-2020-10719 | Medium | 6.5 | undertow-core-2.0.28.Final.jar | Transitive | 2.2.10.RELEASE | ✅ |
CVE-2021-3629 | Medium | 5.9 | undertow-core-2.0.28.Final.jar | Transitive | N/A* | ❌ |
CVE-2021-3597 | Medium | 5.9 | undertow-core-2.0.28.Final.jar | Transitive | 2.3.0.RELEASE | ✅ |
CVE-2024-1459 | Medium | 5.3 | undertow-core-2.0.28.Final.jar | Transitive | 3.0.0 | ✅ |
CVE-2021-28170 | Medium | 5.3 | jakarta.el-3.0.3.jar | Transitive | 2.4.11 | ✅ |
CVE-2021-20220 | Medium | 4.8 | undertow-core-2.0.28.Final.jar | Transitive | 2.3.0.RELEASE | ✅ |
CVE-2020-10687 | Medium | 4.8 | undertow-core-2.0.28.Final.jar | Transitive | 2.3.7.RELEASE | ✅ |
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Undertow
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before and was fixed in 2.0.30.Final. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution.
Publish Date: 2020-04-28
URL: CVE-2020-1745
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1745
Release Date: 2020-04-28
Fix Resolution (io.undertow:undertow-core): 2.0.30.Final
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-undertow): 2.2.6.RELEASE
⛑️ Automatic Remediation will be attempted for this issue.
Undertow
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was found in all undertow-2.x.x SP1 versions prior to undertow-2.0.30.SP1, all undertow-1.x.x and undertow-2.x.x versions prior to undertow-2.1.0.Final, where the Servlet container causes servletPath to normalize incorrectly by truncating the path after semicolon which may lead to an application mapping resulting in the security bypass.
Publish Date: 2020-04-21
URL: CVE-2020-1757
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1757
Release Date: 2020-04-30
Fix Resolution (io.undertow:undertow-core): 2.0.30.Final
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-undertow): 2.2.6.RELEASE
⛑️ Automatic Remediation will be attempted for this issue.
Undertow
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A vulnerability was found in Undertow. This vulnerability impacts a server that supports the wildfly-http-client protocol. Whenever a malicious user opens and closes a connection with the HTTP port of the server and then closes the connection immediately, the server will end with both memory and open file limits exhausted at some point, depending on the amount of memory available.
At HTTP upgrade to remoting, the WriteTimeoutStreamSinkConduit leaks connections if RemotingConnection is closed by Remoting ServerConnectionOpenListener. Because the remoting connection originates in Undertow as part of the HTTP upgrade, there is an external layer to the remoting connection. This connection is unaware of the outermost layer when closing the connection during the connection opening procedure. Hence, the Undertow WriteTimeoutStreamSinkConduit is not notified of the closed connection in this scenario. Because WriteTimeoutStreamSinkConduit creates a timeout task, the whole dependency tree leaks via that task, which is added to XNIO WorkerThread. So, the workerThread points to the Undertow conduit, which contains the connections and causes the leak.
Publish Date: 2024-02-19
URL: CVE-2024-1635
Base Score Metrics:
Type: Upgrade version
Origin: https://bugzilla.redhat.com/show_bug.cgi?id=2264928
Release Date: 2024-02-19
Fix Resolution (io.undertow:undertow-core): 2.2.31.Final
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-undertow): 3.0.0
⛑️ Automatic Remediation will be attempted for this issue.
The API JAR of the XNIO project
Library home page: http://www.jboss.org/xnio
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/jboss/xnio/xnio-api/3.3.8.Final/xnio-api-3.3.8.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was found in XNIO. The XNIO NotifierState that can cause a Stack Overflow Exception when the chain of notifier states becomes problematically large can lead to uncontrolled resource management and a possible denial of service (DoS).
Publish Date: 2024-03-22
URL: CVE-2023-5685
Base Score Metrics:
Undertow
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-servlet/2.0.28.Final/undertow-servlet-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass the limit by setting the file name in the request to null.
Publish Date: 2023-09-27
URL: CVE-2023-3223
Base Score Metrics:
Type: Upgrade version
Origin: https://bugzilla.redhat.com/show_bug.cgi?id=2209689
Release Date: 2023-09-27
Fix Resolution (io.undertow:undertow-servlet): 2.2.26.Final
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-undertow): 2.7.15
⛑️ Automatic Remediation will be attempted for this issue.
Undertow
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was found in Undertow package. Using the FormAuthenticationMechanism, a malicious user could trigger a Denial of Service by sending crafted requests, leading the server to an OutofMemory error, exhausting the server's memory.
Publish Date: 2023-04-11
URL: CVE-2023-1973
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2023-1973
Release Date: 2023-04-11
Fix Resolution (io.undertow:undertow-core): 2.3.0.Alpha1
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-undertow): 3.0.0
⛑️ Automatic Remediation will be attempted for this issue.
Undertow
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates.
Publish Date: 2023-09-14
URL: CVE-2023-1108
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2023-1108
Release Date: 2023-09-14
Fix Resolution (io.undertow:undertow-core): 2.2.24.Final
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-undertow): 2.5.15
⛑️ Automatic Remediation will be attempted for this issue.
Undertow
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
The undertow client is not checking the server identity presented by the server certificate in https connections. This is a compulsory step (at least it should be performed by default) in https and in http/2. I would add it to any TLS client protocol.
Publish Date: 2023-02-23
URL: CVE-2022-4492
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-pfcc-3g6r-8rg8
Release Date: 2023-02-23
Fix Resolution (io.undertow:undertow-core): 2.2.24.Final
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-undertow): 2.5.15
⛑️ Automatic Remediation will be attempted for this issue.
Undertow
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
When a POST request comes through AJP and the request exceeds the max-post-size limit (maxEntitySize), Undertow's AjpServerRequestConduit implementation closes a connection without sending any response to the client/proxy. This behavior results in that a front-end proxy marking the backend worker (application server) as an error state and not forward requests to the worker for a while. In mod_cluster, this continues until the next STATUS request (10 seconds intervals) from the application server updates the server state. So, in the worst case, it can result in "All workers are in error state" and mod_cluster responds "503 Service Unavailable" for a while (up to 10 seconds). In mod_proxy_balancer, it does not forward requests to the worker until the "retry" timeout passes. However, luckily, mod_proxy_balancer has "forcerecovery" setting (On by default; this parameter can force the immediate recovery of all workers without considering the retry parameter of the workers if all workers of a balancer are in error state.). So, unlike mod_cluster, mod_proxy_balancer does not result in responding "503 Service Unavailable". An attacker could use this behavior to send a malicious request and trigger server errors, resulting in DoS (denial of service). This flaw was fixed in Undertow 2.2.19.Final, Undertow 2.3.0.Alpha2.
Publish Date: 2022-08-05
URL: CVE-2022-2053
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-95rf-557x-44g5
Release Date: 2022-08-05
Fix Resolution: io.undertow:undertow-core:2.2.19.Final
Undertow
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in the second SEND_HEADERS response packet instead of a CPONG.
Publish Date: 2022-08-31
URL: CVE-2022-1319
Base Score Metrics:
Type: Upgrade version
Origin: https://www.cve.org/CVERecord?id=CVE-2022-1319
Release Date: 2022-08-31
Fix Resolution: io.undertow:undertow-core:2.2.18.Final,2.3.0.Final
Undertow
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was found in Undertow. A potential security issue in flow control handling by the browser over HTTP/2 may cause overhead or a denial of service in the server. This flaw exists because of an incomplete fix for CVE-2021-3629.
Publish Date: 2022-08-31
URL: CVE-2022-1259
Base Score Metrics:
Type: Upgrade version
Release Date: 2022-08-31
Fix Resolution (io.undertow:undertow-core): 2.2.26.Final
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-undertow): 2.7.15
⛑️ Automatic Remediation will be attempted for this issue.
The API JAR of the XNIO project
Library home page: http://www.jboss.org/xnio
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/jboss/xnio/xnio-api/3.3.8.Final/xnio-api-3.3.8.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk fill-up.
Publish Date: 2022-08-26
URL: CVE-2022-0084
Base Score Metrics:
Type: Upgrade version
Release Date: 2022-08-26
Fix Resolution: org.jboss.xnio:xnio-api:3.8.8.Final
Undertow
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was found in Undertow that tripped the client-side invocation timeout with certain calls made over HTTP2. This flaw allows an attacker to carry out denial of service attacks.
Publish Date: 2022-08-26
URL: CVE-2021-3859
Base Score Metrics:
Type: Upgrade version
Release Date: 2022-08-26
Fix Resolution (io.undertow:undertow-core): 2.2.15.Final
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-undertow): 2.5.10
⛑️ Automatic Remediation will be attempted for this issue.
Undertow
Path to dependency file: /webgoat-container/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-websockets-jsr/2.0.28.Final/undertow-websockets-jsr-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was found in Undertow. A buffer leak on the incoming WebSocket PONG message may lead to memory exhaustion. This flaw allows an attacker to cause a denial of service. The highest threat from this vulnerability is availability.
Publish Date: 2022-08-23
URL: CVE-2021-3690
Base Score Metrics:
Type: Upgrade version
Origin: https://issues.redhat.com/browse/UNDERTOW-1935
Release Date: 2022-08-23
Fix Resolution (io.undertow:undertow-websockets-jsr): 2.0.40.Final
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-undertow): 2.3.0.RELEASE
⛑️ Automatic Remediation will be attempted for this issue.
Undertow
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was found in the Undertow AJP connector. Malicious requests and abrupt connection closes could be triggered by an attacker using query strings with non-RFC compliant characters resulting in a denial of service. The highest threat from this vulnerability is to system availability. This affects Undertow 2.1.5.SP1, 2.0.33.SP2, and 2.2.3.SP1.
Publish Date: 2021-02-23
URL: CVE-2020-27782
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-rhcw-wjcm-9h6g
Release Date: 2021-02-23
Fix Resolution (io.undertow:undertow-core): 2.0.33.Final
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-undertow): 2.2.12.RELEASE
⛑️ Automatic Remediation will be attempted for this issue.
Undertow
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was discovered in Undertow in versions before Undertow 2.1.1.Final where certain requests to the "Expect: 100-continue" header may cause an out of memory error. This flaw may potentially lead to a denial of service.
Publish Date: 2020-06-10
URL: CVE-2020-10705
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10705
Release Date: 2020-06-10
Fix Resolution (io.undertow:undertow-core): 2.0.31.Final
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-undertow): 2.2.10.RELEASE
⛑️ Automatic Remediation will be attempted for this issue.
Undertow
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A vulnerability was found in the Undertow HTTP server in versions before 2.0.28.SP1 when listening on HTTPS. An attacker can target the HTTPS port to carry out a Denial Of Service (DOS) to make the service unavailable on SSL.
Publish Date: 2020-01-23
URL: CVE-2019-14888
Base Score Metrics:
Type: Upgrade version
Origin: https://security-tracker.debian.org/tracker/CVE-2019-14888
Release Date: 2020-01-23
Fix Resolution (io.undertow:undertow-core): 2.0.29.Final
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-undertow): 2.2.3.RELEASE
⛑️ Automatic Remediation will be attempted for this issue.
Undertow
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. This issue could allow an attacker to construct a cookie value to exfiltrate HttpOnly cookie values or spoof arbitrary additional cookie values, leading to unauthorized data access or modification. The main threat from this flaw impacts data confidentiality and integrity.
Publish Date: 2023-08-30
URL: CVE-2023-4639
Base Score Metrics:
Type: Upgrade version
Origin: https://security-tracker.debian.org/tracker/CVE-2023-4639
Release Date: 2023-08-30
Fix Resolution (io.undertow:undertow-core): 2.2.31.Final
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-undertow): 3.0.0
⛑️ Automatic Remediation will be attempted for this issue.
Undertow
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling.
Publish Date: 2020-05-26
URL: CVE-2020-10719
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10719
Release Date: 2020-05-26
Fix Resolution (io.undertow:undertow-core): 2.0.31.Final
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-undertow): 2.2.10.RELEASE
⛑️ Automatic Remediation will be attempted for this issue.
Undertow
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was found in Undertow. A potential security issue in flow control handling by the browser over http/2 may potentially cause overhead or a denial of service in the server. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.40.Final and prior to 2.2.11.Final.
Publish Date: 2022-05-24
URL: CVE-2021-3629
Base Score Metrics:
Type: Upgrade version
Origin: https://www.cve.org/CVERecord?id=CVE-2021-3629
Release Date: 2022-05-24
Fix Resolution: io.undertow:undertow-core:2.0.40.Final,2.2.11.Final;io.undertow:undertow-benchmarks:2.0.40.Final,2.2.11.Final;io.undertow:undertow-examples:2.0.40.Final,2.2.11.Final
Undertow
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was found in undertow. The HTTP2SourceChannel fails to write the final frame under some circumstances, resulting in a denial of service. The highest threat from this vulnerability is availability. This flaw affects Undertow versions prior to 2.0.35.SP1, prior to 2.2.6.SP1, prior to 2.2.7.SP1, prior to 2.0.36.SP1, prior to 2.2.9.Final and prior to 2.0.39.Final.
Publish Date: 2022-05-24
URL: CVE-2021-3597
Base Score Metrics:
Type: Upgrade version
Origin: https://bugzilla.redhat.com/show_bug.cgi?id=1970930
Release Date: 2022-05-24
Fix Resolution (io.undertow:undertow-core): 2.0.39.Final
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-undertow): 2.3.0.RELEASE
⛑️ Automatic Remediation will be attempted for this issue.
Undertow
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A path traversal vulnerability was found in Undertow. This issue may allow a remote attacker to append a specially-crafted sequence to an HTTP request for an application deployed to JBoss EAP, which may permit access to privileged or restricted files and directories.
Publish Date: 2024-02-12
URL: CVE-2024-1459
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-v76w-3ph8-vm66
Release Date: 2024-02-12
Fix Resolution (io.undertow:undertow-core): 2.2.31.Final
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-undertow): 3.0.0
⛑️ Automatic Remediation will be attempted for this issue.
Jakarta Expression Language provides a specification document, API, reference implementation and TCK that describes an expression language for Java applications.
Library home page: https://projects.eclipse.org/projects/ee4j.el
Path to dependency file: /webgoat-container/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/glassfish/jakarta.el/3.0.3/jakarta.el-3.0.3.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid.
Publish Date: 2021-05-26
URL: CVE-2021-28170
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2021-28170
Release Date: 2021-05-26
Fix Resolution (org.glassfish:jakarta.el): 3.0.4
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-undertow): 2.4.11
⛑️ Automatic Remediation will be attempted for this issue.
Undertow
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. The highest threat from this vulnerability is to data confidentiality and integrity.
Publish Date: 2021-02-23
URL: CVE-2021-20220
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-qjwc-v72v-fq6r
Release Date: 2021-02-23
Fix Resolution (io.undertow:undertow-core): 2.0.34.Final
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-undertow): 2.3.0.RELEASE
⛑️ Automatic Remediation will be attempted for this issue.
Undertow
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was discovered in all versions of Undertow before Undertow 2.2.0.Final, where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own.
Publish Date: 2020-09-23
URL: CVE-2020-10687
Base Score Metrics:
Type: Upgrade version
Origin: https://bugzilla.redhat.com/show_bug.cgi?id=1785049
Release Date: 2020-09-23
Fix Resolution (io.undertow:undertow-core): 2.1.5.Final
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-undertow): 2.3.7.RELEASE
⛑️ Automatic Remediation will be attempted for this issue.
⛑️Automatic Remediation will be attempted for this issue.
Path to dependency file: /webgoat-server/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/hibernate/hibernate-core/5.4.9.Final/hibernate-core-5.4.9.Final.jar
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (spring-boot-starter-data-jpa version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2020-10683 | Critical | 9.8 | dom4j-2.1.1.jar | Transitive | 2.2.7.RELEASE | ✅ |
CVE-2020-25638 | High | 7.4 | hibernate-core-5.4.9.Final.jar | Transitive | 2.2.12.RELEASE | ✅ |
CVE-2019-14900 | Medium | 6.5 | hibernate-core-5.4.9.Final.jar | Transitive | 2.2.9.RELEASE | ✅ |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
flexible XML framework for Java
Library home page: http://dom4j.github.io/
Path to dependency file: /webgoat-container/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/dom4j/dom4j/2.1.1/dom4j-2.1.1.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.
Publish Date: 2020-05-01
URL: CVE-2020-10683
Base Score Metrics:
Type: Upgrade version
Release Date: 2020-05-01
Fix Resolution (org.dom4j:dom4j): 2.1.3
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-data-jpa): 2.2.7.RELEASE
⛑️ Automatic Remediation will be attempted for this issue.
Hibernate's core ORM functionality
Library home page: http://hibernate.org/orm
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/hibernate/hibernate-core/5.4.9.Final/hibernate-core-5.4.9.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.
Publish Date: 2020-12-02
URL: CVE-2020-25638
Base Score Metrics:
Type: Upgrade version
Origin: https://in.relation.to/2020/11/19/hibernate-orm-5424-final-release/
Release Date: 2020-12-02
Fix Resolution (org.hibernate:hibernate-core): 5.4.24.Final
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-data-jpa): 2.2.12.RELEASE
⛑️ Automatic Remediation will be attempted for this issue.
Hibernate's core ORM functionality
Library home page: http://hibernate.org/orm
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/hibernate/hibernate-core/5.4.9.Final/hibernate-core-5.4.9.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.
Publish Date: 2020-07-06
URL: CVE-2019-14900
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14900
Release Date: 2020-07-06
Fix Resolution (org.hibernate:hibernate-core): 5.4.18.Final
Direct dependency fix Resolution (org.springframework.boot:spring-boot-starter-data-jpa): 2.2.9.RELEASE
⛑️ Automatic Remediation will be attempted for this issue.
⛑️Automatic Remediation will be attempted for this issue.
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (webwolf-v8.1.0.jar version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2022-22965 | Critical | 9.8 | spring-beans-5.2.2.RELEASE.jar | Transitive | N/A* | ❌ |
CVE-2023-20873 | Critical | 9.8 | spring-boot-actuator-autoconfigure-2.2.2.RELEASE.jar | Transitive | N/A* | ❌ |
CVE-2016-1000027 | Critical | 9.8 | spring-web-5.2.2.RELEASE.jar | Transitive | N/A* | ❌ |
CVE-2020-10683 | Critical | 9.8 | dom4j-2.1.1.jar | Transitive | N/A* | ❌ |
CVE-2022-41853 | Critical | 9.8 | hsqldb-2.5.0.jar | Transitive | N/A* | ❌ |
CVE-2020-1745 | Critical | 9.8 | undertow-core-2.0.28.Final.jar | Transitive | N/A* | ❌ |
CVE-2021-22112 | High | 8.8 | spring-security-web-5.2.1.RELEASE.jar | Transitive | N/A* | ❌ |
CVE-2020-1757 | High | 8.1 | undertow-core-2.0.28.Final.jar | Transitive | N/A* | ❌ |
CVE-2021-22118 | High | 7.8 | spring-web-5.2.2.RELEASE.jar | Transitive | N/A* | ❌ |
CVE-2022-2053 | High | 7.5 | undertow-core-2.0.28.Final.jar | Transitive | N/A* | ❌ |
CVE-2020-25649 | High | 7.5 | jackson-databind-2.10.1.jar | Transitive | N/A* | ❌ |
CVE-2020-5398 | High | 7.5 | spring-web-5.2.2.RELEASE.jar | Transitive | N/A* | ❌ |
CVE-2021-46877 | High | 7.5 | jackson-databind-2.10.1.jar | Transitive | N/A* | ❌ |
CVE-2022-1319 | High | 7.5 | undertow-core-2.0.28.Final.jar | Transitive | N/A* | ❌ |
CVE-2019-14888 | High | 7.5 | undertow-core-2.0.28.Final.jar | Transitive | N/A* | ❌ |
CVE-2022-4492 | High | 7.5 | undertow-core-2.0.28.Final.jar | Transitive | N/A* | ❌ |
CVE-2022-42004 | High | 7.5 | jackson-databind-2.10.1.jar | Transitive | N/A* | ❌ |
CVE-2022-42003 | High | 7.5 | jackson-databind-2.10.1.jar | Transitive | N/A* | ❌ |
CVE-2022-0084 | High | 7.5 | xnio-api-3.3.8.Final.jar | Transitive | N/A* | ❌ |
CVE-2020-36518 | High | 7.5 | jackson-databind-2.10.1.jar | Transitive | N/A* | ❌ |
CVE-2020-27782 | High | 7.5 | undertow-core-2.0.28.Final.jar | Transitive | N/A* | ❌ |
CVE-2021-3690 | High | 7.5 | undertow-websockets-jsr-2.0.28.Final.jar | Transitive | N/A* | ❌ |
CVE-2020-10705 | High | 7.5 | undertow-core-2.0.28.Final.jar | Transitive | N/A* | ❌ |
CVE-2022-1259 | High | 7.5 | undertow-core-2.0.28.Final.jar | Transitive | N/A* | ❌ |
CVE-2023-1108 | High | 7.5 | undertow-core-2.0.28.Final.jar | Transitive | N/A* | ❌ |
CVE-2021-3859 | High | 7.5 | undertow-core-2.0.28.Final.jar | Transitive | N/A* | ❌ |
CVE-2020-25638 | High | 7.4 | hibernate-core-5.4.9.Final.jar | Transitive | N/A* | ❌ |
CVE-2020-10719 | Medium | 6.5 | undertow-core-2.0.28.Final.jar | Transitive | N/A* | ❌ |
CVE-2019-14900 | Medium | 6.5 | hibernate-core-5.4.9.Final.jar | Transitive | N/A* | ❌ |
CVE-2022-22950 | Medium | 6.5 | spring-expression-5.2.2.RELEASE.jar | Transitive | N/A* | ❌ |
CVE-2020-5408 | Medium | 6.5 | spring-security-core-5.2.1.RELEASE.jar | Transitive | N/A* | ❌ |
CVE-2023-20861 | Medium | 6.5 | spring-expression-5.2.2.RELEASE.jar | Transitive | N/A* | ❌ |
CVE-2023-20863 | Medium | 6.5 | spring-expression-5.2.2.RELEASE.jar | Transitive | N/A* | ❌ |
CVE-2020-5421 | Medium | 6.5 | spring-web-5.2.2.RELEASE.jar | Transitive | N/A* | ❌ |
WS-2017-3767 | Medium | 6.3 | spring-security-web-5.2.1.RELEASE.jar | Transitive | N/A* | ❌ |
WS-2016-7107 | Medium | 5.9 | spring-security-web-5.2.1.RELEASE.jar | Transitive | N/A* | ❌ |
CVE-2021-3629 | Medium | 5.9 | undertow-core-2.0.28.Final.jar | Transitive | N/A* | ❌ |
CVE-2021-3597 | Medium | 5.9 | undertow-core-2.0.28.Final.jar | Transitive | N/A* | ❌ |
WS-2021-0616 | Medium | 5.9 | jackson-databind-2.10.1.jar | Transitive | N/A* | ❌ |
WS-2020-0293 | Medium | 5.9 | spring-security-web-5.2.1.RELEASE.jar | Transitive | N/A* | ❌ |
CVE-2022-22968 | Medium | 5.3 | spring-context-5.2.2.RELEASE.jar | Transitive | N/A* | ❌ |
CVE-2022-22970 | Medium | 5.3 | spring-beans-5.2.2.RELEASE.jar | Transitive | N/A* | ❌ |
CVE-2020-5397 | Medium | 5.3 | detected in multiple dependencies | Transitive | N/A* | ❌ |
CVE-2020-10693 | Medium | 5.3 | hibernate-validator-6.0.18.Final.jar | Transitive | N/A* | ❌ |
CVE-2021-28170 | Medium | 5.3 | jakarta.el-3.0.3.jar | Transitive | N/A* | ❌ |
CVE-2020-10687 | Medium | 4.8 | undertow-core-2.0.28.Final.jar | Transitive | N/A* | ❌ |
CVE-2021-20220 | Medium | 4.8 | undertow-core-2.0.28.Final.jar | Transitive | N/A* | ❌ |
CVE-2021-22096 | Medium | 4.3 | detected in multiple dependencies | Transitive | N/A* | ❌ |
CVE-2021-22060 | Medium | 4.3 | spring-web-5.2.2.RELEASE.jar | Transitive | N/A* | ❌ |
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Partial details (21 vulnerabilities) are displayed below due to a content size limitation in GitHub. To view information on the remaining vulnerabilities, navigate to the Mend Application.
Spring Beans
Library home page: https://github.com/spring-projects/spring-framework
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-beans/5.2.2.RELEASE/spring-beans-5.2.2.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
Mend Note: Converted from WS-2022-0107, on 2022-11-07.
Publish Date: 2022-04-01
URL: CVE-2022-22965
Base Score Metrics:
Type: Upgrade version
Origin: https://spring.io/blog/2022/03/31/spring-framework-rce-early-announcement
Release Date: 2022-04-01
Fix Resolution: org.springframework:spring-beans:5.2.20.RELEASE,5.3.18
Spring Boot Actuator AutoConfigure
Library home page: https://projects.spring.io/spring-boot/#/spring-boot-parent/spring-boot-actuator-autoconfigure
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/boot/spring-boot-actuator-autoconfigure/2.2.2.RELEASE/spring-boot-actuator-autoconfigure-2.2.2.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6+. 2.7.x users should upgrade to 2.7.11+. Users of older, unsupported versions should upgrade to 3.0.6+ or 2.7.11+.
Publish Date: 2023-04-20
URL: CVE-2023-20873
Base Score Metrics:
Type: Upgrade version
Origin: https://spring.io/security/cve-2023-20873
Release Date: 2023-04-20
Fix Resolution: org.springframework.boot:spring-boot-actuator-autoconfigure:2.7.11,3.0.6
Spring Web
Library home page: https://github.com/spring-projects/spring-framework
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/5.2.2.RELEASE/spring-web-5.2.2.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
Pivotal Spring Framework through 5.3.16 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication may be required. NOTE: the vendor's position is that untrusted data is not an intended use case. The product's behavior will not be changed because some users rely on deserialization of trusted data.
Mend Note: After conducting further research, Mend has determined that all versions of spring-web up to version 6.0.0 are vulnerable to CVE-2016-1000027.
Publish Date: 2020-01-02
URL: CVE-2016-1000027
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-4wrc-f8pq-fpqp
Release Date: 2020-01-02
Fix Resolution: org.springframework:spring-web:6.0.0
flexible XML framework for Java
Library home page: http://dom4j.github.io/
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/dom4j/dom4j/2.1.1/dom4j-2.1.1.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.
Publish Date: 2020-05-01
URL: CVE-2020-10683
Base Score Metrics:
Type: Upgrade version
Release Date: 2020-05-01
Fix Resolution: org.dom4j:dom4j:2.1.3,org.dom4j:dom4j:2.0.3
HSQLDB - Lightweight 100% Java SQL Database Engine
Library home page: http://hsqldb.org
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/hsqldb/hsqldb/2.5.0/hsqldb-2.5.0.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb (HyperSQL DataBase) to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code execution. The issue can be prevented by updating to 2.7.1 or by setting the system property "hsqldb.method_class_names" to classes which are allowed to be called. For example, System.setProperty("hsqldb.method_class_names", "abc") or Java argument -Dhsqldb.method_class_names="abc" can be used. From version 2.7.1 all classes by default are not accessible except those in java.lang.Math and need to be manually enabled.
Publish Date: 2022-10-06
URL: CVE-2022-41853
Base Score Metrics:
Undertow
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before and was fixed in 2.0.30.Final. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instances where the vulnerable server allows file uploads, an attacker could upload malicious JavaServer Pages (JSP) code within a variety of file types and trigger this vulnerability to gain remote code execution.
Publish Date: 2020-04-28
URL: CVE-2020-1745
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1745
Release Date: 2020-04-28
Fix Resolution: io.undertow:undertow-core:2.0.30.Final
spring-security-web
Library home page: http://spring.io/spring-security
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/security/spring-security-web/5.2.1.RELEASE/spring-security-web-5.2.1.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in a single request.A malicious user cannot cause the bug to happen (it must be programmed in). However, if the application's intent is to only allow the user to run with elevated privileges in a small portion of the application, the bug can be leveraged to extend those privileges to the rest of the application.
Publish Date: 2021-02-23
URL: CVE-2021-22112
Base Score Metrics:
Type: Upgrade version
Origin: https://tanzu.vmware.com/security/cve-2021-22112
Release Date: 2021-02-23
Fix Resolution: org.springframework.security:spring-security-web:5.2.9,5.3.8,5.4.4
Undertow
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was found in all undertow-2.x.x SP1 versions prior to undertow-2.0.30.SP1, all undertow-1.x.x and undertow-2.x.x versions prior to undertow-2.1.0.Final, where the Servlet container causes servletPath to normalize incorrectly by truncating the path after semicolon which may lead to an application mapping resulting in the security bypass.
Publish Date: 2020-04-21
URL: CVE-2020-1757
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1757
Release Date: 2020-04-30
Fix Resolution: io.undertow:undertow-core:2.0.30.Final, io.undertow:undertow-examples:2.0.30.Final
Spring Web
Library home page: https://github.com/spring-projects/spring-framework
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/5.2.2.RELEASE/spring-web-5.2.2.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFlux application, or overwrite arbitrary files with multipart request data.
Publish Date: 2021-05-27
URL: CVE-2021-22118
Base Score Metrics:
Type: Upgrade version
Origin: https://tanzu.vmware.com/security/cve-2021-22118
Release Date: 2021-05-27
Fix Resolution: org.springframework:spring-web:5.2.15,5.3.7
Undertow
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
When a POST request comes through AJP and the request exceeds the max-post-size limit (maxEntitySize), Undertow's AjpServerRequestConduit implementation closes a connection without sending any response to the client/proxy. This behavior results in that a front-end proxy marking the backend worker (application server) as an error state and not forward requests to the worker for a while. In mod_cluster, this continues until the next STATUS request (10 seconds intervals) from the application server updates the server state. So, in the worst case, it can result in "All workers are in error state" and mod_cluster responds "503 Service Unavailable" for a while (up to 10 seconds). In mod_proxy_balancer, it does not forward requests to the worker until the "retry" timeout passes. However, luckily, mod_proxy_balancer has "forcerecovery" setting (On by default; this parameter can force the immediate recovery of all workers without considering the retry parameter of the workers if all workers of a balancer are in error state.). So, unlike mod_cluster, mod_proxy_balancer does not result in responding "503 Service Unavailable". An attacker could use this behavior to send a malicious request and trigger server errors, resulting in DoS (denial of service). This flaw was fixed in Undertow 2.2.19.Final, Undertow 2.3.0.Alpha2.
Publish Date: 2022-08-05
URL: CVE-2022-2053
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-95rf-557x-44g5
Release Date: 2022-08-05
Fix Resolution: io.undertow:undertow-core:2.2.19.Final
General data-binding functionality for Jackson: works on core streaming API
Library home page: http://github.com/FasterXML/jackson
Path to dependency file: /webgoat-lessons/jwt/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.
Publish Date: 2020-12-03
URL: CVE-2020-25649
Base Score Metrics:
Type: Upgrade version
Release Date: 2020-12-03
Fix Resolution: com.fasterxml.jackson.core:jackson-databind:2.6.7.4,2.9.10.7,2.10.5.1,2.11.0.rc1
Spring Web
Library home page: https://github.com/spring-projects/spring-framework
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/5.2.2.RELEASE/spring-web-5.2.2.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input.
Publish Date: 2020-01-17
URL: CVE-2020-5398
Base Score Metrics:
Type: Upgrade version
Origin: https://pivotal.io/security/cve-2020-5398
Release Date: 2020-01-17
Fix Resolution: org.springframework:spring-web:5.0.16.RELEASE,org.springframework:spring-web:5.1.13.RELEASE,org.springframework:spring-web:5.2.3.RELEASE
General data-binding functionality for Jackson: works on core streaming API
Library home page: http://github.com/FasterXML/jackson
Path to dependency file: /webgoat-lessons/jwt/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
jackson-databind 2.10.x through 2.12.x before 2.12.6 and 2.13.x before 2.13.1 allows attackers to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization.
Publish Date: 2023-03-18
URL: CVE-2021-46877
Base Score Metrics:
Type: Upgrade version
Origin: https://www.cve.org/CVERecord?id=CVE-2021-46877
Release Date: 2023-03-18
Fix Resolution: com.fasterxml.jackson.core:jackson-databind:2.12.6,2.13.1
Undertow
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was found in Undertow. For an AJP 400 response, EAP 7 is improperly sending two response packets, and those packets have the reuse flag set even though JBoss EAP closes the connection. A failure occurs when the connection is reused after a 400 by CPING since it reads in the second SEND_HEADERS response packet instead of a CPONG.
Publish Date: 2022-08-31
URL: CVE-2022-1319
Base Score Metrics:
Type: Upgrade version
Origin: https://www.cve.org/CVERecord?id=CVE-2022-1319
Release Date: 2022-08-31
Fix Resolution: io.undertow:undertow-core:2.2.18.Final,2.3.0.Final
Undertow
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A vulnerability was found in the Undertow HTTP server in versions before 2.0.28.SP1 when listening on HTTPS. An attacker can target the HTTPS port to carry out a Denial Of Service (DOS) to make the service unavailable on SSL.
Publish Date: 2020-01-23
URL: CVE-2019-14888
Base Score Metrics:
Type: Upgrade version
Origin: https://security-tracker.debian.org/tracker/CVE-2019-14888
Release Date: 2020-01-23
Fix Resolution: 2.0.29.Final
Undertow
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
The undertow client is not checking the server identity presented by the server certificate in https connections. This is a compulsory step (at least it should be performed by default) in https and in http/2. I would add it to any TLS client protocol.
Publish Date: 2023-02-23
URL: CVE-2022-4492
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-pfcc-3g6r-8rg8
Release Date: 2023-02-23
Fix Resolution: io.undertow:undertow-core:2.2.24.Final,2.3.5.Final, io.undertow:undertow-examples:2.2.24.Final,2.3.5.Final, io.undertow:undertow-benchmarks:2.2.24.Final,2.3.5.Final
General data-binding functionality for Jackson: works on core streaming API
Library home page: http://github.com/FasterXML/jackson
Path to dependency file: /webgoat-lessons/jwt/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer._deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for deserialization.
Publish Date: 2022-10-02
URL: CVE-2022-42004
Base Score Metrics:
Type: Upgrade version
Release Date: 2022-10-02
Fix Resolution: com.fasterxml.jackson.core:jackson-databind:2.13.4
General data-binding functionality for Jackson: works on core streaming API
Library home page: http://github.com/FasterXML/jackson
Path to dependency file: /webgoat-lessons/jwt/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In FasterXML jackson-databind before 2.14.0-rc1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. Additional fix version in 2.13.4.1 and 2.12.17.1
Publish Date: 2022-10-02
URL: CVE-2022-42003
Base Score Metrics:
Type: Upgrade version
Release Date: 2022-10-02
Fix Resolution: com.fasterxml.jackson.core:jackson-databind:2.12.7.1,2.13.4.1
The API JAR of the XNIO project
Library home page: http://www.jboss.org/xnio
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/jboss/xnio/xnio-api/3.3.8.Final/xnio-api-3.3.8.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk fill-up.
Publish Date: 2022-08-26
URL: CVE-2022-0084
Base Score Metrics:
Type: Upgrade version
Release Date: 2022-08-26
Fix Resolution: org.jboss.xnio:xnio-api:3.8.8.Final
General data-binding functionality for Jackson: works on core streaming API
Library home page: http://github.com/FasterXML/jackson
Path to dependency file: /webgoat-lessons/jwt/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.1/jackson-databind-2.10.1.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.
Mend Note: After conducting further research, Mend has determined that all versions of com.fasterxml.jackson.core:jackson-databind up to version 2.13.2 are vulnerable to CVE-2020-36518.
Publish Date: 2022-03-11
URL: CVE-2020-36518
Base Score Metrics:
Type: Upgrade version
Release Date: 2022-03-11
Fix Resolution: com.fasterxml.jackson.core:jackson-databind:2.12.6.1,2.13.2.1
Undertow
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/io/undertow/undertow-core/2.0.28.Final/undertow-core-2.0.28.Final.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
A flaw was found in the Undertow AJP connector. Malicious requests and abrupt connection closes could be triggered by an attacker using query strings with non-RFC compliant characters resulting in a denial of service. The highest threat from this vulnerability is to system availability. This affects Undertow 2.1.5.SP1, 2.0.33.SP2, and 2.2.3.SP1.
Publish Date: 2021-02-23
URL: CVE-2020-27782
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-rhcw-wjcm-9h6g
Release Date: 2021-02-23
Fix Resolution: io.undertow:undertow-core:2.0.33.Final,2.1.5.Final
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Path to vulnerable library: /webgoat-container/target/classes/static/js/libs/jquery.min.js,/webgoat-container/src/main/resources/static/js/libs/jquery.min.js
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (jquery version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2020-11023 | Medium | 6.1 | jquery-3.4.1.min.js | Direct | jquery - 3.5.0;jquery-rails - 4.4.0 | ❌ |
CVE-2020-11022 | Medium | 6.1 | jquery-3.4.1.min.js | Direct | jQuery - 3.5.0 | ❌ |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Path to vulnerable library: /webgoat-container/target/classes/static/js/libs/jquery.min.js,/webgoat-container/src/main/resources/static/js/libs/jquery.min.js
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Publish Date: 2020-04-29
URL: CVE-2020-11023
Base Score Metrics:
Type: Upgrade version
Release Date: 2020-04-29
Fix Resolution: jquery - 3.5.0;jquery-rails - 4.4.0
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Path to vulnerable library: /webgoat-container/target/classes/static/js/libs/jquery.min.js,/webgoat-container/src/main/resources/static/js/libs/jquery.min.js
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Publish Date: 2020-04-29
URL: CVE-2020-11022
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022
Release Date: 2020-04-29
Fix Resolution: jQuery - 3.5.0
A curated set of user interface interactions, effects, widgets, and themes built on top of the jQuery JavaScript Library.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Path to vulnerable library: /webgoat-container/target/classes/static/js/libs/jquery-ui.min.js,/webgoat-container/src/main/resources/static/js/libs/jquery-ui.min.js
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (jquery-ui version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2022-31160 | Medium | 6.1 | jquery-ui-1.12.1.min.js | Direct | jquery-ui - 1.13.2 | ❌ |
CVE-2021-41184 | Medium | 6.1 | jquery-ui-1.12.1.min.js | Direct | jquery-ui - 1.13.0 | ❌ |
CVE-2021-41183 | Medium | 6.1 | jquery-ui-1.12.1.min.js | Direct | jquery-ui - 1.13.0 | ❌ |
CVE-2021-41182 | Medium | 6.1 | jquery-ui-1.12.1.min.js | Direct | jquery-ui - 1.13.0 | ❌ |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
A curated set of user interface interactions, effects, widgets, and themes built on top of the jQuery JavaScript Library.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Path to vulnerable library: /webgoat-container/target/classes/static/js/libs/jquery-ui.min.js,/webgoat-container/src/main/resources/static/js/libs/jquery-ui.min.js
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents considered as the input label. Calling .checkboxradio( "refresh" )
on such a widget and the initial HTML contained encoded HTML entities will make them erroneously get decoded. This can lead to potentially executing JavaScript code. The bug has been patched in jQuery UI 1.13.2. To remediate the issue, someone who can change the initial HTML can wrap all the non-input contents of the label
in a span
.
Publish Date: 2022-07-20
URL: CVE-2022-31160
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31160
Release Date: 2022-07-20
Fix Resolution: jquery-ui - 1.13.2
A curated set of user interface interactions, effects, widgets, and themes built on top of the jQuery JavaScript Library.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Path to vulnerable library: /webgoat-container/target/classes/static/js/libs/jquery-ui.min.js,/webgoat-container/src/main/resources/static/js/libs/jquery-ui.min.js
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the of
option of the .position()
util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the of
option is now treated as a CSS selector. A workaround is to not accept the value of the of
option from untrusted sources.
Publish Date: 2021-10-26
URL: CVE-2021-41184
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41184
Release Date: 2021-10-26
Fix Resolution: jquery-ui - 1.13.0
A curated set of user interface interactions, effects, widgets, and themes built on top of the jQuery JavaScript Library.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Path to vulnerable library: /webgoat-container/target/classes/static/js/libs/jquery-ui.min.js,/webgoat-container/src/main/resources/static/js/libs/jquery-ui.min.js
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various *Text
options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various *Text
options are now always treated as pure text, not HTML. A workaround is to not accept the value of the *Text
options from untrusted sources.
Publish Date: 2021-10-26
URL: CVE-2021-41183
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41183
Release Date: 2021-10-26
Fix Resolution: jquery-ui - 1.13.0
A curated set of user interface interactions, effects, widgets, and themes built on top of the jQuery JavaScript Library.
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Path to vulnerable library: /webgoat-container/target/classes/static/js/libs/jquery-ui.min.js,/webgoat-container/src/main/resources/static/js/libs/jquery-ui.min.js
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the altField
option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the altField
option is now treated as a CSS selector. A workaround is to not accept the value of the altField
option from untrusted sources.
Publish Date: 2021-10-26
URL: CVE-2021-41182
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41182
Release Date: 2021-10-26
Fix Resolution: jquery-ui - 1.13.0
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-core/5.2.2.RELEASE/spring-core-5.2.2.RELEASE.jar
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (spring-boot-devtools version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2022-27772 | High | 7.8 | spring-boot-2.2.2.RELEASE.jar | Transitive | 2.2.11.RELEASE | ✅ |
CVE-2022-22970 | Medium | 5.3 | spring-core-5.2.2.RELEASE.jar | Transitive | 2.4.0 | ✅ |
CVE-2021-22060 | Medium | 4.3 | spring-core-5.2.2.RELEASE.jar | Transitive | 2.4.0 | ✅ |
CVE-2021-22096 | Medium | 4.3 | spring-core-5.2.2.RELEASE.jar | Transitive | 2.4.0 | ✅ |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Spring Boot
Library home page: https://projects.spring.io/spring-boot/#/spring-boot-parent/spring-boot
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/boot/spring-boot/2.2.2.RELEASE/spring-boot-2.2.2.RELEASE.jar,/home/wss-scanner/.m2/repository/org/springframework/boot/spring-boot/2.2.2.RELEASE/spring-boot-2.2.2.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
** UNSUPPORTED WHEN ASSIGNED ** spring-boot versions prior to version v2.2.11.RELEASE was vulnerable to temporary directory hijacking. This vulnerability impacted the org.springframework.boot.web.server.AbstractConfigurableWebServerFactory.createTempDir method. NOTE: This vulnerability only affects products and/or versions that are no longer supported by the maintainer.
Publish Date: 2022-03-30
URL: CVE-2022-27772
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-cm59-pr5q-cw85
Release Date: 2022-03-30
Fix Resolution (org.springframework.boot:spring-boot): 2.2.11.RELEASE
Direct dependency fix Resolution (org.springframework.boot:spring-boot-devtools): 2.2.11.RELEASE
⛑️ Automatic Remediation will be attempted for this issue.
Spring Core
Library home page: https://github.com/spring-projects/spring-framework
Path to dependency file: /webgoat-server/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-core/5.2.2.RELEASE/spring-core-5.2.2.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, applications that handle file uploads are vulnerable to DoS attack if they rely on data binding to set a MultipartFile or javax.servlet.Part to a field in a model object.
Publish Date: 2022-05-12
URL: CVE-2022-22970
Base Score Metrics:
Type: Upgrade version
Origin: https://tanzu.vmware.com/security/cve-2022-22970
Release Date: 2022-05-12
Fix Resolution (org.springframework:spring-core): 5.2.22.RELEASE
Direct dependency fix Resolution (org.springframework.boot:spring-boot-devtools): 2.4.0
⛑️ Automatic Remediation will be attempted for this issue.
Spring Core
Library home page: https://github.com/spring-projects/spring-framework
Path to dependency file: /webgoat-server/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-core/5.2.2.RELEASE/spring-core-5.2.2.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Spring Framework versions 5.3.0 - 5.3.13, 5.2.0 - 5.2.18, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. This is a follow-up to CVE-2021-22096 that protects against additional types of input and in more places of the Spring Framework codebase.
Publish Date: 2022-01-10
URL: CVE-2021-22060
Base Score Metrics:
Type: Upgrade version
Origin: https://spring.io/security/cve-2021-22060
Release Date: 2022-01-10
Fix Resolution (org.springframework:spring-core): 5.2.19.RELEASE
Direct dependency fix Resolution (org.springframework.boot:spring-boot-devtools): 2.4.0
⛑️ Automatic Remediation will be attempted for this issue.
Spring Core
Library home page: https://github.com/spring-projects/spring-framework
Path to dependency file: /webgoat-server/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-core/5.2.2.RELEASE/spring-core-5.2.2.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries.
Publish Date: 2021-10-28
URL: CVE-2021-22096
Base Score Metrics:
Type: Upgrade version
Origin: https://tanzu.vmware.com/security/cve-2021-22096
Release Date: 2021-10-28
Fix Resolution (org.springframework:spring-core): 5.2.18.RELEASE
Direct dependency fix Resolution (org.springframework.boot:spring-boot-devtools): 2.4.0
⛑️ Automatic Remediation will be attempted for this issue.
⛑️Automatic Remediation will be attempted for this issue.
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.10.2/jquery.min.js
Path to vulnerable library: /webgoat-container/src/main/resources/static/js/jquery/jquery-1.10.2.min.js,/webgoat-container/target/classes/static/js/jquery/jquery-1.10.2.min.js
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (jquery version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2020-11023 | Medium | 6.1 | jquery-1.10.2.min.js | Direct | jquery - 3.5.0;jquery-rails - 4.4.0 | ❌ |
CVE-2020-11022 | Medium | 6.1 | jquery-1.10.2.min.js | Direct | jQuery - 3.5.0 | ❌ |
CVE-2019-11358 | Medium | 6.1 | jquery-1.10.2.min.js | Direct | jquery - 3.4.0 | ❌ |
CVE-2015-9251 | Medium | 6.1 | jquery-1.10.2.min.js | Direct | jQuery - 3.0.0 | ❌ |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.10.2/jquery.min.js
Path to vulnerable library: /webgoat-container/src/main/resources/static/js/jquery/jquery-1.10.2.min.js,/webgoat-container/target/classes/static/js/jquery/jquery-1.10.2.min.js
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Publish Date: 2020-04-29
URL: CVE-2020-11023
Base Score Metrics:
Type: Upgrade version
Release Date: 2020-04-29
Fix Resolution: jquery - 3.5.0;jquery-rails - 4.4.0
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.10.2/jquery.min.js
Path to vulnerable library: /webgoat-container/src/main/resources/static/js/jquery/jquery-1.10.2.min.js,/webgoat-container/target/classes/static/js/jquery/jquery-1.10.2.min.js
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Publish Date: 2020-04-29
URL: CVE-2020-11022
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022
Release Date: 2020-04-29
Fix Resolution: jQuery - 3.5.0
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.10.2/jquery.min.js
Path to vulnerable library: /webgoat-container/src/main/resources/static/js/jquery/jquery-1.10.2.min.js,/webgoat-container/target/classes/static/js/jquery/jquery-1.10.2.min.js
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype.
Publish Date: 2019-04-20
URL: CVE-2019-11358
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358
Release Date: 2019-04-20
Fix Resolution: jquery - 3.4.0
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.10.2/jquery.min.js
Path to vulnerable library: /webgoat-container/src/main/resources/static/js/jquery/jquery-1.10.2.min.js,/webgoat-container/target/classes/static/js/jquery/jquery-1.10.2.min.js
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
Publish Date: 2018-01-18
URL: CVE-2015-9251
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2015-9251
Release Date: 2018-01-18
Fix Resolution: jQuery - 3.0.0
WebJar for Bootstrap
Library home page: http://webjars.org
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/webjars/bootstrap/3.3.7/bootstrap-3.3.7.jar,/home/wss-scanner/.m2/repository/org/webjars/bootstrap/3.3.7/bootstrap-3.3.7.jar
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (bootstrap version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2020-11023 | Medium | 6.1 | jquery-3.2.1.jar | Transitive | 4.5.0 | ✅ |
CVE-2020-11022 | Medium | 6.1 | jquery-3.2.1.jar | Transitive | 4.5.0 | ✅ |
CVE-2019-8331 | Medium | 6.1 | bootstrap-3.3.7.jar | Direct | 3.4.1 | ✅ |
CVE-2019-11358 | Medium | 6.1 | jquery-3.2.1.jar | Transitive | 4.4.1-1 | ✅ |
CVE-2018-20677 | Medium | 6.1 | bootstrap-3.3.7.jar | Direct | 3.4.0 | ✅ |
CVE-2018-20676 | Medium | 6.1 | bootstrap-3.3.7.jar | Direct | 3.4.0 | ✅ |
CVE-2018-14042 | Medium | 6.1 | bootstrap-3.3.7.jar | Direct | 3.4.0 | ✅ |
CVE-2016-10735 | Medium | 6.1 | bootstrap-3.3.7.jar | Direct | 3.4.0 | ✅ |
CVE-2018-14040 | Low | 3.7 | bootstrap-3.3.7.jar | Direct | 3.4.0 | ✅ |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
WebJar for jQuery
Library home page: http://webjars.org
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/webjars/jquery/3.2.1/jquery-3.2.1.jar,/home/wss-scanner/.m2/repository/org/webjars/jquery/3.2.1/jquery-3.2.1.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Publish Date: 2020-04-29
URL: CVE-2020-11023
Base Score Metrics:
Type: Upgrade version
Release Date: 2020-04-29
Fix Resolution (org.webjars:jquery): 3.5.0
Direct dependency fix Resolution (org.webjars:bootstrap): 4.5.0
⛑️ Automatic Remediation will be attempted for this issue.
WebJar for jQuery
Library home page: http://webjars.org
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/webjars/jquery/3.2.1/jquery-3.2.1.jar,/home/wss-scanner/.m2/repository/org/webjars/jquery/3.2.1/jquery-3.2.1.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Publish Date: 2020-04-29
URL: CVE-2020-11022
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022
Release Date: 2020-04-29
Fix Resolution (org.webjars:jquery): 3.5.0
Direct dependency fix Resolution (org.webjars:bootstrap): 4.5.0
⛑️ Automatic Remediation will be attempted for this issue.
WebJar for Bootstrap
Library home page: http://webjars.org
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/webjars/bootstrap/3.3.7/bootstrap-3.3.7.jar,/home/wss-scanner/.m2/repository/org/webjars/bootstrap/3.3.7/bootstrap-3.3.7.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
Publish Date: 2019-02-20
URL: CVE-2019-8331
Base Score Metrics:
Type: Upgrade version
Release Date: 2019-02-20
Fix Resolution: 3.4.1
⛑️ Automatic Remediation will be attempted for this issue.
WebJar for jQuery
Library home page: http://webjars.org
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/webjars/jquery/3.2.1/jquery-3.2.1.jar,/home/wss-scanner/.m2/repository/org/webjars/jquery/3.2.1/jquery-3.2.1.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype.
Publish Date: 2019-04-20
URL: CVE-2019-11358
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358
Release Date: 2019-04-20
Fix Resolution (org.webjars:jquery): 3.4.0
Direct dependency fix Resolution (org.webjars:bootstrap): 4.4.1-1
⛑️ Automatic Remediation will be attempted for this issue.
WebJar for Bootstrap
Library home page: http://webjars.org
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/webjars/bootstrap/3.3.7/bootstrap-3.3.7.jar,/home/wss-scanner/.m2/repository/org/webjars/bootstrap/3.3.7/bootstrap-3.3.7.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
Publish Date: 2019-01-09
URL: CVE-2018-20677
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20677
Release Date: 2019-01-09
Fix Resolution: 3.4.0
⛑️ Automatic Remediation will be attempted for this issue.
WebJar for Bootstrap
Library home page: http://webjars.org
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/webjars/bootstrap/3.3.7/bootstrap-3.3.7.jar,/home/wss-scanner/.m2/repository/org/webjars/bootstrap/3.3.7/bootstrap-3.3.7.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
Publish Date: 2019-01-09
URL: CVE-2018-20676
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20676
Release Date: 2019-01-09
Fix Resolution: 3.4.0
⛑️ Automatic Remediation will be attempted for this issue.
WebJar for Bootstrap
Library home page: http://webjars.org
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/webjars/bootstrap/3.3.7/bootstrap-3.3.7.jar,/home/wss-scanner/.m2/repository/org/webjars/bootstrap/3.3.7/bootstrap-3.3.7.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
Publish Date: 2018-07-13
URL: CVE-2018-14042
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2018-14042
Release Date: 2018-07-13
Fix Resolution: 3.4.0
⛑️ Automatic Remediation will be attempted for this issue.
WebJar for Bootstrap
Library home page: http://webjars.org
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/webjars/bootstrap/3.3.7/bootstrap-3.3.7.jar,/home/wss-scanner/.m2/repository/org/webjars/bootstrap/3.3.7/bootstrap-3.3.7.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
Mend Note: Converted from WS-2018-0021, on 2022-11-08.
Publish Date: 2019-01-09
URL: CVE-2016-10735
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10735
Release Date: 2019-01-09
Fix Resolution: 3.4.0
⛑️ Automatic Remediation will be attempted for this issue.
WebJar for Bootstrap
Library home page: http://webjars.org
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/webjars/bootstrap/3.3.7/bootstrap-3.3.7.jar,/home/wss-scanner/.m2/repository/org/webjars/bootstrap/3.3.7/bootstrap-3.3.7.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
Publish Date: 2018-07-13
URL: CVE-2018-14040
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2018-14040
Release Date: 2018-07-13
Fix Resolution: 3.4.0
⛑️ Automatic Remediation will be attempted for this issue.
⛑️Automatic Remediation will be attempted for this issue.
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Path to dependency file: /docs/index.html
Path to vulnerable library: /docs/vendor/jquery/jquery.min.js
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (jquery version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2020-11023 | Medium | 6.1 | jquery-3.3.1.min.js | Direct | jquery - 3.5.0;jquery-rails - 4.4.0 | ❌ |
CVE-2020-11022 | Medium | 6.1 | jquery-3.3.1.min.js | Direct | jQuery - 3.5.0 | ❌ |
CVE-2019-11358 | Medium | 6.1 | jquery-3.3.1.min.js | Direct | jquery - 3.4.0 | ❌ |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Path to dependency file: /docs/index.html
Path to vulnerable library: /docs/vendor/jquery/jquery.min.js
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Publish Date: 2020-04-29
URL: CVE-2020-11023
Base Score Metrics:
Type: Upgrade version
Release Date: 2020-04-29
Fix Resolution: jquery - 3.5.0;jquery-rails - 4.4.0
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Path to dependency file: /docs/index.html
Path to vulnerable library: /docs/vendor/jquery/jquery.min.js
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Publish Date: 2020-04-29
URL: CVE-2020-11022
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022
Release Date: 2020-04-29
Fix Resolution: jQuery - 3.5.0
JavaScript library for DOM operations
Library home page: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Path to dependency file: /docs/index.html
Path to vulnerable library: /docs/vendor/jquery/jquery.min.js
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype.
Publish Date: 2019-04-20
URL: CVE-2019-11358
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358
Release Date: 2019-04-20
Fix Resolution: jquery - 3.4.0
Path to dependency file: /webgoat-server/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/boot/spring-boot-actuator-autoconfigure/2.2.2.RELEASE/spring-boot-actuator-autoconfigure-2.2.2.RELEASE.jar
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (webgoat-container-v8.1.0.jar version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2023-20873 | Critical | 9.8 | spring-boot-actuator-autoconfigure-2.2.2.RELEASE.jar | Transitive | N/A* | ❌ |
CVE-2022-22978 | Critical | 9.8 | spring-security-web-5.2.1.RELEASE.jar | Transitive | N/A* | ❌ |
CVE-2021-22112 | High | 8.8 | spring-security-web-5.2.1.RELEASE.jar | Transitive | N/A* | ❌ |
CVE-2024-22257 | High | 8.2 | spring-security-core-5.2.1.RELEASE.jar | Transitive | N/A* | ❌ |
WS-2019-0490 | High | 8.1 | jcommander-1.35.jar | Transitive | N/A* | ❌ |
CVE-2020-5408 | Medium | 6.5 | spring-security-core-5.2.1.RELEASE.jar | Transitive | N/A* | ❌ |
WS-2017-3767 | Medium | 6.3 | spring-security-web-5.2.1.RELEASE.jar | Transitive | N/A* | ❌ |
WS-2020-0293 | Medium | 5.9 | spring-security-web-5.2.1.RELEASE.jar | Transitive | N/A* | ❌ |
WS-2016-7107 | Medium | 5.9 | spring-security-web-5.2.1.RELEASE.jar | Transitive | N/A* | ❌ |
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Spring Boot Actuator AutoConfigure
Library home page: https://projects.spring.io/spring-boot/#/spring-boot-parent/spring-boot-actuator-autoconfigure
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/boot/spring-boot-actuator-autoconfigure/2.2.2.RELEASE/spring-boot-actuator-autoconfigure-2.2.2.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6+. 2.7.x users should upgrade to 2.7.11+. Users of older, unsupported versions should upgrade to 3.0.6+ or 2.7.11+.
Publish Date: 2023-04-20
URL: CVE-2023-20873
Base Score Metrics:
Type: Upgrade version
Origin: https://spring.io/security/cve-2023-20873
Release Date: 2023-04-20
Fix Resolution: org.springframework.boot:spring-boot-actuator-autoconfigure:2.7.11,3.0.6
spring-security-web
Library home page: http://spring.io/spring-security
Path to dependency file: /webgoat-server/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/security/spring-security-web/5.2.1.RELEASE/spring-security-web-5.2.1.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In spring security versions prior to 5.4.11+, 5.5.7+ , 5.6.4+ and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with .
in the regular expression are possibly vulnerable to an authorization bypass.
Publish Date: 2022-05-19
URL: CVE-2022-22978
Base Score Metrics:
Type: Upgrade version
Origin: https://spring.io/security/cve-2022-22978/
Release Date: 2022-05-19
Fix Resolution: org.springframework.security:spring-security-web:5.5.7,5.6.4
spring-security-web
Library home page: http://spring.io/spring-security
Path to dependency file: /webgoat-server/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/security/spring-security-web/5.2.1.RELEASE/spring-security-web-5.2.1.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in a single request.A malicious user cannot cause the bug to happen (it must be programmed in). However, if the application's intent is to only allow the user to run with elevated privileges in a small portion of the application, the bug can be leveraged to extend those privileges to the rest of the application.
Publish Date: 2021-02-23
URL: CVE-2021-22112
Base Score Metrics:
Type: Upgrade version
Origin: https://tanzu.vmware.com/security/cve-2021-22112
Release Date: 2021-02-23
Fix Resolution: org.springframework.security:spring-security-web:5.2.9,5.3.8,5.4.4
spring-security-core
Library home page: http://spring.io/spring-security
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/security/spring-security-core/5.2.1.RELEASE/spring-security-core-5.2.1.RELEASE.jar,/home/wss-scanner/.m2/repository/org/springframework/security/spring-security-core/5.2.1.RELEASE/spring-security-core-5.2.1.RELEASE.jar,/home/wss-scanner/.m2/repository/org/springframework/security/spring-security-core/5.2.1.RELEASE/spring-security-core-5.2.1.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
In Spring Security, versions 5.7.x prior to 5.7.12, 5.8.x prior to
5.8.11, versions 6.0.x prior to 6.0.9, versions 6.1.x prior to 6.1.8,
versions 6.2.x prior to 6.2.3, an application is possible vulnerable to
broken access control when it directly uses the AuthenticatedVoter#vote passing a null Authentication parameter.
Publish Date: 2024-03-18
URL: CVE-2024-22257
Base Score Metrics:
Type: Upgrade version
Origin: https://spring.io/security/cve-2024-22257
Release Date: 2024-03-18
Fix Resolution: org.springframework.security:spring-security-core:5.7.12,5.8.11,6.1.8,6.2.3
A Java framework to parse command line options with annotations.
Library home page: http://beust.com/
Path to dependency file: /webgoat-container/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/beust/jcommander/1.35/jcommander-1.35.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
Inclusion of Functionality from Untrusted Control Sphere vulnerability found in jcommander before 1.75. jcommander resolving dependencies over HTTP instead of HTTPS.
Publish Date: 2019-02-19
URL: WS-2019-0490
Base Score Metrics:
Type: Upgrade version
Release Date: 2019-02-19
Fix Resolution: com.beust:jcommander:1.75
spring-security-core
Library home page: http://spring.io/spring-security
Path to dependency file: /webwolf/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/security/spring-security-core/5.2.1.RELEASE/spring-security-core-5.2.1.RELEASE.jar,/home/wss-scanner/.m2/repository/org/springframework/security/spring-security-core/5.2.1.RELEASE/spring-security-core-5.2.1.RELEASE.jar,/home/wss-scanner/.m2/repository/org/springframework/security/spring-security-core/5.2.1.RELEASE/spring-security-core-5.2.1.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null initialization vector with CBC Mode in the implementation of the queryable text encryptor. A malicious user with access to the data that has been encrypted using such an encryptor may be able to derive the unencrypted values using a dictionary attack.
Publish Date: 2020-05-14
URL: CVE-2020-5408
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5408
Release Date: 2020-05-14
Fix Resolution: org.springframework.security:spring-security-crypto:4.2.16,5.0.16,5.1.10,5.2.4,5.3.2,org.springframework.security:spring-security-core:4.2.16,5.0.16,5.1.10,5.2.4,5.3.2
spring-security-web
Library home page: http://spring.io/spring-security
Path to dependency file: /webgoat-server/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/security/spring-security-web/5.2.1.RELEASE/spring-security-web-5.2.1.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
Cross-Site Request Forgery (CSRF) vulnerability was found in spring-security before 4.2.15, 5.0.15, 5.1.9, 5.2.3, and 5.3.1. SwitchUserFilter responds to all HTTP methods, making it vulnerable to CSRF attacks.
Publish Date: 2017-01-03
URL: WS-2017-3767
Base Score Metrics:
Type: Upgrade version
Release Date: 2017-01-03
Fix Resolution: org.springframework.security:spring-security-web:4.2.15,5.0.15,5.1.9,5.2.3,5.3.1
spring-security-web
Library home page: http://spring.io/spring-security
Path to dependency file: /webgoat-server/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/security/spring-security-web/5.2.1.RELEASE/spring-security-web-5.2.1.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
Spring Security before 5.2.9, 5.3.7, and 5.4.3 vulnerable to side-channel attacks. Vulnerable versions of Spring Security don't use constant time comparisons for CSRF tokens.
Publish Date: 2020-12-17
URL: WS-2020-0293
Base Score Metrics:
Type: Upgrade version
Release Date: 2020-12-17
Fix Resolution: org.springframework.security:spring-security-web:5.2.9,5.3.7,5.4.3
spring-security-web
Library home page: http://spring.io/spring-security
Path to dependency file: /webgoat-server/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/security/spring-security-web/5.2.1.RELEASE/spring-security-web-5.2.1.RELEASE.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
CSRF tokens in Spring Security are vulnerable to a breach attack. Spring Security always returns the same CSRF token to the browser.
Publish Date: 2016-08-02
URL: WS-2016-7107
Base Score Metrics:
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/WS-2016-7107
Release Date: 2016-08-02
Fix Resolution: org.springframework.security:spring-security-web - 5.2.14.RELEASE,5.3.13.RELEASE,5.5.4,5.4.10
Path to dependency file: /webgoat-server/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/ant/ant/1.6.2/ant-1.6.2.jar,/home/wss-scanner/.m2/repository/ant/ant/1.6.2/ant-1.6.2.jar,/home/wss-scanner/.m2/repository/ant/ant/1.6.2/ant-1.6.2.jar
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (ant version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2020-11979 | High | 7.5 | ant-1.6.2.jar | Direct | org.apache.ant:ant:1.10.9 | ✅ |
CVE-2020-1945 | Medium | 6.3 | ant-1.6.2.jar | Direct | org.apache.ant:ant:1.9.15,1.10.8 | ✅ |
CVE-2021-36374 | Medium | 5.5 | ant-1.6.2.jar | Direct | org.apache.ant:ant:1.9.16,1.10.11 | ✅ |
CVE-2021-36373 | Medium | 5.5 | ant-1.6.2.jar | Direct | org.apache.ant:ant:1.9.16,1.10.11 | ✅ |
CVE-2012-2098 | Medium | 5.3 | ant-1.6.2.jar | Direct | org.apache.ant:ant:1.8.4,org.apache.commons:commons-compress:1.4.1 | ✅ |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Path to dependency file: /webgoat-server/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/ant/ant/1.6.2/ant-1.6.2.jar,/home/wss-scanner/.m2/repository/ant/ant/1.6.2/ant-1.6.2.jar,/home/wss-scanner/.m2/repository/ant/ant/1.6.2/ant-1.6.2.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without said protection, effectively nullifying the effort. This would still allow an attacker to inject modified source files into the build process.
Publish Date: 2020-10-01
URL: CVE-2020-11979
Base Score Metrics:
Type: Upgrade version
Origin: https://ant.apache.org/security.html
Release Date: 2020-10-01
Fix Resolution: org.apache.ant:ant:1.10.9
⛑️ Automatic Remediation will be attempted for this issue.
Path to dependency file: /webgoat-server/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/ant/ant/1.6.2/ant-1.6.2.jar,/home/wss-scanner/.m2/repository/ant/ant/1.6.2/ant-1.6.2.jar,/home/wss-scanner/.m2/repository/ant/ant/1.6.2/ant-1.6.2.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process.
Publish Date: 2020-05-14
URL: CVE-2020-1945
Base Score Metrics:
Type: Upgrade version
Origin: https://ant.apache.org/security.html
Release Date: 2020-05-14
Fix Resolution: org.apache.ant:ant:1.9.15,1.10.8
⛑️ Automatic Remediation will be attempted for this issue.
Path to dependency file: /webgoat-server/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/ant/ant/1.6.2/ant-1.6.2.jar,/home/wss-scanner/.m2/repository/ant/ant/1.6.2/ant-1.6.2.jar,/home/wss-scanner/.m2/repository/ant/ant/1.6.2/ant-1.6.2.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Commonly used derived formats from ZIP archives are for instance JAR files and many office files. Apache Ant prior to 1.9.16 and 1.10.11 were affected.
Publish Date: 2021-07-14
URL: CVE-2021-36374
Base Score Metrics:
Type: Upgrade version
Origin: https://ant.apache.org/security.html
Release Date: 2021-07-14
Fix Resolution: org.apache.ant:ant:1.9.16,1.10.11
⛑️ Automatic Remediation will be attempted for this issue.
Path to dependency file: /webgoat-server/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/ant/ant/1.6.2/ant-1.6.2.jar,/home/wss-scanner/.m2/repository/ant/ant/1.6.2/ant-1.6.2.jar,/home/wss-scanner/.m2/repository/ant/ant/1.6.2/ant-1.6.2.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Apache Ant prior to 1.9.16 and 1.10.11 were affected.
Publish Date: 2021-07-14
URL: CVE-2021-36373
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36373
Release Date: 2021-07-14
Fix Resolution: org.apache.ant:ant:1.9.16,1.10.11
⛑️ Automatic Remediation will be attempted for this issue.
Path to dependency file: /webgoat-server/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/ant/ant/1.6.2/ant-1.6.2.jar,/home/wss-scanner/.m2/repository/ant/ant/1.6.2/ant-1.6.2.jar,/home/wss-scanner/.m2/repository/ant/ant/1.6.2/ant-1.6.2.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream (BZip2CompressorOutputStream) in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service (CPU consumption) via a file with many repeating inputs.
Publish Date: 2012-06-29
URL: CVE-2012-2098
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2098
Release Date: 2012-06-29
Fix Resolution: org.apache.ant:ant:1.8.4,org.apache.commons:commons-compress:1.4.1
⛑️ Automatic Remediation will be attempted for this issue.
⛑️Automatic Remediation will be attempted for this issue.
jsoup is a Java library for working with real-world HTML. It provides a very convenient API for extracting and manipulating data, using the best of DOM, CSS, and jquery-like methods. jsoup implements the WHATWG HTML5 specification, and parses HTML to the same DOM as modern browsers do.
Path to dependency file: /webgoat-lessons/cross-site-scripting/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/jsoup/jsoup/1.11.3/jsoup-1.11.3.jar,/home/wss-scanner/.m2/repository/org/jsoup/jsoup/1.11.3/jsoup-1.11.3.jar,/home/wss-scanner/.m2/repository/org/jsoup/jsoup/1.11.3/jsoup-1.11.3.jar
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (jsoup version) | Remediation Possible** |
---|---|---|---|---|---|---|
CVE-2021-37714 | High | 7.5 | jsoup-1.11.3.jar | Direct | 1.14.2 | ✅ |
CVE-2022-36033 | Medium | 6.1 | jsoup-1.11.3.jar | Direct | 1.15.3 | ✅ |
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
jsoup is a Java library for working with real-world HTML. It provides a very convenient API for extracting and manipulating data, using the best of DOM, CSS, and jquery-like methods. jsoup implements the WHATWG HTML5 specification, and parses HTML to the same DOM as modern browsers do.
Path to dependency file: /webgoat-lessons/cross-site-scripting/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/jsoup/jsoup/1.11.3/jsoup-1.11.3.jar,/home/wss-scanner/.m2/repository/org/jsoup/jsoup/1.11.3/jsoup-1.11.3.jar,/home/wss-scanner/.m2/repository/org/jsoup/jsoup/1.11.3/jsoup-1.11.3.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck (loop indefinitely until cancelled), to complete more slowly than usual, or to throw an unexpected exception. This effect may support a denial of service attack. The issue is patched in version 1.14.2. There are a few available workarounds. Users may rate limit input parsing, limit the size of inputs based on system resources, and/or implement thread watchdogs to cap and timeout parse runtimes.
Publish Date: 2021-08-18
URL: CVE-2021-37714
Base Score Metrics:
Type: Upgrade version
Origin: https://jsoup.org/news/release-1.14.2
Release Date: 2021-08-18
Fix Resolution: 1.14.2
⛑️ Automatic Remediation will be attempted for this issue.
jsoup is a Java library for working with real-world HTML. It provides a very convenient API for extracting and manipulating data, using the best of DOM, CSS, and jquery-like methods. jsoup implements the WHATWG HTML5 specification, and parses HTML to the same DOM as modern browsers do.
Path to dependency file: /webgoat-lessons/cross-site-scripting/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/jsoup/jsoup/1.11.3/jsoup-1.11.3.jar,/home/wss-scanner/.m2/repository/org/jsoup/jsoup/1.11.3/jsoup-1.11.3.jar,/home/wss-scanner/.m2/repository/org/jsoup/jsoup/1.11.3/jsoup-1.11.3.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly sanitize HTML including javascript:
URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default SafeList.preserveRelativeLinks
option is enabled, HTML including javascript:
URLs that have been crafted with control characters will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is then possible. This issue is patched in jsoup 1.15.3. Users should upgrade to this version. Additionally, as the unsanitized input may have been persisted, old content should be cleaned again using the updated version. To remediate this issue without immediately upgrading: - disable SafeList.preserveRelativeLinks
, which will rewrite input URLs as absolute URLs - ensure an appropriate Content Security Policy is defined. (This should be used regardless of upgrading, as a defence-in-depth best practice.)
Publish Date: 2022-08-29
URL: CVE-2022-36033
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-gp7f-rwcx-9369
Release Date: 2022-08-29
Fix Resolution: 1.15.3
⛑️ Automatic Remediation will be attempted for this issue.
⛑️Automatic Remediation will be attempted for this issue.
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/beust/jcommander/1.35/jcommander-1.35.jar
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
CVE | Severity | CVSS | Dependency | Type | Fixed in (webgoat-server-v8.1.0.jar version) | Remediation Possible** |
---|---|---|---|---|---|---|
WS-2019-0490 | High | 8.1 | jcommander-1.35.jar | Transitive | N/A* | ❌ |
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
A Java framework to parse command line options with annotations.
Library home page: http://beust.com/
Path to dependency file: /webgoat-integration-tests/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/com/beust/jcommander/1.35/jcommander-1.35.jar
Dependency Hierarchy:
Found in HEAD commit: 0a9333ddb56c20579d3dc182cdf741a918259c21
Found in base branch: main
Inclusion of Functionality from Untrusted Control Sphere vulnerability found in jcommander before 1.75. jcommander resolving dependencies over HTTP instead of HTTPS.
Publish Date: 2019-02-19
URL: WS-2019-0490
Base Score Metrics:
Type: Upgrade version
Release Date: 2019-02-19
Fix Resolution: com.beust:jcommander:1.75
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.