ssobue / neo4j-domain-name-system Goto Github PK

Vulnerable Library - tomcat-embed-core-9.0.35.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: neo4j-domain-name-system/build.gradle

Path to vulnerable library: /root/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.35/8a99064fce4b152a7dc9bea1798ba828a2cecf0f/tomcat-embed-core-9.0.35.jar,/root/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.35/8a99064fce4b152a7dc9bea1798ba828a2cecf0f/tomcat-embed-core-9.0.35.jar

Dependency Hierarchy:

• spring-boot-starter-actuator-2.3.0.RELEASE.jar (Root Library)
  • spring-boot-dependencies-2.3.0.RELEASE
    • ❌ tomcat-embed-core-9.0.35.jar (Vulnerable Library)

Vulnerability Details

When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request.

Publish Date: 2021-03-01

URL: CVE-2021-25122

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7%40%3Cannounce.tomcat.apache.org%3E

Release Date: 2021-03-01

Fix Resolution: org.apache.tomcat.embed:tomcat-embed-core:8.5.62,9.0.42,10.0.2;org.apache.tomcat:tomcat-coyote:8.5.62,9.0.42,10.0.2

Vulnerable Library - spring-web-5.3.4.jar

Spring Web

Library home page: https://github.com/spring-projects/spring-framework

Path to dependency file: neo4j-domain-name-system/build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework/spring-web/5.3.4/d93829e24a50ed22e781f2302680a210cac5ee84/spring-web-5.3.4.jar

Dependency Hierarchy:

• spring-boot-starter-security-2.4.3.jar (Root Library)
  • spring-security-web-5.4.5.jar
    • ❌ spring-web-5.3.4.jar (Vulnerable Library)

Found in base branch: master

Vulnerability Details

In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFlux application, or overwrite arbitrary files with multipart request data.

Publish Date: 2021-05-27

URL: CVE-2021-22118

CVSS 3 Score Details (7.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://tanzu.vmware.com/security/cve-2021-22118

Release Date: 2021-05-27

Fix Resolution: org.springframework:spring-web:5.2.15,5.3.7

Vulnerable Library - tomcat-embed-core-9.0.35.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: neo4j-domain-name-system/build.gradle

Path to vulnerable library: /root/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.35/8a99064fce4b152a7dc9bea1798ba828a2cecf0f/tomcat-embed-core-9.0.35.jar,/root/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.35/8a99064fce4b152a7dc9bea1798ba828a2cecf0f/tomcat-embed-core-9.0.35.jar

Dependency Hierarchy:

• spring-boot-starter-actuator-2.3.0.RELEASE.jar (Root Library)
  • spring-boot-dependencies-2.3.0.RELEASE
    • ❌ tomcat-embed-core-9.0.35.jar (Vulnerable Library)

Vulnerability Details

A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server could become unresponsive.

Publish Date: 2020-06-26

URL: CVE-2020-11996

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://lists.apache.org/thread.html/r5541ef6b6b68b49f76fc4c45695940116da2bcbe0312ef204a00a2e0%40%3Cannounce.tomcat.apache.org%3E,http://tomcat.apache.org/security-10.html

Release Date: 2020-06-26

Fix Resolution: org.apache.tomcat:tomcat-coyote:10.0.0-M6,9.0.36,8.5.56,org.apache.tomcat.embed:org.apache.tomcat.embed:10.0.0-M6,9.0.36,8.5.56

Vulnerable Library - tomcat-embed-core-9.0.35.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: neo4j-domain-name-system/build.gradle

Path to vulnerable library: /root/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.35/8a99064fce4b152a7dc9bea1798ba828a2cecf0f/tomcat-embed-core-9.0.35.jar,/root/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.35/8a99064fce4b152a7dc9bea1798ba828a2cecf0f/tomcat-embed-core-9.0.35.jar

Dependency Hierarchy:

• spring-boot-starter-actuator-2.3.0.RELEASE.jar (Root Library)
  • spring-boot-dependencies-2.3.0.RELEASE
    • ❌ tomcat-embed-core-9.0.35.jar (Vulnerable Library)

Vulnerability Details

When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause was the unexpected behaviour of the JRE API File.getCanonicalPath() which in turn was caused by the inconsistent behaviour of the Windows API (FindFirstFileW) in some circumstances.

Publish Date: 2021-01-14

URL: CVE-2021-24122

CVSS 3 Score Details (5.9)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24122

Release Date: 2021-01-14

Fix Resolution: org.apache.tomcat.embed:tomcat-embed-core:7.0.107,8.5.60,9.0.40,10.0.0-M10;org.apache.tomcat:tomcat-catalina:7.0.107,8.5.60,9.0.40,10.0.0-M10

Vulnerable Library - spring-web-5.2.6.RELEASE.jar

Spring Web

Library home page: https://github.com/spring-projects/spring-framework

Path to dependency file: neo4j-domain-name-system/build.gradle

Path to vulnerable library: /root/.gradle/caches/modules-2/files-2.1/org.springframework/spring-web/5.2.6.RELEASE/8cc2dbd266eb8f02d2df0895c8e887269e8aed88/spring-web-5.2.6.RELEASE.jar,/root/.gradle/caches/modules-2/files-2.1/org.springframework/spring-web/5.2.6.RELEASE/8cc2dbd266eb8f02d2df0895c8e887269e8aed88/spring-web-5.2.6.RELEASE.jar

Dependency Hierarchy:

• spring-boot-starter-actuator-2.3.0.RELEASE.jar (Root Library)
  • spring-boot-dependencies-2.3.0.RELEASE
    • ❌ spring-web-5.2.6.RELEASE.jar (Vulnerable Library)

Found in HEAD commit: a89cbbb25ab2373e11128dd1d97d1abe56a30e4e

Vulnerability Details

Pivotal Spring Framework 4.1.4 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication may be required.

Publish Date: 2020-01-02

URL: CVE-2016-1000027

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: spring-projects/spring-framework#25379

Release Date: 2020-01-02

Fix Resolution: org.springframework:spring-web:5.3.0

Vulnerable Library - tomcat-embed-core-9.0.35.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: neo4j-domain-name-system/build.gradle

Path to vulnerable library: /root/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.35/8a99064fce4b152a7dc9bea1798ba828a2cecf0f/tomcat-embed-core-9.0.35.jar,/root/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.35/8a99064fce4b152a7dc9bea1798ba828a2cecf0f/tomcat-embed-core-9.0.35.jar

Dependency Hierarchy:

• spring-boot-starter-actuator-2.3.0.RELEASE.jar (Root Library)
  • spring-boot-dependencies-2.3.0.RELEASE
    • ❌ tomcat-embed-core-9.0.35.jar (Vulnerable Library)

Vulnerability Details

An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial of service.

Publish Date: 2020-07-14

URL: CVE-2020-13934

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://lists.apache.org/thread.html/r61f411cf82488d6ec213063fc15feeeb88e31b0ca9c29652ee4f962e%40%3Cannounce.tomcat.apache.org%3E

Release Date: 2020-07-14

Fix Resolution: org.apache.tomcat:tomcat-coyote:8.5.57,9.0.37,10.0.0-M7;org.apache.tomcat.embed:tomcat-embed-core:8.5.57,9.0.37,10.0.0-M7

Vulnerable Library - tomcat-embed-core-9.0.35.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: neo4j-domain-name-system/build.gradle

Path to vulnerable library: /root/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.35/8a99064fce4b152a7dc9bea1798ba828a2cecf0f/tomcat-embed-core-9.0.35.jar,/root/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.35/8a99064fce4b152a7dc9bea1798ba828a2cecf0f/tomcat-embed-core-9.0.35.jar

Dependency Hierarchy:

• spring-boot-starter-actuator-2.3.0.RELEASE.jar (Root Library)
  • spring-boot-dependencies-2.3.0.RELEASE
    • ❌ tomcat-embed-core-9.0.35.jar (Vulnerable Library)

Vulnerability Details

The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the previously published prerequisites for CVE-2020-9484 and the previously published mitigations for CVE-2020-9484 also apply to this issue.

Publish Date: 2021-03-01

URL: CVE-2021-25329

CVSS 3 Score Details (7.0)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: High
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf%40%3Cannounce.tomcat.apache.org%3E

Release Date: 2021-03-01

Fix Resolution: org.apache.tomcat:tomcat:7.0.108, org.apache.tomcat:tomcat:8.5.63, org.apache.tomcat:tomcat:9.0.43,org.apache.tomcat:tomcat:10.0.2

Vulnerable Library - spring-data-rest-webmvc-3.4.5.jar

Spring Data REST - WebMVC

Library home page: https://www.spring.io/spring-data

Path to dependency file: neo4j-domain-name-system/build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework.data/spring-data-rest-webmvc/3.4.5/4bc2adde675a23492fcba83fdadba1465fc124ad/spring-data-rest-webmvc-3.4.5.jar

Dependency Hierarchy:

• spring-boot-starter-data-rest-2.4.3.jar (Root Library)
  • ❌ spring-data-rest-webmvc-3.4.5.jar (Vulnerable Library)

Found in base branch: master

Vulnerability Details

In Spring Data REST versions 3.4.0 - 3.4.13, 3.5.0 - 3.5.5, and older unsupported versions, HTTP resources implemented by custom controllers using a configured base API path and a controller type-level request mapping are additionally exposed under URIs that can potentially be exposed for unauthorized access depending on the Spring Security configuration.

Publish Date: 2021-10-28

URL: CVE-2021-22047

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: N/A
  • Attack Complexity: N/A
  • Privileges Required: N/A
  • User Interaction: N/A
  • Scope: N/A
• Impact Metrics:
  • Confidentiality Impact: N/A
  • Integrity Impact: N/A
  • Availability Impact: N/A

Suggested Fix

Type: Upgrade version

Origin: https://tanzu.vmware.com/security/cve-2021-22047

Release Date: 2021-10-28

Fix Resolution: org.springframework.data:spring-data-rest-webmvc:3.4.14,3.5.6

Vulnerable Library - spring-web-5.2.6.RELEASE.jar

Spring Web

Library home page: https://github.com/spring-projects/spring-framework

Path to dependency file: neo4j-domain-name-system/build.gradle

Path to vulnerable library: /root/.gradle/caches/modules-2/files-2.1/org.springframework/spring-web/5.2.6.RELEASE/8cc2dbd266eb8f02d2df0895c8e887269e8aed88/spring-web-5.2.6.RELEASE.jar,/root/.gradle/caches/modules-2/files-2.1/org.springframework/spring-web/5.2.6.RELEASE/8cc2dbd266eb8f02d2df0895c8e887269e8aed88/spring-web-5.2.6.RELEASE.jar

Dependency Hierarchy:

• spring-boot-starter-actuator-2.3.0.RELEASE.jar (Root Library)
  • spring-boot-dependencies-2.3.0.RELEASE
    • ❌ spring-web-5.2.6.RELEASE.jar (Vulnerable Library)

Vulnerability Details

In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter.

Publish Date: 2020-09-19

URL: CVE-2020-5421

CVSS 3 Score Details (6.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: Low
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: High
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://tanzu.vmware.com/security/cve-2020-5421

Release Date: 2020-07-21

Fix Resolution: org.springframework:spring-web:5.2.9,org.springframework:spring-web:5.1.18,org.springframework:spring-web:5.0.19,org.springframework:spring-web:4.3.29

Vulnerable Library - jcommander-1.72.jar

Command line parsing

Library home page: http://jcommander.org

Path to dependency file: neo4j-domain-name-system/build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/com.beust/jcommander/1.72/6375e521c1e11d6563d4f25a07ce124ccf8cd171/jcommander-1.72.jar

Dependency Hierarchy:

• pmd-java-6.21.0.jar (Root Library)
  • pmd-core-6.21.0.jar
    • ❌ jcommander-1.72.jar (Vulnerable Library)

Found in HEAD commit: 5e7c5d1a78788cd7616e51c40d73e394f35c06a1

Found in base branch: master

Vulnerability Details

Inclusion of Functionality from Untrusted Control Sphere vulnerability found in jcommander before 1.75. jcommander resolving dependencies over HTTP instead of HTTPS.

Publish Date: 2019-02-19

URL: WS-2019-0490

CVSS 3 Score Details (8.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: cbeust/jcommander#465

Release Date: 2019-02-19

Fix Resolution: com.beust:jcommander:1.75