dima2022 / atom-hopper Goto Github PK

Vulnerable Library - hibernate-core-4.1.3.Final.jar

A module of the Hibernate Core project

Library home page: http://hibernate.org

Path to dependency file: /atomhopper/pom.xml

Path to vulnerable library: /atomhopper/target/atomhopper-1.2.35-SNAPSHOT/WEB-INF/lib/hibernate-core-4.1.3.Final.jar,/home/wss-scanner/.m2/repository/org/hibernate/hibernate-core/4.1.3.Final/hibernate-core-4.1.3.Final.jar,/home/wss-scanner/.m2/repository/org/hibernate/hibernate-core/4.1.3.Final/hibernate-core-4.1.3.Final.jar,/home/wss-scanner/.m2/repository/org/hibernate/hibernate-core/4.1.3.Final/hibernate-core-4.1.3.Final.jar,/epository/org/hibernate/hibernate-core/4.1.3.Final/hibernate-core-4.1.3.Final.jar,/home/wss-scanner/.m2/repository/org/hibernate/hibernate-core/4.1.3.Final/hibernate-core-4.1.3.Final.jar,/home/wss-scanner/.m2/repository/org/hibernate/hibernate-core/4.1.3.Final/hibernate-core-4.1.3.Final.jar,/home/wss-scanner/.m2/repository/org/hibernate/hibernate-core/4.1.3.Final/hibernate-core-4.1.3.Final.jar,/home/wss-scanner/.m2/repository/org/hibernate/hibernate-core/4.1.3.Final/hibernate-core-4.1.3.Final.jar,/epository/org/hibernate/hibernate-core/4.1.3.Final/hibernate-core-4.1.3.Final.jar

Dependency Hierarchy:

• ❌ hibernate-core-4.1.3.Final.jar (Vulnerable Library)

Found in HEAD commit: 2f0948603cbd52986b3eb3fbe66e1662d4716d78

Found in base branch: master

Vulnerability Details

A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.

Publish Date: 2020-12-02

URL: CVE-2020-25638

CVSS 3 Score Details (7.4)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://in.relation.to/2020/11/19/hibernate-orm-5424-final-release/

Release Date: 2020-12-02

Fix Resolution: org.hibernate:hibernate-core:5.3.20.Final,5.4.24.Final

Vulnerable Library - spring-web-4.3.22.RELEASE.jar

Spring Web

Library home page: https://github.com/spring-projects/spring-framework

Path to dependency file: /adapters/mongodb/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/4.3.22.RELEASE/spring-web-4.3.22.RELEASE.jar,/home/wss-scanner/.m2/repository/org/springframework/spring-web/4.3.22.RELEASE/spring-web-4.3.22.RELEASE.jar,/epository/org/springframework/spring-web/4.3.22.RELEASE/spring-web-4.3.22.RELEASE.jar,/home/wss-scanner/.m2/repository/org/springframework/spring-web/4.3.22.RELEASE/spring-web-4.3.22.RELEASE.jar,/home/wss-scanner/.m2/repository/org/springframework/spring-web/4.3.22.RELEASE/spring-web-4.3.22.RELEASE.jar,/home/wss-scanner/.m2/repository/org/springframework/spring-web/4.3.22.RELEASE/spring-web-4.3.22.RELEASE.jar,/epository/org/springframework/spring-web/4.3.22.RELEASE/spring-web-4.3.22.RELEASE.jar,/epository/org/springframework/spring-web/4.3.22.RELEASE/spring-web-4.3.22.RELEASE.jar,/home/wss-scanner/.m2/repository/org/springframework/spring-web/4.3.22.RELEASE/spring-web-4.3.22.RELEASE.jar,/atomhopper/target/atomhopper-1.2.35-SNAPSHOT/WEB-INF/lib/spring-web-4.3.22.RELEASE.jar

Dependency Hierarchy:

• ❌ spring-web-4.3.22.RELEASE.jar (Vulnerable Library)

Found in HEAD commit: 2f0948603cbd52986b3eb3fbe66e1662d4716d78

Found in base branch: master

Vulnerability Details

Pivotal Spring Framework 4.1.4 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication may be required.

Publish Date: 2020-01-02

URL: CVE-2016-1000027

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: spring-projects/spring-framework#25379

Release Date: 2020-01-02

Fix Resolution: org.springframework:spring-web:5.3.0

Vulnerable Library - gson-2.1.jar

Google Gson library

Library home page: http://code.google.com/p/google-gson/

Path to dependency file: /adapters/jdbc/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/google/code/gson/gson/2.1/gson-2.1.jar,/epository/com/google/code/gson/gson/2.1/gson-2.1.jar,/home/wss-scanner/.m2/repository/com/google/code/gson/gson/2.1/gson-2.1.jar,/home/wss-scanner/.m2/repository/com/google/code/gson/gson/2.1/gson-2.1.jar,/home/wss-scanner/.m2/repository/com/google/code/gson/gson/2.1/gson-2.1.jar,/atomhopper/target/atomhopper-1.2.35-SNAPSHOT/WEB-INF/lib/gson-2.1.jar,/home/wss-scanner/.m2/repository/com/google/code/gson/gson/2.1/gson-2.1.jar,/home/wss-scanner/.m2/repository/com/google/code/gson/gson/2.1/gson-2.1.jar,/home/wss-scanner/.m2/repository/com/google/code/gson/gson/2.1/gson-2.1.jar,/home/wss-scanner/.m2/repository/com/google/code/gson/gson/2.1/gson-2.1.jar

Dependency Hierarchy:

• ❌ gson-2.1.jar (Vulnerable Library)

Found in base branch: master

Vulnerability Details

Denial of Service vulnerability was discovered in gson before 2.8.9 via the writeReplace() method.

Publish Date: 2021-10-11

URL: WS-2021-0419

CVSS 3 Score Details (7.7)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://github.com/google/gson/releases/tag/gson-parent-2.8.9

Release Date: 2021-10-11

Fix Resolution: com.google.code.gson:gson:2.8.9

Vulnerable Library - jetty-server-9.4.17.v20190418.jar

The core jetty server artifact.

Library home page: http://www.eclipse.org/jetty

Path to dependency file: /server/pom.xml

Path to vulnerable library: /epository/org/eclipse/jetty/jetty-server/9.4.17.v20190418/jetty-server-9.4.17.v20190418.jar,/epository/org/eclipse/jetty/jetty-server/9.4.17.v20190418/jetty-server-9.4.17.v20190418.jar

Dependency Hierarchy:

• ❌ jetty-server-9.4.17.v20190418.jar (Vulnerable Library)

Found in HEAD commit: 2f0948603cbd52986b3eb3fbe66e1662d4716d78

Found in base branch: master

Vulnerability Details

In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. The attacker will not see any data but may inject data into the body of the subsequent request.

Publish Date: 2020-11-28

URL: CVE-2020-27218

CVSS 3 Score Details (4.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: Low
  • Availability Impact: Low

Suggested Fix

Type: Upgrade version

Origin: GHSA-86wm-rrjm-8wh8

Release Date: 2020-11-28

Fix Resolution: org.eclipse.jetty:jetty-server:9.4.35.v20201120, 10.0.0.beta3, 11.0.0.beta3

Vulnerable Library - jetty-io-9.4.17.v20190418.jar

The Eclipse Jetty Project

Library home page: http://www.eclipse.org/jetty

Path to dependency file: /server/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/eclipse/jetty/jetty-io/9.4.17.v20190418/jetty-io-9.4.17.v20190418.jar,/home/wss-scanner/.m2/repository/org/eclipse/jetty/jetty-io/9.4.17.v20190418/jetty-io-9.4.17.v20190418.jar

Dependency Hierarchy:

• jetty-server-9.4.17.v20190418.jar (Root Library)
  • ❌ jetty-io-9.4.17.v20190418.jar (Vulnerable Library)

Found in HEAD commit: 2f0948603cbd52986b3eb3fbe66e1662d4716d78

Found in base branch: master

Vulnerability Details

In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.

Publish Date: 2021-04-01

URL: CVE-2021-28165

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: GHSA-26vr-8j45-3r4w

Release Date: 2021-04-01

Fix Resolution: org.eclipse.jetty:jetty-io:9.4.39, org.eclipse.jetty:jetty-io:10.0.2, org.eclipse.jetty:jetty-io:11.0.2

Vulnerable Library - hibernate-core-4.1.3.Final.jar

A module of the Hibernate Core project

Library home page: http://hibernate.org

Path to dependency file: /atomhopper/pom.xml

Path to vulnerable library: /atomhopper/target/atomhopper-1.2.35-SNAPSHOT/WEB-INF/lib/hibernate-core-4.1.3.Final.jar,/home/wss-scanner/.m2/repository/org/hibernate/hibernate-core/4.1.3.Final/hibernate-core-4.1.3.Final.jar,/home/wss-scanner/.m2/repository/org/hibernate/hibernate-core/4.1.3.Final/hibernate-core-4.1.3.Final.jar,/home/wss-scanner/.m2/repository/org/hibernate/hibernate-core/4.1.3.Final/hibernate-core-4.1.3.Final.jar,/epository/org/hibernate/hibernate-core/4.1.3.Final/hibernate-core-4.1.3.Final.jar,/home/wss-scanner/.m2/repository/org/hibernate/hibernate-core/4.1.3.Final/hibernate-core-4.1.3.Final.jar,/home/wss-scanner/.m2/repository/org/hibernate/hibernate-core/4.1.3.Final/hibernate-core-4.1.3.Final.jar,/home/wss-scanner/.m2/repository/org/hibernate/hibernate-core/4.1.3.Final/hibernate-core-4.1.3.Final.jar,/home/wss-scanner/.m2/repository/org/hibernate/hibernate-core/4.1.3.Final/hibernate-core-4.1.3.Final.jar,/epository/org/hibernate/hibernate-core/4.1.3.Final/hibernate-core-4.1.3.Final.jar

Dependency Hierarchy:

• ❌ hibernate-core-4.1.3.Final.jar (Vulnerable Library)

Found in HEAD commit: 2f0948603cbd52986b3eb3fbe66e1662d4716d78

Found in base branch: master

Vulnerability Details

A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.

Publish Date: 2020-07-06

URL: CVE-2019-14900

CVSS 3 Score Details (6.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14900

Release Date: 2020-07-06

Fix Resolution: org.hibernate:hibernate-core:5.4.18.Final

Vulnerable Library - mysql-connector-java-8.0.16.jar

JDBC Type 4 driver for MySQL

Library home page: http://dev.mysql.com/doc/connector-j/en/

Path to dependency file: /server/pom.xml

Path to vulnerable library: /epository/mysql/mysql-connector-java/8.0.16/mysql-connector-java-8.0.16.jar,/epository/mysql/mysql-connector-java/8.0.16/mysql-connector-java-8.0.16.jar,/atomhopper/target/atomhopper-1.2.35-SNAPSHOT/WEB-INF/lib/mysql-connector-java-8.0.16.jar

Dependency Hierarchy:

• ❌ mysql-connector-java-8.0.16.jar (Vulnerable Library)

Found in HEAD commit: 2f0948603cbd52986b3eb3fbe66e1662d4716d78

Found in base branch: master

Vulnerability Details

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.19 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors. CVSS 3.0 Base Score 5.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L).

Publish Date: 2020-04-15

URL: CVE-2020-2934

CVSS 3 Score Details (5.0)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: Low

Suggested Fix

Type: Upgrade version

Origin: https://www.oracle.com/security-alerts/cpuapr2020.html

Release Date: 2020-04-15

Fix Resolution: mysql:mysql-connector-java:5.1.49,8.0.20

Vulnerable Library - dom4j-1.6.1.jar

dom4j: the flexible XML framework for Java

Library home page: http://dom4j.org

Path to dependency file: /server/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/dom4j/dom4j/1.6.1/dom4j-1.6.1.jar,/home/wss-scanner/.m2/repository/dom4j/dom4j/1.6.1/dom4j-1.6.1.jar,/home/wss-scanner/.m2/repository/dom4j/dom4j/1.6.1/dom4j-1.6.1.jar,/home/wss-scanner/.m2/repository/dom4j/dom4j/1.6.1/dom4j-1.6.1.jar,/home/wss-scanner/.m2/repository/dom4j/dom4j/1.6.1/dom4j-1.6.1.jar,/home/wss-scanner/.m2/repository/dom4j/dom4j/1.6.1/dom4j-1.6.1.jar,/atomhopper/target/atomhopper-1.2.35-SNAPSHOT/WEB-INF/lib/dom4j-1.6.1.jar,/home/wss-scanner/.m2/repository/dom4j/dom4j/1.6.1/dom4j-1.6.1.jar,/home/wss-scanner/.m2/repository/dom4j/dom4j/1.6.1/dom4j-1.6.1.jar,/home/wss-scanner/.m2/repository/dom4j/dom4j/1.6.1/dom4j-1.6.1.jar

Dependency Hierarchy:

• ❌ dom4j-1.6.1.jar (Vulnerable Library)

Found in HEAD commit: 2f0948603cbd52986b3eb3fbe66e1662d4716d78

Found in base branch: master

Vulnerability Details

dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document. This vulnerability appears to have been fixed in 2.1.1 or later.

Publish Date: 2018-08-20

URL: CVE-2018-1000632

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: High
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000632

Release Date: 2018-08-20

Fix Resolution: org.dom4j:dom4j:2.0.3

Vulnerable Library - h2-1.3.167.jar

H2 Database Engine

Library home page: http://www.h2database.com

Path to dependency file: /adapters/jdbc/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/h2database/h2/1.3.167/h2-1.3.167.jar,/home/wss-scanner/.m2/repository/com/h2database/h2/1.3.167/h2-1.3.167.jar,/home/wss-scanner/.m2/repository/com/h2database/h2/1.3.167/h2-1.3.167.jar,/home/wss-scanner/.m2/repository/com/h2database/h2/1.3.167/h2-1.3.167.jar,/home/wss-scanner/.m2/repository/com/h2database/h2/1.3.167/h2-1.3.167.jar,/atomhopper/target/atomhopper-1.2.35-SNAPSHOT/WEB-INF/lib/h2-1.3.167.jar,/epository/com/h2database/h2/1.3.167/h2-1.3.167.jar,/home/wss-scanner/.m2/repository/com/h2database/h2/1.3.167/h2-1.3.167.jar,/home/wss-scanner/.m2/repository/com/h2database/h2/1.3.167/h2-1.3.167.jar,/epository/com/h2database/h2/1.3.167/h2-1.3.167.jar

Dependency Hierarchy:

• ❌ h2-1.3.167.jar (Vulnerable Library)

Found in base branch: master

Vulnerability Details

The org.h2.util.JdbcUtils.getConnection method of the H2 database takes as parameters the class name of the driver and URL of the database. An attacker may pass a JNDI driver name and a URL leading to a LDAP or RMI servers, causing remote code execution. This can be exploited through various attack vectors, most notably through the H2 Console which leads to unauthenticated remote code execution.

Publish Date: 2022-01-10

URL: CVE-2021-42392

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: GHSA-h376-j262-vhq6

Release Date: 2022-01-10

Fix Resolution: com.h2database:h2:2.0.206

Vulnerable Library - unboundid-ldapsdk-2.3.1.jar

A fast, comprehensive, and easy-to-use Java API for communicating with LDAP directory servers and performing related tasks like reading and writing LDIF, encoding and decoding data using base64 and ASN.1 BER, and performing secure communication.

Library home page: http://www.unboundid.com/

Path to dependency file: /adapters/jdbc/pom.xml

Path to vulnerable library: /epository/com/unboundid/unboundid-ldapsdk/2.3.1/unboundid-ldapsdk-2.3.1.jar,/home/wss-scanner/.m2/repository/com/unboundid/unboundid-ldapsdk/2.3.1/unboundid-ldapsdk-2.3.1.jar,/atomhopper/target/atomhopper-1.2.35-SNAPSHOT/WEB-INF/lib/unboundid-ldapsdk-2.3.1.jar

Dependency Hierarchy:

• ❌ unboundid-ldapsdk-2.3.1.jar (Vulnerable Library)

Found in HEAD commit: 2f0948603cbd52986b3eb3fbe66e1662d4716d78

Found in base branch: master

Vulnerability Details

UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c7b94d7afb up to commit 8471904a02438c03965d21367890276bc25fa5a6, where the issue was reported and fixed contains an Incorrect Access Control vulnerability in process function in SimpleBindRequest class doesn't check for empty password when running in synchronous mode. commit with applied fix pingidentity/ldapsdk@8471904#diff-f6cb23b459be1ec17df1da33760087fd that can result in Ability to impersonate any valid user. This attack appear to be exploitable via Providing valid username and empty password against servers that do not do additional validation as per https://tools.ietf.org/html/rfc4513#section-5.1.1. This vulnerability appears to have been fixed in after commit 8471904a02438c03965d21367890276bc25fa5a6.

Publish Date: 2018-03-16

URL: CVE-2018-1000134

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000134

Release Date: 2018-03-16

Fix Resolution: 4.0.5

Vulnerable Library - spring-web-4.3.22.RELEASE.jar

Spring Web

Library home page: https://github.com/spring-projects/spring-framework

Path to dependency file: /adapters/mongodb/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/4.3.22.RELEASE/spring-web-4.3.22.RELEASE.jar,/home/wss-scanner/.m2/repository/org/springframework/spring-web/4.3.22.RELEASE/spring-web-4.3.22.RELEASE.jar,/epository/org/springframework/spring-web/4.3.22.RELEASE/spring-web-4.3.22.RELEASE.jar,/home/wss-scanner/.m2/repository/org/springframework/spring-web/4.3.22.RELEASE/spring-web-4.3.22.RELEASE.jar,/home/wss-scanner/.m2/repository/org/springframework/spring-web/4.3.22.RELEASE/spring-web-4.3.22.RELEASE.jar,/home/wss-scanner/.m2/repository/org/springframework/spring-web/4.3.22.RELEASE/spring-web-4.3.22.RELEASE.jar,/epository/org/springframework/spring-web/4.3.22.RELEASE/spring-web-4.3.22.RELEASE.jar,/epository/org/springframework/spring-web/4.3.22.RELEASE/spring-web-4.3.22.RELEASE.jar,/home/wss-scanner/.m2/repository/org/springframework/spring-web/4.3.22.RELEASE/spring-web-4.3.22.RELEASE.jar,/atomhopper/target/atomhopper-1.2.35-SNAPSHOT/WEB-INF/lib/spring-web-4.3.22.RELEASE.jar

Dependency Hierarchy:

• ❌ spring-web-4.3.22.RELEASE.jar (Vulnerable Library)

Found in HEAD commit: 2f0948603cbd52986b3eb3fbe66e1662d4716d78

Found in base branch: master

Vulnerability Details

In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter.

Publish Date: 2020-09-19

URL: CVE-2020-5421

CVSS 3 Score Details (6.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: Low
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: High
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://tanzu.vmware.com/security/cve-2020-5421

Release Date: 2020-09-19

Fix Resolution: org.springframework:spring-web:4.3.29,5.0.19,5.1.18,5.2.9

Vulnerable Libraries - spring-web-4.3.22.RELEASE.jar, spring-core-4.3.22.RELEASE.jar

Found in base branch: master

Vulnerability Details

In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries.

Publish Date: 2021-10-28

URL: CVE-2021-22096

CVSS 3 Score Details (4.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://tanzu.vmware.com/security/cve-2021-22096

Release Date: 2021-10-28

Fix Resolution: org.springframework:spring-core:5.2.18.RELEASE,5.3.12;org.springframework:spring-web:5.2.18.RELEASE,5.3.12;org.springframework:spring-webmvc:5.2.18.RELEASE,5.3.12;org.springframework:spring-webflux:5.2.18.RELEASE,5.3.12

Vulnerable Library - h2-1.3.167.jar

H2 Database Engine

Library home page: http://www.h2database.com

Path to dependency file: /adapters/jdbc/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/h2database/h2/1.3.167/h2-1.3.167.jar,/home/wss-scanner/.m2/repository/com/h2database/h2/1.3.167/h2-1.3.167.jar,/home/wss-scanner/.m2/repository/com/h2database/h2/1.3.167/h2-1.3.167.jar,/home/wss-scanner/.m2/repository/com/h2database/h2/1.3.167/h2-1.3.167.jar,/home/wss-scanner/.m2/repository/com/h2database/h2/1.3.167/h2-1.3.167.jar,/atomhopper/target/atomhopper-1.2.35-SNAPSHOT/WEB-INF/lib/h2-1.3.167.jar,/epository/com/h2database/h2/1.3.167/h2-1.3.167.jar,/home/wss-scanner/.m2/repository/com/h2database/h2/1.3.167/h2-1.3.167.jar,/home/wss-scanner/.m2/repository/com/h2database/h2/1.3.167/h2-1.3.167.jar,/epository/com/h2database/h2/1.3.167/h2-1.3.167.jar

Dependency Hierarchy:

• ❌ h2-1.3.167.jar (Vulnerable Library)

Found in base branch: master

Vulnerability Details

The package com.h2database:h2 from 1.4.198 and before 2.0.202 are vulnerable to XML External Entity (XXE) Injection via the org.h2.jdbc.JdbcSQLXML class object, when it receives parsed string data from org.h2.jdbc.JdbcResultSet.getSQLXML() method. If it executes the getSource() method when the parameter is DOMSource.class it will trigger the vulnerability.

Publish Date: 2021-12-10

URL: CVE-2021-23463

CVSS 3 Score Details (9.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2021-23463

Release Date: 2021-12-10

Fix Resolution: com.h2database:h2:2.0.202

Vulnerable Libraries - jquery-1.4.2.min.js, jquery-1.4.3.min.js

Found in HEAD commit: 2f0948603cbd52986b3eb3fbe66e1662d4716d78

Found in base branch: master

Vulnerability Details

Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.

Publish Date: 2013-03-08

URL: CVE-2011-4969

CVSS 2 Score Details (4.3)

Base Score Metrics not available

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2011-4969

Release Date: 2013-03-08

Fix Resolution: 1.6.3

Vulnerable Library - jackson-mapper-asl-1.9.5.jar

Data Mapper package is a high-performance data binding package built on Jackson JSON processor

Path to dependency file: /atomhopper/pom.xml

Path to vulnerable library: /atomhopper/target/atomhopper-1.2.35-SNAPSHOT/WEB-INF/lib/jackson-mapper-asl-1.9.5.jar,/home/wss-scanner/.m2/repository/org/codehaus/jackson/jackson-mapper-asl/1.9.5/jackson-mapper-asl-1.9.5.jar

Dependency Hierarchy:

• ❌ jackson-mapper-asl-1.9.5.jar (Vulnerable Library)

Found in HEAD commit: 2f0948603cbd52986b3eb3fbe66e1662d4716d78

Found in base branch: master

Vulnerability Details

A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes.

Publish Date: 2019-11-18

URL: CVE-2019-10172

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: High
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10172

Release Date: 2019-11-18

Fix Resolution: com.fasterxml.jackson.core:jackson-databind:2.0.0-RC1

Vulnerable Library - jackson-mapper-asl-1.9.5.jar

Data Mapper package is a high-performance data binding package built on Jackson JSON processor

Path to dependency file: /atomhopper/pom.xml

Path to vulnerable library: /atomhopper/target/atomhopper-1.2.35-SNAPSHOT/WEB-INF/lib/jackson-mapper-asl-1.9.5.jar,/home/wss-scanner/.m2/repository/org/codehaus/jackson/jackson-mapper-asl/1.9.5/jackson-mapper-asl-1.9.5.jar

Dependency Hierarchy:

• ❌ jackson-mapper-asl-1.9.5.jar (Vulnerable Library)

Found in HEAD commit: 2f0948603cbd52986b3eb3fbe66e1662d4716d78

Found in base branch: master

Vulnerability Details

A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EAP 7. This CVE fixes CVE-2017-17485, CVE-2017-7525, CVE-2017-15095, CVE-2018-5968, CVE-2018-7489, CVE-2018-1000873, CVE-2019-12086 reported for FasterXML jackson-databind by implementing a whitelist approach that will mitigate these vulnerabilities and future ones alike.

Publish Date: 2019-10-01

URL: CVE-2019-10202

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://access.redhat.com/errata/RHSA-2019:2938

Release Date: 2019-10-01

Fix Resolution: JBoss Enterprise Application Platform - 7.2.4;com.fasterxml.jackson.core:jackson-databind:2.9.9

Vulnerable Library - c3p0-0.9.1.jar

c3p0 is an easy-to-use library for augmenting traditional (DriverManager-based) JDBC drivers with JNDI-bindable DataSources, including DataSources that implement Connection and Statement Pooling, as described by the jdbc3 spec and jdbc2 std extension.

Library home page: http://c3p0.sourceforge.net

Path to dependency file: /adapters/hibernate/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/c3p0/c3p0/0.9.1/c3p0-0.9.1.jar,/home/wss-scanner/.m2/repository/c3p0/c3p0/0.9.1/c3p0-0.9.1.jar,/home/wss-scanner/.m2/repository/c3p0/c3p0/0.9.1/c3p0-0.9.1.jar,/atomhopper/target/atomhopper-1.2.35-SNAPSHOT/WEB-INF/lib/c3p0-0.9.1.jar,/home/wss-scanner/.m2/repository/c3p0/c3p0/0.9.1/c3p0-0.9.1.jar

Dependency Hierarchy:

• ❌ c3p0-0.9.1.jar (Vulnerable Library)

Found in HEAD commit: 2f0948603cbd52986b3eb3fbe66e1662d4716d78

Found in base branch: master

Vulnerability Details

c3p0 0.9.5.2 allows XXE in extractXmlConfigFromInputStream in com/mchange/v2/c3p0/cfg/C3P0ConfigXmlUtils.java during initialization.

Publish Date: 2018-12-24

URL: CVE-2018-20433

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20433

Release Date: 2018-12-24

Fix Resolution: 0.9.5.3

Vulnerable Libraries - jetty-server-9.4.17.v20190418.jar, jetty-http-9.4.17.v20190418.jar

Found in HEAD commit: 2f0948603cbd52986b3eb3fbe66e1662d4716d78

Found in base branch: master

Vulnerability Details

For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory. For example a request to /concat?/%2557EB-INF/web.xml can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application.

Publish Date: 2021-06-09

URL: CVE-2021-28169

CVSS 3 Score Details (5.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: GHSA-gwcr-j4wh-j3cq

Release Date: 2021-06-09

Fix Resolution: org.eclipse.jetty:jetty-runner:9.4.41.v20210516, 10.0.3, 11.0.3, org.eclipse.jetty:jetty-http:9.4.41.v20210516, 10.0.3, 11.0.3,org.eclipse.jetty:jetty-servlets:9.4.41.v20210516, 10.0.3, 11.0.3, org.eclipse.jetty:jetty-server:9.4.41.v20210516, 10.0.3, 11.0.3

Vulnerable Library - logback-classic-1.2.0.jar

logback-classic module

Library home page: http://logback.qos.ch

Path to dependency file: /server/pom.xml

Path to vulnerable library: /epository/ch/qos/logback/logback-classic/1.2.0/logback-classic-1.2.0.jar,/epository/ch/qos/logback/logback-classic/1.2.0/logback-classic-1.2.0.jar,/home/wss-scanner/.m2/repository/ch/qos/logback/logback-classic/1.2.0/logback-classic-1.2.0.jar,/home/wss-scanner/.m2/repository/ch/qos/logback/logback-classic/1.2.0/logback-classic-1.2.0.jar,/home/wss-scanner/.m2/repository/ch/qos/logback/logback-classic/1.2.0/logback-classic-1.2.0.jar,/home/wss-scanner/.m2/repository/ch/qos/logback/logback-classic/1.2.0/logback-classic-1.2.0.jar,/home/wss-scanner/.m2/repository/ch/qos/logback/logback-classic/1.2.0/logback-classic-1.2.0.jar,/atomhopper/target/atomhopper-1.2.35-SNAPSHOT/WEB-INF/lib/logback-classic-1.2.0.jar,/epository/ch/qos/logback/logback-classic/1.2.0/logback-classic-1.2.0.jar,/home/wss-scanner/.m2/repository/ch/qos/logback/logback-classic/1.2.0/logback-classic-1.2.0.jar

Dependency Hierarchy:

• ❌ logback-classic-1.2.0.jar (Vulnerable Library)

Found in base branch: master

Vulnerability Details

In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.

Publish Date: 2021-12-16

URL: CVE-2021-42550

CVSS 3 Score Details (6.6)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: High
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: http://logback.qos.ch/news.html

Release Date: 2021-12-16

Fix Resolution: ch.qos.logback:logback-classic:1.2.8

Vulnerable Library - c3p0-0.9.1.jar

c3p0 is an easy-to-use library for augmenting traditional (DriverManager-based) JDBC drivers with JNDI-bindable DataSources, including DataSources that implement Connection and Statement Pooling, as described by the jdbc3 spec and jdbc2 std extension.

Library home page: http://c3p0.sourceforge.net

Path to dependency file: /adapters/hibernate/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/c3p0/c3p0/0.9.1/c3p0-0.9.1.jar,/home/wss-scanner/.m2/repository/c3p0/c3p0/0.9.1/c3p0-0.9.1.jar,/home/wss-scanner/.m2/repository/c3p0/c3p0/0.9.1/c3p0-0.9.1.jar,/atomhopper/target/atomhopper-1.2.35-SNAPSHOT/WEB-INF/lib/c3p0-0.9.1.jar,/home/wss-scanner/.m2/repository/c3p0/c3p0/0.9.1/c3p0-0.9.1.jar

Dependency Hierarchy:

• ❌ c3p0-0.9.1.jar (Vulnerable Library)

Found in HEAD commit: 2f0948603cbd52986b3eb3fbe66e1662d4716d78

Found in base branch: master

Vulnerability Details

c3p0 version < 0.9.5.4 may be exploited by a billion laughs attack when loading XML configuration due to missing protections against recursive entity expansion when loading configuration.

Publish Date: 2019-04-22

URL: CVE-2019-5427

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5427

Release Date: 2019-04-22

Fix Resolution: com.mchange:c3p0:0.9.5.4

Vulnerable Library - commons-httpclient-3.1.jar

The HttpClient component supports the client-side of RFC 1945 (HTTP/1.0) and RFC 2616 (HTTP/1.1) , several related specifications (RFC 2109 (Cookies) , RFC 2617 (HTTP Authentication) , etc.), and provides a framework by which new request types (methods) or HTTP extensions can be created easily.

Path to dependency file: /hopper/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-httpclient/commons-httpclient/3.1/commons-httpclient-3.1.jar,/home/wss-scanner/.m2/repository/commons-httpclient/commons-httpclient/3.1/commons-httpclient-3.1.jar,/home/wss-scanner/.m2/repository/commons-httpclient/commons-httpclient/3.1/commons-httpclient-3.1.jar,/home/wss-scanner/.m2/repository/commons-httpclient/commons-httpclient/3.1/commons-httpclient-3.1.jar,/home/wss-scanner/.m2/repository/commons-httpclient/commons-httpclient/3.1/commons-httpclient-3.1.jar,/home/wss-scanner/.m2/repository/commons-httpclient/commons-httpclient/3.1/commons-httpclient-3.1.jar,/home/wss-scanner/.m2/repository/commons-httpclient/commons-httpclient/3.1/commons-httpclient-3.1.jar,/home/wss-scanner/.m2/repository/commons-httpclient/commons-httpclient/3.1/commons-httpclient-3.1.jar

Dependency Hierarchy:

• abdera-extensions-json-1.1.2.jar (Root Library)
  • abdera-extensions-main-1.1.2.jar
    • abdera-client-1.1.2.jar
      • ❌ commons-httpclient-3.1.jar (Vulnerable Library)

Found in HEAD commit: 2f0948603cbd52986b3eb3fbe66e1662d4716d78

Found in base branch: master

Vulnerability Details

Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

Publish Date: 2012-11-04

URL: CVE-2012-5783

CVSS 3 Score Details (3.7)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2012-5783

Release Date: 2012-11-04

Fix Resolution: commons-httpclient:commons-httpclient - 3.1-jenkins-1,3.1-redhat-3,3.1-HTTPCLIENT-1265

Vulnerable Library - jetty-server-9.4.17.v20190418.jar

The core jetty server artifact.

Library home page: http://www.eclipse.org/jetty

Path to dependency file: /server/pom.xml

Path to vulnerable library: /epository/org/eclipse/jetty/jetty-server/9.4.17.v20190418/jetty-server-9.4.17.v20190418.jar,/epository/org/eclipse/jetty/jetty-server/9.4.17.v20190418/jetty-server-9.4.17.v20190418.jar

Dependency Hierarchy:

• ❌ jetty-server-9.4.17.v20190418.jar (Vulnerable Library)

Found in HEAD commit: 2f0948603cbd52986b3eb3fbe66e1662d4716d78

Found in base branch: master

Vulnerability Details

For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in.

Publish Date: 2021-06-22

URL: CVE-2021-34428

CVSS 3 Score Details (3.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Physical
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: GHSA-m6cp-vxjx-65j6

Release Date: 2021-06-22

Fix Resolution: org.eclipse.jetty:jetty-server:9.4.41.v20210516,10.0.3,11.0.3

Vulnerable Library - h2-1.3.167.jar

H2 Database Engine

Library home page: http://www.h2database.com

Path to dependency file: /adapters/jdbc/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/h2database/h2/1.3.167/h2-1.3.167.jar,/home/wss-scanner/.m2/repository/com/h2database/h2/1.3.167/h2-1.3.167.jar,/home/wss-scanner/.m2/repository/com/h2database/h2/1.3.167/h2-1.3.167.jar,/home/wss-scanner/.m2/repository/com/h2database/h2/1.3.167/h2-1.3.167.jar,/home/wss-scanner/.m2/repository/com/h2database/h2/1.3.167/h2-1.3.167.jar,/atomhopper/target/atomhopper-1.2.35-SNAPSHOT/WEB-INF/lib/h2-1.3.167.jar,/epository/com/h2database/h2/1.3.167/h2-1.3.167.jar,/home/wss-scanner/.m2/repository/com/h2database/h2/1.3.167/h2-1.3.167.jar,/home/wss-scanner/.m2/repository/com/h2database/h2/1.3.167/h2-1.3.167.jar,/epository/com/h2database/h2/1.3.167/h2-1.3.167.jar

Dependency Hierarchy:

• ❌ h2-1.3.167.jar (Vulnerable Library)

Found in base branch: master

Vulnerability Details

H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392.

Publish Date: 2022-01-19

URL: CVE-2022-23221

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://github.com/h2database/h2database/releases/tag/version-2.1.210

Release Date: 2022-01-19

Fix Resolution: com.h2database:h2:2.1.210

Vulnerable Libraries - jquery-1.4.3.min.js, jquery-1.4.2.min.js

Found in HEAD commit: 2f0948603cbd52986b3eb3fbe66e1662d4716d78

Found in base branch: master

Vulnerability Details

jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. The load method fails to recognize and remove "<script>" HTML tags that contain a whitespace character, i.e: "</script >", which results in the enclosed script logic to be executed.

Publish Date: 2020-05-19

URL: CVE-2020-7656

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: GHSA-q4m3-2j7h-f7xw

Release Date: 2020-05-28

Fix Resolution: jquery - 1.9.0

Vulnerable Library - xercesImpl-2.12.0.jar

Xerces2 is the next generation of high performance, fully compliant XML parsers in the Apache Xerces family. This new version of Xerces introduces the Xerces Native Interface (XNI), a complete framework for building parser components and configurations that is extremely modular and easy to program.

The Apache Xerces2 parser is the reference implementation of XNI but other parser components, configurations, and parsers can be written using the Xerces Native Interface. For complete design and implementation documents, refer to the XNI Manual.

Xerces2 is a fully conforming XML Schema 1.0 processor. A partial experimental implementation of the XML Schema 1.1 Structures and Datatypes Working Drafts (December 2009) and an experimental implementation of the XML Schema Definition Language (XSD): Component Designators (SCD) Candidate Recommendation (January 2010) are provided for evaluation. For more information, refer to the XML Schema page.

Xerces2 also provides a complete implementation of the Document Object Model Level 3 Core and Load/Save W3C Recommendations and provides a complete implementation of the XML Inclusions (XInclude) W3C Recommendation. It also provides support for OASIS XML Catalogs v1.1.

Xerces2 is able to parse documents written according to the XML 1.1 Recommendation, except that it does not yet provide an option to enable normalization checking as described in section 2.13 of this specification. It also handles namespaces according to the XML Namespaces 1.1 Recommendation, and will correctly serialize XML 1.1 documents if the DOM level 3 load/save APIs are in use.</p>

Library home page: https://xerces.apache.org/xerces2-j/

Path to dependency file: /adapters/hibernate/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/xerces/xercesImpl/2.12.0/xercesImpl-2.12.0.jar,/home/wss-scanner/.m2/repository/xerces/xercesImpl/2.12.0/xercesImpl-2.12.0.jar,/home/wss-scanner/.m2/repository/xerces/xercesImpl/2.12.0/xercesImpl-2.12.0.jar,/home/wss-scanner/.m2/repository/xerces/xercesImpl/2.12.0/xercesImpl-2.12.0.jar,/home/wss-scanner/.m2/repository/xerces/xercesImpl/2.12.0/xercesImpl-2.12.0.jar,/home/wss-scanner/.m2/repository/xerces/xercesImpl/2.12.0/xercesImpl-2.12.0.jar,/atomhopper/target/atomhopper-1.2.35-SNAPSHOT/WEB-INF/lib/xercesImpl-2.12.0.jar,/home/wss-scanner/.m2/repository/xerces/xercesImpl/2.12.0/xercesImpl-2.12.0.jar,/home/wss-scanner/.m2/repository/xerces/xercesImpl/2.12.0/xercesImpl-2.12.0.jar,/home/wss-scanner/.m2/repository/xerces/xercesImpl/2.12.0/xercesImpl-2.12.0.jar

Dependency Hierarchy:

• ❌ xercesImpl-2.12.0.jar (Vulnerable Library)

Found in base branch: master

Vulnerability Details

There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolonged duration. This vulnerability is present within XercesJ version 2.12.1 and the previous versions.

Publish Date: 2022-01-24

URL: CVE-2022-23437

CVSS 3 Score Details (6.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: GHSA-h65f-jvqw-m9fj

Release Date: 2022-01-24

Fix Resolution: xerces:xercesImpl:2.12.2

Vulnerable Libraries - jquery-1.4.2.min.js, jquery-1.4.3.min.js

Found in HEAD commit: 2f0948603cbd52986b3eb3fbe66e1662d4716d78

Found in base branch: master

Vulnerability Details

jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

Publish Date: 2018-01-18

URL: CVE-2015-9251

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2015-9251

Release Date: 2018-01-18

Fix Resolution: jQuery - v3.0.0

Vulnerable Libraries - jquery-1.4.2.min.js, jquery-1.4.3.min.js

Found in HEAD commit: 2f0948603cbd52986b3eb3fbe66e1662d4716d78

Found in base branch: master

Vulnerability Details

jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.

Publish Date: 2018-01-18

URL: CVE-2012-6708

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2012-6708

Release Date: 2018-01-18

Fix Resolution: jQuery - v1.9.0

Vulnerable Library - jetty-http-9.4.17.v20190418.jar

The Eclipse Jetty Project

Library home page: http://www.eclipse.org/jetty

Path to dependency file: /server/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/eclipse/jetty/jetty-http/9.4.17.v20190418/jetty-http-9.4.17.v20190418.jar,/home/wss-scanner/.m2/repository/org/eclipse/jetty/jetty-http/9.4.17.v20190418/jetty-http-9.4.17.v20190418.jar

Dependency Hierarchy:

• jetty-server-9.4.17.v20190418.jar (Root Library)
  • ❌ jetty-http-9.4.17.v20190418.jar (Vulnerable Library)

Found in HEAD commit: 2f0948603cbd52986b3eb3fbe66e1662d4716d78

Found in base branch: master

Vulnerability Details

In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values.

Publish Date: 2021-02-26

URL: CVE-2020-27223

CVSS 3 Score Details (5.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: Low

Suggested Fix

Type: Upgrade version

Origin: GHSA-m394-8rww-3jr7

Release Date: 2021-02-26

Fix Resolution: org.eclipse.jetty:jetty-http:9.4.37.v20210219, org.eclipse.jetty:jetty-http:10.0.1, org.eclipse.jetty:jetty-http:11.0.1

Vulnerable Library - protobuf-java-3.6.1.jar

Core Protocol Buffers library. Protocol Buffers are a way of encoding structured data in an efficient yet extensible format.

Library home page: https://developers.google.com/protocol-buffers/

Path to dependency file: /atomhopper/pom.xml

Path to vulnerable library: /atomhopper/target/atomhopper-1.2.35-SNAPSHOT/WEB-INF/lib/protobuf-java-3.6.1.jar,/home/wss-scanner/.m2/repository/com/google/protobuf/protobuf-java/3.6.1/protobuf-java-3.6.1.jar,/home/wss-scanner/.m2/repository/com/google/protobuf/protobuf-java/3.6.1/protobuf-java-3.6.1.jar

Dependency Hierarchy:

• ❌ protobuf-java-3.6.1.jar (Vulnerable Library)

Found in base branch: master

Vulnerability Details

An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated pauses. We recommend upgrading libraries beyond the vulnerable versions.

Publish Date: 2022-01-10

URL: CVE-2021-22569

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: GHSA-wrvw-hg22-4m67

Release Date: 2022-01-10

Fix Resolution: com.google.protobuf:protobuf-java:3.16.1,3.18.2,3.19.2; com.google.protobuf:protobuf-kotlin:3.18.2,3.19.2; google-protobuf - 3.19.2

Vulnerable Library - logback-classic-1.2.0.jar

logback-classic module

Library home page: http://logback.qos.ch

Path to dependency file: atom-hopper/server/pom.xml

Path to vulnerable library: epository/ch/qos/logback/logback-classic/1.2.0/logback-classic-1.2.0.jar,epository/ch/qos/logback/logback-classic/1.2.0/logback-classic-1.2.0.jar,/home/wss-scanner/.m2/repository/ch/qos/logback/logback-classic/1.2.0/logback-classic-1.2.0.jar,/home/wss-scanner/.m2/repository/ch/qos/logback/logback-classic/1.2.0/logback-classic-1.2.0.jar,/home/wss-scanner/.m2/repository/ch/qos/logback/logback-classic/1.2.0/logback-classic-1.2.0.jar,/home/wss-scanner/.m2/repository/ch/qos/logback/logback-classic/1.2.0/logback-classic-1.2.0.jar,/home/wss-scanner/.m2/repository/ch/qos/logback/logback-classic/1.2.0/logback-classic-1.2.0.jar,/atomhopper/target/atomhopper-1.2.35-SNAPSHOT/WEB-INF/lib/logback-classic-1.2.0.jar,epository/ch/qos/logback/logback-classic/1.2.0/logback-classic-1.2.0.jar,/home/wss-scanner/.m2/repository/ch/qos/logback/logback-classic/1.2.0/logback-classic-1.2.0.jar

Dependency Hierarchy:

• ❌ logback-classic-1.2.0.jar (Vulnerable Library)

Found in base branch: master

Vulnerability Details

LOGBack before 1.2.8 is vulnerable to Remote-Code-Execution (RCE) when the write access to 'logback.xml' and JNDI lookup are enabled.

Publish Date: 2021-12-13

URL: WS-2021-0491

CVSS 2 Score Details (0.0)

Base Score Metrics not available