Vulnerable Library - xercesImpl-2.9.1.jar

Xerces2 is the next generation of high performance, fully compliant XML parsers in the Apache Xerces family. This new version of Xerces introduces the Xerces Native Interface (XNI), a complete framework for building parser components and configurations that is extremely modular and easy to program.

Path to dependency file: ready-msazure-plugin/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/xerces/xercesImpl/2.9.1/xercesImpl-2.9.1.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • ready-api-soapui-1.3.0.jar
    • htmlunit-2.7.jar
      • ❌ xercesImpl-2.9.1.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

A flaw was found in Wildfly's implementation of Xerces, specifically in the way the XMLSchemaValidator class in the JAXP component of Wildfly enforced the "use-grammar-pool-only" feature. This flaw allows a specially-crafted XML file to manipulate the validation process in certain cases. This issue is the same flaw as CVE-2020-14621, which affected OpenJDK, and uses a similar code. This flaw affects all Xerces JBoss versions before 2.12.0.SP3.

Publish Date: 2020-09-17

URL: CVE-2020-14338

CVSS 3 Score Details (5.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://bugzilla.redhat.com/show_bug.cgi?id=1860054

Release Date: 2020-07-21

Fix Resolution: xerces:xercesImpl:2.12.0.SP3

Vulnerable Library - wss4j-1.6.14.jar

The Apache WSS4J project provides a Java implementation of the primary security standards for Web Services, namely the OASIS Web Services Security (WS-Security) specifications from the OASIS Web Services Security TC.

Library home page: http://ws.apache.org/wss4j/

Path to dependency file: ready-msazure-plugin/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/ws/security/wss4j/1.6.14/wss4j-1.6.14.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • ready-api-soapui-1.3.0.jar
    • ❌ wss4j-1.6.14.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

Apache WSS4J before 1.6.17 and 2.x before 2.0.2, as used in Apache CXF 2.7.x before 2.7.13 and 3.0.x before 3.0.2, when using TransportBinding, does not properly enforce the SAML SubjectConfirmation method security semantics, which allows remote attackers to conduct spoofing attacks via unspecified vectors.

Publish Date: 2014-10-30

URL: CVE-2014-3623

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: N/A
  • Attack Complexity: N/A
  • Privileges Required: N/A
  • User Interaction: N/A
  • Scope: N/A
• Impact Metrics:
  • Confidentiality Impact: N/A
  • Integrity Impact: N/A
  • Availability Impact: N/A

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3623

Release Date: 2014-10-30

Fix Resolution: org.apache.wss4j:wss4j-ws-security-stax:2.0.3,org.apache.wss4j:wss4j-ws-security-dom:2.0.3,org.apache.ws.security:wss4j:2.0.3

Vulnerable Library - commons-codec-1.6.jar

The codec package contains simple encoder and decoders for various formats such as Base64 and Hexadecimal. In addition to these widely used encoders and decoders, the codec package also maintains a collection of phonetic encoding utilities.

Library home page: http://commons.apache.org/codec/

Path to dependency file: ready-msazure-plugin/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-codec/commons-codec/1.6/commons-codec-1.6.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • ready-api-soapui-1.3.0.jar
    • ❌ commons-codec-1.6.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

Apache commons-codec before version “commons-codec-1.13-RC1” is vulnerable to information disclosure due to Improper Input validation.

Publish Date: 2019-05-20

URL: WS-2019-0379

CVSS 3 Score Details (6.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: apache/commons-codec@48b6157

Release Date: 2019-05-20

Fix Resolution: commons-codec:commons-codec:1.13

Vulnerable Library - guava-15.0.jar

Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more.

Guava has two code dependencies - javax.annotation
per the JSR-305 spec and javax.inject per the JSR-330 spec.</p>

Library home page: http://code.google.com/p/guava-libraries

Path to dependency file: ready-msazure-plugin/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/google/guava/guava/15.0/guava-15.0.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • ready-api-soapui-1.3.0.jar
    • ❌ guava-15.0.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured.

Publish Date: 2020-12-10

URL: CVE-2020-8908

CVSS 3 Score Details (3.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8908

Release Date: 2020-12-10

Fix Resolution: v30.0

Vulnerable Library - jackson-databind-2.3.0.jar

General data-binding functionality for Jackson: works on core streaming API

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.3.0/jackson-databind-2.3.0.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • keen-client-api-java-2.0.2.jar
    • ❌ jackson-databind-2.3.0.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.

Publish Date: 2019-01-02

URL: CVE-2018-14721

CVSS 3 Score Details (10.0)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14721

Release Date: 2019-01-02

Fix Resolution: com.fasterxml.jackson.core:jackson-databind:2.9.7,2.8.11.3,2.7.9.5,2.6.7.3

Vulnerable Library - xmlsec-1.4.5.jar

Apache Santuario supports XML-Signature Syntax and Processing, W3C Recommendation 12 February 2002, and XML Encryption Syntax and Processing, W3C Recommendation 10 December 2002. As of version 1.4, the Java library supports the standard Java API JSR-105: XML Digital Signature APIs.

Path to dependency file: ready-msazure-plugin/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/santuario/xmlsec/1.4.5/xmlsec-1.4.5.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • ready-api-soapui-1.3.0.jar
    • ❌ xmlsec-1.4.5.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

jcp/xml/dsig/internal/dom/DOMCanonicalizationMethod.java in Apache Santuario XML Security for Java 1.4.x before 1.4.8 and 1.5.x before 1.5.5 allows context-dependent attackers to spoof an XML Signature by using the CanonicalizationMethod parameter to specify an arbitrary weak "canonicalization algorithm to apply to the SignedInfo part of the Signature."

Publish Date: 2013-08-20

URL: CVE-2013-2172

CVSS 2 Score Details (4.3)

Base Score Metrics not available

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2172

Release Date: 2013-08-20

Fix Resolution: org.apache.santuario:xmlsec:1.4.8,1.5.5;org.glassfish.metro:webservices-rt:2.4.0

Vulnerable Libraries - bcprov-jdk14-138.jar, bcprov-jdk15-1.45.jar, bcprov-jdk15-1.44.jar

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider.

Publish Date: 2018-06-04

URL: CVE-2016-1000344

CVSS 3 Score Details (7.4)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000344

Release Date: 2018-06-04

Fix Resolution: org.bouncycastle:bcprov-debug-jdk15on:1.56,org.bouncycastle:bcprov-debug-jdk14:1.56,org.bouncycastle:bcprov-ext-jdk15on:1.56,org.bouncycastle:bcprov-jdk14:1.56,org.bouncycastle:bcprov-jdk15on:1.56,org.bouncycastle:bcprov-ext-debug-jdk15on:1.56

Vulnerable Library - jackson-databind-2.3.0.jar

General data-binding functionality for Jackson: works on core streaming API

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.3.0/jackson-databind-2.3.0.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • keen-client-api-java-2.0.2.jar
    • ❌ jackson-databind-2.3.0.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.

Publish Date: 2019-01-02

URL: CVE-2018-14720

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2018-14720

Release Date: 2019-01-02

Fix Resolution: 2.9.7

Vulnerable Libraries - bcprov-jdk15-1.45.jar, bcprov-jdk15-1.44.jar

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider.

Publish Date: 2018-06-04

URL: CVE-2016-1000352

CVSS 3 Score Details (7.4)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000352

Release Date: 2018-06-04

Fix Resolution: org.bouncycastle:bcprov-debug-jdk15on:1.56,org.bouncycastle:bcprov-debug-jdk14:1.56,org.bouncycastle:bcprov-ext-jdk15on:1.56,org.bouncycastle:bcprov-jdk14:1.56,org.bouncycastle:bcprov-jdk15on:1.56,org.bouncycastle:bcprov-ext-debug-jdk15on:1.56

Vulnerable Library - jasperreports-4.0.1.jar

JasperReports Library

Library home page: http://jasperreports.sourceforge.net

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/net/sf/jasperreports/jasperreports/4.0.1/jasperreports-4.0.1.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • ❌ jasperreports-4.0.1.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

A vulnerability in the report scripting component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO JasperReports Library, TIBCO JasperReports Library Community Edition, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, TIBCO Jaspersoft Reporting and Analytics for AWS, TIBCO Jaspersoft Studio, TIBCO Jaspersoft Studio Community Edition, and TIBCO Jaspersoft Studio for ActiveMatrix BPM may allow analytic reports that contain scripting to perform arbitrary code execution. Affected releases include TIBCO Software Inc.'s TIBCO JasperReports Server: versions up to and including 6.2.4; 6.3.0; 6.3.2;6.3.3; 6.4.0; 6.4.2, TIBCO JasperReports Server Community Edition: versions up to and including 6.4.2, TIBCO JasperReports Server for ActiveMatrix BPM: versions up to and including 6.4.2, TIBCO JasperReports Library: versions up to and including 6.2.4; 6.3.0; 6.3.2; 6.3.3; 6.4.0; 6.4.1; 6.4.2, TIBCO JasperReports Library Community Edition: versions up to and including 6.4.3, TIBCO JasperReports Library for ActiveMatrix BPM: versions up to and including 6.4.2, TIBCO Jaspersoft for AWS with Multi-Tenancy: versions up to and including 6.4.2, TIBCO Jaspersoft Reporting and Analytics for AWS: versions up to and including 6.4.2, TIBCO Jaspersoft Studio: versions up to and including 6.2.4; 6.3.0; 6.3.2; 6.3.3; 6.4.0; 6.4.2, TIBCO Jaspersoft Studio Community Edition: versions up to and including 6.4.3, TIBCO Jaspersoft Studio for ActiveMatrix BPM: versions up to and including 6.4.2.

Publish Date: 2018-04-17

URL: CVE-2018-5429

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://www.tibco.com/support/advisories/2018/04/tibco-security-advisory-april-17-2018-tibco-jasperreports-2018-5429

Release Date: 2018-04-17

Fix Resolution: 6.4.3

Vulnerable Library - jackson-core-2.3.0.jar

Core Jackson abstractions, basic JSON streaming API implementation

Path to dependency file: ready-msazure-plugin/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-core/2.3.0/jackson-core-2.3.0.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • keen-client-api-java-2.0.2.jar
    • jackson-databind-2.3.0.jar
      • ❌ jackson-core-2.3.0.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

OutOfMemoryError when writing BigDecimal In Jackson Core before version 2.7.7.
When enabled the WRITE_BIGDECIMAL_AS_PLAIN setting, Jackson will attempt to write out the whole number, no matter how large the exponent.

Publish Date: 2016-08-25

URL: WS-2018-0125

CVSS 2 Score Details (5.5)

Base Score Metrics not available

Suggested Fix

Type: Upgrade version

Origin: https://github.com/FasterXML/jackson-core/releases/tag/jackson-core-2.7.7

Release Date: 2016-08-25

Fix Resolution: com.fasterxml.jackson.core:jackson-core:2.7.7

Vulnerable Library - jackson-databind-2.3.0.jar

General data-binding functionality for Jackson: works on core streaming API

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.3.0/jackson-databind-2.3.0.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • keen-client-api-java-2.0.2.jar
    • ❌ jackson-databind-2.3.0.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.

Publish Date: 2019-01-02

URL: CVE-2018-14719

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2018-14719

Release Date: 2019-01-02

Fix Resolution: 2.9.7

Vulnerable Library - snakeyaml-1.13.jar

YAML 1.1 parser and emitter for Java

Library home page: http://www.snakeyaml.org

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.13/snakeyaml-1.13.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • ready-api-soapui-1.3.0.jar
    • raml-parser-0.9-20150213.jar
      • ❌ snakeyaml-1.13.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564.

Publish Date: 2019-12-12

URL: CVE-2017-18640

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18640

Release Date: 2019-12-12

Fix Resolution: org.yaml:snakeyaml:1.26

Vulnerable Library - jackson-databind-2.3.0.jar

General data-binding functionality for Jackson: works on core streaming API

Path to dependency file: ready-msazure-plugin/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.3.0/jackson-databind-2.3.0.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • keen-client-api-java-2.0.2.jar
    • ❌ jackson-databind-2.3.0.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x through 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has JDOM 1.x or 2.x jar in the classpath, an attacker can send a specifically crafted JSON message that allows them to read arbitrary local files on the server.

Publish Date: 2019-06-19

URL: CVE-2019-12814

CVSS 3 Score Details (5.9)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: FasterXML/jackson-databind#2341

Release Date: 2019-06-19

Fix Resolution: 2.7.9.6, 2.8.11.4, 2.9.9.1, 2.10.0

Vulnerable Library - jackson-databind-2.3.0.jar

General data-binding functionality for Jackson: works on core streaming API

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.3.0/jackson-databind-2.3.0.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • keen-client-api-java-2.0.2.jar
    • ❌ jackson-databind-2.3.0.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.

Publish Date: 2018-02-06

URL: CVE-2017-7525

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7525

Release Date: 2018-02-06

Fix Resolution: com.fasterxml.jackson.core:jackson-databind:2.6.7.1,2.7.9.1,2.8.9

Vulnerable Libraries - bcprov-jdk15-1.44.jar, bcprov-jdk14-138.jar, bcprov-jdk15-1.45.jar

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

In the Bouncy Castle JCE Provider version 1.55 and earlier DSA signature generation is vulnerable to timing attack. Where timings can be closely observed for the generation of signatures, the lack of blinding in 1.55, or earlier, may allow an attacker to gain information about the signature's k value and ultimately the private value as well.

Publish Date: 2018-06-04

URL: CVE-2016-1000341

CVSS 3 Score Details (5.9)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000341

Release Date: 2018-06-04

Fix Resolution: org.bouncycastle:bcprov-debug-jdk15on:1.56,org.bouncycastle:bcprov-debug-jdk14:1.56,org.bouncycastle:bcprov-ext-jdk15on:1.56,org.bouncycastle:bcprov-jdk14:1.56,org.bouncycastle:bcprov-jdk15on:1.56,org.bouncycastle:bcprov-ext-debug-jdk15on:1.56

Vulnerable Library - jackson-databind-2.3.0.jar

General data-binding functionality for Jackson: works on core streaming API

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.3.0/jackson-databind-2.3.0.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • keen-client-api-java-2.0.2.jar
    • ❌ jackson-databind-2.3.0.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath, and an attacker can host a crafted MySQL server reachable by the victim, an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation.

Publish Date: 2019-05-17

URL: CVE-2019-12086

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12086

Release Date: 2019-05-17

Fix Resolution: 2.9.9

Vulnerable Library - xalan-2.7.1.jar

Xalan-Java is an XSLT processor for transforming XML documents into HTML, text, or other XML document types. It implements XSL Transformations (XSLT) Version 1.0 and XML Path Language (XPath) Version 1.0 and can be used from the command line, in an applet or a servlet, or as a module in other program.

Library home page: http://xml.apache.org/xalan-j/

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/xalan/xalan/2.7.1/xalan-2.7.1.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • ready-api-soapui-1.3.0.jar
    • ❌ xalan-2.7.1.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function.

Publish Date: 2014-04-15

URL: CVE-2014-0107

CVSS 3 Score Details (7.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: Low

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0107

Release Date: 2014-04-15

Fix Resolution: 2.7.2

Vulnerable Library - jackson-databind-2.3.0.jar

General data-binding functionality for Jackson: works on core streaming API

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.3.0/jackson-databind-2.3.0.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • keen-client-api-java-2.0.2.jar
    • ❌ jackson-databind-2.3.0.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).

Publish Date: 2020-04-07

URL: CVE-2020-11619

CVSS 3 Score Details (8.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11619

Release Date: 2020-04-07

Fix Resolution: com.fasterxml.jackson.core:jackson-databind:2.9.10.4

Vulnerable Library - jackson-databind-2.3.0.jar

General data-binding functionality for Jackson: works on core streaming API

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.3.0/jackson-databind-2.3.0.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • keen-client-api-java-2.0.2.jar
    • ❌ jackson-databind-2.3.0.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload.

Publish Date: 2019-10-12

URL: CVE-2019-17531

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17531

Release Date: 2019-10-12

Fix Resolution: 2.10

Vulnerable Libraries - bcprov-jdk15-1.44.jar, bcprov-jdk14-138.jar, bcprov-jdk15-1.45.jar

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

The default BKS keystore use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS keystore. Bouncy Castle release 1.47 changes the BKS format to a format which uses a 160 bit HMAC instead. This applies to any BKS keystore generated prior to BC 1.47. For situations where people need to create the files for legacy reasons a specific keystore type "BKS-V1" was introduced in 1.49. It should be noted that the use of "BKS-V1" is discouraged by the library authors and should only be used where it is otherwise safe to do so, as in where the use of a 16 bit checksum for the file integrity check is not going to cause a security issue in itself.

Publish Date: 2018-04-16

URL: CVE-2018-5382

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://vulners.com/cert/VU:306792

Release Date: 2018-04-16

Fix Resolution: org.bouncycastle:bcprov-ext-jdk14:1.47,org.bouncycastle:bcprov-ext-jdk15on:1.47,org.bouncycastle:bcprov-jdk14:1.47

Vulnerable Library - commons-beanutils-1.7.0.jar

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-beanutils/commons-beanutils/1.7.0/commons-beanutils-1.7.0.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • ready-api-soapui-1.3.0.jar
    • ❌ commons-beanutils-1.7.0.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.

Publish Date: 2014-04-30

URL: CVE-2014-0114

CVSS 3 Score Details (7.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: Low

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0114

Release Date: 2014-04-30

Fix Resolution: commons-beanutils:commons-beanutils:1.9.4;org.apache.struts:struts2-core:2.0.5

Vulnerable Library - swagger-parser-1.0.2.jar

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/io/swagger/swagger-parser/1.0.2/swagger-parser-1.0.2.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • ready-api-soapui-1.3.0.jar
    • ❌ swagger-parser-1.0.2.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

A vulnerability in Swagger-Parser's version <= 1.0.30 and Swagger codegen version <= 2.2.2 yaml parsing functionality results in arbitrary code being executed when a maliciously crafted yaml Open-API specification is parsed. This in particular, affects the 'generate' and 'validate' command in swagger-codegen (<= 2.2.2) and can lead to arbitrary code being executed when these commands are used on a well-crafted yaml specification.

Publish Date: 2017-11-27

URL: CVE-2017-1000207

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000207

Release Date: 2017-11-27

Fix Resolution: 1.0.31

Vulnerable Library - junit-4.11.jar

JUnit is a regression testing framework written by Erich Gamma and Kent Beck. It is used by the developer who implements unit tests in Java.

Library home page: http://junit.org

Path to dependency file: ready-msazure-plugin/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/junit/junit/4.11/junit-4.11.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • ready-api-soapui-1.3.0.jar
    • ❌ junit-4.11.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability does not allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. This vulnerability impacts you if the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder, and the JUnit tests execute in an environment where the OS has other untrusted users. Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. For Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. For Java 1.6 and lower users: no patch is available, you must use the workaround below. If you are unable to patch, or are stuck running on Java 1.6, specifying the java.io.tmpdir system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. For more information, including an example of vulnerable code, see the referenced GitHub Security Advisory.

Publish Date: 2020-10-12

URL: CVE-2020-15250

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: GHSA-269g-pwp5-87pp

Release Date: 2020-07-21

Fix Resolution: junit:junit:4.13.1

Vulnerable Library - jackson-databind-2.3.0.jar

General data-binding functionality for Jackson: works on core streaming API

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.3.0/jackson-databind-2.3.0.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • keen-client-api-java-2.0.2.jar
    • ❌ jackson-databind-2.3.0.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Jodd-db jar (for database access for the Jodd framework) in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload.

Publish Date: 2019-03-21

URL: CVE-2018-12022

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022

Release Date: 2019-03-21

Fix Resolution: 2.7.9.4, 2.8.11.2, 2.9.6

Vulnerable Library - commons-collections-3.2.1.jar

Types that extend and augment the Java Collections Framework.

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-collections/commons-collections/3.2.1/commons-collections-3.2.1.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • ready-api-soapui-1.3.0.jar
    • ❌ commons-collections-3.2.1.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Service Provider; Unified Computing; Voice and Unified Communications Devices; Video, Streaming, TelePresence, and Transcoding Devices; Wireless; and Cisco Hosted Services products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.

Publish Date: 2015-12-15

URL: CVE-2015-6420

CVSS 3 Score Details (7.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: Low

Suggested Fix

Type: Upgrade version

Release Date: 2015-12-15

Fix Resolution: commons-collections:commons-collections3.2.2,org.apache.commons:commons-collections4:4.1

Vulnerable Libraries - bcprov-jdk15-1.44.jar, bcprov-jdk14-138.jar, bcprov-jdk15-1.45.jar

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other party's private key where static Diffie-Hellman is in use. As of release 1.56 the key parameters are checked on agreement calculation.

Publish Date: 2018-06-04

URL: CVE-2016-1000346

CVSS 3 Score Details (3.7)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000346

Release Date: 2018-06-04

Fix Resolution: org.bouncycastle:bcprov-debug-jdk15on:1.56,org.bouncycastle:bcprov-debug-jdk14:1.56,org.bouncycastle:bcprov-ext-jdk14:1.56,org.bouncycastle:bcprov-ext-jdk15on:1.56,org.bouncycastle:bcprov-jdk14:1.56,org.bouncycastle:bcprov-jdk15on:1.56,org.bouncycastle:bcprov-ext-debug-jdk15on:1.56

Vulnerable Library - jackson-databind-2.3.0.jar

General data-binding functionality for Jackson: works on core streaming API

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.3.0/jackson-databind-2.3.0.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • keen-client-api-java-2.0.2.jar
    • ❌ jackson-databind-2.3.0.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.

Publish Date: 2019-09-15

URL: CVE-2019-14540

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14540

Release Date: 2019-09-15

Fix Resolution: com.fasterxml.jackson.core:jackson-databind:2.8.11.5,2.9.10,2.10.0.pr3,2.11.0.rc1

Vulnerable Libraries - bcprov-jdk15-1.44.jar, bcprov-jdk14-138.jar, bcprov-jdk15-1.45.jar

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC mode vulnerable to padding oracle attack. For BC 1.55 and older, in an environment where timings can be easily observed, it is possible with enough observations to identify when the decryption is failing due to padding.

Publish Date: 2018-06-04

URL: CVE-2016-1000345

CVSS 3 Score Details (5.9)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000345

Release Date: 2018-06-04

Fix Resolution: org.bouncycastle:bcprov-debug-jdk15on:1.56,org.bouncycastle:bcprov-debug-jdk14:1.56,org.bouncycastle:bcprov-ext-jdk14:1.56,org.bouncycastle:bcprov-ext-jdk15on:1.56,org.bouncycastle:bcprov-jdk14:1.56,org.bouncycastle:bcprov-jdk15on:1.56,org.bouncycastle:bcprov-ext-debug-jdk15on:1.56

Vulnerable Library - jackson-databind-2.3.0.jar

General data-binding functionality for Jackson: works on core streaming API

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.3.0/jackson-databind-2.3.0.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • keen-client-api-java-2.0.2.jar
    • ❌ jackson-databind-2.3.0.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Oracle JDBC jar in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload.

Publish Date: 2019-03-21

URL: CVE-2018-12023

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12022

Release Date: 2019-03-21

Fix Resolution: 2.7.9.4, 2.8.11.2, 2.9.6

Vulnerable Library - jackson-core-2.3.0.jar

Core Jackson abstractions, basic JSON streaming API implementation

Path to dependency file: ready-msazure-plugin/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-core/2.3.0/jackson-core-2.3.0.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • keen-client-api-java-2.0.2.jar
    • jackson-databind-2.3.0.jar
      • ❌ jackson-core-2.3.0.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

In Jackson Core before version 2.8.6 if the REST endpoint consumes POST requests with JSON or XML data and data are invalid, the first unrecognized token is printed to server.log. If the first token is word of length 10MB, the whole word is printed. This is potentially dangerous and can be used to attack the server by filling the disk with logs.

Publish Date: 2018-06-24

URL: WS-2018-0124

CVSS 2 Score Details (5.5)

Base Score Metrics not available

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=WS-2018-0124

Release Date: 2018-01-24

Fix Resolution: 2.8.6

Vulnerable Library - jackson-databind-2.3.0.jar

General data-binding functionality for Jackson: works on core streaming API

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.3.0/jackson-databind-2.3.0.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • keen-client-api-java-2.0.2.jar
    • ❌ jackson-databind-2.3.0.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.

Publish Date: 2019-01-02

URL: CVE-2018-14718

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2018-14718

Release Date: 2019-01-02

Fix Resolution: 2.9.7

Vulnerable Library - jackson-databind-2.3.0.jar

General data-binding functionality for Jackson: works on core streaming API

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.3.0/jackson-databind-2.3.0.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • keen-client-api-java-2.0.2.jar
    • ❌ jackson-databind-2.3.0.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).

Publish Date: 2020-03-18

URL: CVE-2020-10673

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Release Date: 2020-03-18

Fix Resolution: com.fasterxml.jackson.core:jackson-databind:2.9.10.4

Vulnerable Library - poi-3.10-FINAL.jar

Apache POI - Java API To Access Microsoft Format Files

Library home page: http://poi.apache.org/

Path to dependency file: ready-msazure-plugin/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/poi/poi/3.10-FINAL/poi-3.10-FINAL.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • ❌ poi-3.10-FINAL.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

Apache POI before 3.16-beta1 is vulnerable to bufferoverflow attack due to lack of length sanity check for length of embedded OLE10Native.

Publish Date: 2016-10-14

URL: WS-2016-7061

CVSS 3 Score Details (4.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: None
  • Availability Impact: Low

Suggested Fix

Type: Upgrade version

Origin: apache/poi@7f9f8e9

Release Date: 2019-09-26

Fix Resolution: 3.16-beta1

Vulnerable Library - jackson-databind-2.3.0.jar

General data-binding functionality for Jackson: works on core streaming API

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.3.0/jackson-databind-2.3.0.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • keen-client-api-java-2.0.2.jar
    • ❌ jackson-databind-2.3.0.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.

Publish Date: 2019-10-07

URL: CVE-2019-17267

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Release Date: 2019-10-07

Fix Resolution: com.fasterxml.jackson.core:jackson-databind:2.8.11.5,2.9.10

Vulnerable Library - xmltooling-1.3.2-1.jar

XMLTooling-J is a low-level library that may be used to construct libraries that allow developers to work with XML in a Java beans manner.

Path to dependency file: ready-msazure-plugin/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/opensaml/xmltooling/1.3.2-1/xmltooling-1.3.2-1.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • ready-api-soapui-1.3.0.jar
    • wss4j-1.6.14.jar
      • opensaml-2.5.1-1.jar
        • openws-1.4.2-1.jar
          • ❌ xmltooling-1.3.2-1.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

The (1) BasicParserPool, (2) StaticBasicParserPool, (3) XML Decrypter, and (4) SAML Decrypter in Shibboleth OpenSAML-Java before 2.6.1 set the expandEntityReferences property to true, which allows remote attackers to conduct XML external entity (XXE) attacks via a crafted XML DOCTYPE declaration.

Publish Date: 2014-02-14

URL: CVE-2013-6440

CVSS 2 Score Details (5.0)

Base Score Metrics not available

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6440

Release Date: 2019-02-11

Fix Resolution: org.opensaml:xmltooling:1.4.1

Vulnerable Library - jackson-databind-2.3.0.jar

General data-binding functionality for Jackson: works on core streaming API

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.3.0/jackson-databind-2.3.0.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • keen-client-api-java-2.0.2.jar
    • ❌ jackson-databind-2.3.0.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.

Publish Date: 2020-12-03

URL: CVE-2020-25649

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: High
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Release Date: 2020-12-03

Fix Resolution: com.fasterxml.jackson.core:jackson-databind:2.6.7.4,2.9.10.7,2.10.5.1,2.11.0.rc1

Vulnerable Library - xstream-1.3.1.jar

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/thoughtworks/xstream/1.3.1/xstream-1.3.1.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • ready-api-soapui-1.3.0.jar
    • ❌ xstream-1.3.1.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream. Only users who rely on blocklists are affected. Anyone using XStream's Security Framework allowlist is not affected. The linked advisory provides code workarounds for users who cannot upgrade. The issue is fixed in version 1.4.14.

Publish Date: 2020-11-16

URL: CVE-2020-26217

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: GHSA-mw36-7c6c-q4q2

Release Date: 2020-11-16

Fix Resolution: com.thoughtworks.xstream:xstream:1.4.14

Vulnerable Library - jackson-databind-2.3.0.jar

General data-binding functionality for Jackson: works on core streaming API

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.3.0/jackson-databind-2.3.0.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • keen-client-api-java-2.0.2.jar
    • ❌ jackson-databind-2.3.0.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logback jar in the classpath.

Publish Date: 2019-07-30

URL: CVE-2019-14439

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14439

Release Date: 2019-07-30

Fix Resolution: 2.9.9.2

Vulnerable Library - jackson-databind-2.3.0.jar

General data-binding functionality for Jackson: works on core streaming API

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.3.0/jackson-databind-2.3.0.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • keen-client-api-java-2.0.2.jar
    • ❌ jackson-databind-2.3.0.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.

Publish Date: 2019-09-15

URL: CVE-2019-16335

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Release Date: 2019-09-15

Fix Resolution: 2.9.10

Vulnerable Library - guava-15.0.jar

Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more.

Guava has two code dependencies - javax.annotation
per the JSR-305 spec and javax.inject per the JSR-330 spec.</p>

Library home page: http://code.google.com/p/guava-libraries

Path to dependency file: ready-msazure-plugin/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/google/guava/guava/15.0/guava-15.0.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • ready-api-soapui-1.3.0.jar
    • ❌ guava-15.0.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable.

Publish Date: 2018-04-26

URL: CVE-2018-10237

CVSS 3 Score Details (5.9)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2018-10237

Release Date: 2018-04-26

Fix Resolution: 24.1.1-jre, 24.1.1-android

Vulnerable Library - jackson-databind-2.3.0.jar

General data-binding functionality for Jackson: works on core streaming API

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.3.0/jackson-databind-2.3.0.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • keen-client-api-java-2.0.2.jar
    • ❌ jackson-databind-2.3.0.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly).

Publish Date: 2020-04-07

URL: CVE-2020-11620

CVSS 3 Score Details (8.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11620

Release Date: 2020-04-07

Fix Resolution: com.fasterxml.jackson.core:jackson-databind:2.9.10.4

Vulnerable Libraries - blazeds-common-3.2.0.3978.jar, blazeds-core-3.2.0.3978.jar

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, LiveCycle Data Services 2.5.1, 2.6.1, and 3.0, Flex Data Services 2.0.1, and ColdFusion 7.0.2, 8.0, 8.0.1, and 9.0, allows remote attackers to obtain sensitive information via vectors that are associated with a request, and related to injected tags and external entity references in XML documents.

Publish Date: 2010-02-15

URL: CVE-2009-3960

CVSS 2 Score Details (4.3)

Base Score Metrics not available

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3960

Release Date: 2010-02-15

Fix Resolution: com.adobe.flex:flex-messaging-core:4.0.0,com.adobe.flex:flex-messaging-common:4.0.0

Vulnerable Library - jackson-databind-2.3.0.jar

General data-binding functionality for Jackson: works on core streaming API

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.3.0/jackson-databind-2.3.0.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • keen-client-api-java-2.0.2.jar
    • ❌ jackson-databind-2.3.0.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).

Publish Date: 2020-03-02

URL: CVE-2020-9548

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9548

Release Date: 2020-03-02

Fix Resolution: com.fasterxml.jackson.core:jackson-databind:2.7.9.7,2.8.11.6,2.9.10.4

Vulnerable Library - poi-ooxml-3.10-FINAL.jar

Apache POI - Java API To Access Microsoft Format Files

Library home page: http://poi.apache.org/

Path to dependency file: ready-msazure-plugin/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/poi/poi-ooxml/3.10-FINAL/poi-ooxml-3.10-FINAL.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • ❌ poi-ooxml-3.10-FINAL.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

Apache POI before 3.10.1 and 3.11.x before 3.11-beta2 allows remote attackers to cause a denial of service (CPU consumption and crash) via a crafted OOXML file, aka an XML Entity Expansion (XEE) attack.

Publish Date: 2014-09-04

URL: CVE-2014-3574

CVSS 2 Score Details (4.3)

Base Score Metrics not available

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3574

Release Date: 2014-09-04

Fix Resolution: 3.10.1,3.11-beta2

Vulnerable Library - poi-ooxml-3.10-FINAL.jar

Apache POI - Java API To Access Microsoft Format Files

Library home page: http://poi.apache.org/

Path to dependency file: ready-msazure-plugin/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/poi/poi-ooxml/3.10-FINAL/poi-ooxml-3.10-FINAL.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • ❌ poi-ooxml-3.10-FINAL.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an attacker to read files from the local filesystem or from internal network resources via XML External Entity (XXE) Processing.

Publish Date: 2019-10-23

URL: CVE-2019-12415

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12415

Release Date: 2019-10-23

Fix Resolution: 4.1.1

Vulnerable Library - jackson-databind-2.3.0.jar

General data-binding functionality for Jackson: works on core streaming API

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.3.0/jackson-databind-2.3.0.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • keen-client-api-java-2.0.2.jar
    • ❌ jackson-databind-2.3.0.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.

Publish Date: 2018-02-06

URL: CVE-2017-15095

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-15095

Release Date: 2018-02-06

Fix Resolution: 2.8.10,2.9.1

Vulnerable Library - httpclient-4.1.1.jar

HttpComponents Client (base module)

Path to dependency file: ready-msazure-plugin/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/httpcomponents/httpclient/4.1.1/httpclient-4.1.1.jar

Dependency Hierarchy:

• ready-api-soapui-pro-1.3.0.jar (Root Library)
  • ready-api-soapui-1.3.0.jar
    • ❌ httpclient-4.1.1.jar (Vulnerable Library)

Found in HEAD commit: 6da360f7efcb6c16cd8cd38894e0c0c71403d439

Found in base branch: master

Vulnerability Details

org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a "CN=" string in a field in the distinguished name (DN) of a certificate, as demonstrated by the "foo,CN=www.apache.org" string in the O field.

Publish Date: 2014-08-21

URL: CVE-2014-3577

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: N/A
  • Attack Complexity: N/A
  • Privileges Required: N/A
  • User Interaction: N/A
  • Scope: N/A
• Impact Metrics:
  • Confidentiality Impact: N/A
  • Integrity Impact: N/A
  • Availability Impact: N/A

Suggested Fix

Type: Upgrade version

Origin: https://github.com/apache/struts/tree/STRUTS_4_3_5/

Release Date: 2014-08-21

Fix Resolution: org.apache.httpcomponents:httpasyncclient:4.0.2, org.apache.httpcomponents:httpclient:4.3.5