james-bostock-cx / astlab2 Goto Github PK
View Code? Open in Web Editor NEWThis project forked from jbrotsos/astlab2
astlab2's People
Contributors
astlab2's Issues
ALB Not Dropping Invalid Headers @ /terraform_examples/negative1.tf
ALB Not Dropping Invalid Headers issue exists @ negative1.tf in branch main
It's considered a best practice when using Application Load Balancers to drop invalid header fields
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2461b328-89a6-40d3-8294-5b5c2119c54b
Branch: main
Application: astlab2
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
EC2 Instance Has Public IP @ /terraform_examples/negative2.tf
EC2 Instance Has Public IP issue exists @ negative2.tf in branch main
EC2 Instance should not have a public IP address.
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2461b328-89a6-40d3-8294-5b5c2119c54b
Branch: main
Application: astlab2
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
ALB Listening on HTTP @ /terraform_examples/positive2.tf
ALB Listening on HTTP issue exists @ positive2.tf in branch main
AWS Application Load Balancer (alb) should not listen on HTTP
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2461b328-89a6-40d3-8294-5b5c2119c54b
Branch: main
Application: astlab2
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
CVE-2022-22950 @ Maven-org.springframework:spring-core-3.2.4.RELEASE
Vulnerable Package issue exists @ Maven-org.springframework:spring-core-3.2.4.RELEASE in branch main
In Spring Framework versions 5.3.0 through 5.3.16, and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial of service condition.
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2ada010b-ce16-4ef9-b4ff-c3caea471eb3
Branch: main
Application: astlab2
Severity: MEDIUM
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-770
Addition Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: HIGH
Remediation Upgrade Recommendation: 5.2.20.RELEASE
References
Advisory
Advisory
Blog Post
Release Note
Issue
Commit
SQL_Injection @ Login.java
SQL_Injection issue exists @ Login.java in branch main
The application's main method executes an SQL query with executeQuery, at line 33 of /src/Login.java. The application constructs this SQL query by embedding an untrusted string into the query without proper sanitization. The concatenated string is submitted to the database, where it is parsed and executed accordingly.
An attacker would be able to inject arbitrary syntax and data into the SQL query, by crafting a malicious payload and providing it via the input ""email""; this input is then read by the main method at line 22 of /src/Login.java. This input then flows through the code, into a query and to the database server - without sanitization.
This may enable an SQL Injection attack.
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2461b328-89a6-40d3-8294-5b5c2119c54b
Branch: main
Application: astlab2
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
CWE: 89
Lines: 22 23
References
Read more
EC2 Instance Has Public IP @ /terraform_examples/positive2.tf
EC2 Instance Has Public IP issue exists @ positive2.tf in branch main
EC2 Instance should not have a public IP address.
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2461b328-89a6-40d3-8294-5b5c2119c54b
Branch: main
Application: astlab2
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
ALB Not Dropping Invalid Headers @ /terraform_examples/negative2.tf
ALB Not Dropping Invalid Headers issue exists @ negative2.tf in branch main
It's considered a best practice when using Application Load Balancers to drop invalid header fields
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2461b328-89a6-40d3-8294-5b5c2119c54b
Branch: main
Application: astlab2
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
Reflected_XSS_All_Clients @ xss.java
Reflected_XSS_All_Clients issue exists @ xss.java in branch main
The application's printSanitizedName embeds untrusted data in the generated output with println, at line 16 of /src/xss.java. This untrusted data is embedded straight into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the output.
The attacker would be able to alter the returned web page by simply providing modified data in the user input ""Info"", which is read by the loadInfo method at line 84 of /src/xss.java. This input then flows through the code straight to the output web page, without sanitization.
This can enable a Reflected Cross-Site Scripting (XSS) attack.
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2ada010b-ce16-4ef9-b4ff-c3caea471eb3
Branch: main
Application: astlab2
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
CWE: 79
Lines: 21 27 35 49 56 63 70 77 84
References
Read more
CVE-2020-15250 @ Maven-junit:junit-4.8.1
Vulnerable Package issue exists @ Maven-junit:junit-4.8.1 in branch main
In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability does not allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. This vulnerability impacts you if the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder, and the JUnit tests execute in an environment where the OS has other untrusted users. Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. For Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. For Java 1.6 and lower users: no patch is available, you must use the workaround below. If you are unable to patch, or are stuck running on Java 1.6, specifying the java.io.tmpdir system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. For more information, including an example of vulnerable code, see the referenced GitHub Security Advisory.
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2ada010b-ce16-4ef9-b4ff-c3caea471eb3
Branch: main
Application: astlab2
Severity: MEDIUM
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-732
Addition Info
Attack vector: LOCAL
Attack complexity: LOW
Confidentiality impact: HIGH
Availability impact: NONE
Remediation Upgrade Recommendation: 4.13.1
References
Advisory
Release Note
Issue
Commit
Reflected_XSS_All_Clients @ b.java
Reflected_XSS_All_Clients issue exists @ b.java in branch main
The application's printSanitizedName embeds untrusted data in the generated output with println, at line 16 of /test/b.java. This untrusted data is embedded straight into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the output.
The attacker would be able to alter the returned web page by simply providing modified data in the user input ""Data"", which is read by the testData method at line 21 of /test/b.java. This input then flows through the code straight to the output web page, without sanitization.
This can enable a Reflected Cross-Site Scripting (XSS) attack.
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: cf98a777-cce4-4891-b6d0-0f15f8426da5
Branch: main
Application: astlab2
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
CWE: 79
Lines: 21
References
Read more
CVE-2019-11272 @ Maven-org.springframework.security:spring-security-core-3.2.4.RELEASE
Vulnerable Package issue exists @ Maven-org.springframework.security:spring-security-core-3.2.4.RELEASE in branch main
Spring Security, versions through 4.2.12 support plain text passwords using PlaintextPasswordEncoder. If an application using an affected version of Spring Security is leveraging PlaintextPasswordEncoder and a user has a null encoded password, a malicious user (or attacker) can authenticate using a password of "null".
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2ada010b-ce16-4ef9-b4ff-c3caea471eb3
Branch: main
Application: astlab2
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-255
Addition Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: LOW
Availability impact: LOW
Remediation Upgrade Recommendation: 4.2.16.RELEASE
CVE-2014-0114 @ Maven-commons-beanutils:commons-beanutils-1.8.0
Vulnerable Package issue exists @ Maven-commons-beanutils:commons-beanutils-1.8.0 in branch main
Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.3, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2ada010b-ce16-4ef9-b4ff-c3caea471eb3
Branch: main
Application: astlab2
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-20
Addition Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: PARTIAL
Availability impact: PARTIAL
Remediation Upgrade Recommendation: 1.9.4
References
Issue
Pull request
Commit
POC/Exploit
Issue
Issue
CVE-2022-22950 @ Maven-org.springframework:spring-expression-3.2.8.RELEASE
Vulnerable Package issue exists @ Maven-org.springframework:spring-expression-3.2.8.RELEASE in branch main
In Spring Framework versions 5.3.0 through 5.3.16, and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial of service condition.
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2ada010b-ce16-4ef9-b4ff-c3caea471eb3
Branch: main
Application: astlab2
Severity: MEDIUM
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-770
Addition Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: HIGH
Remediation Upgrade Recommendation: 5.2.20.RELEASE
References
Advisory
Advisory
Blog Post
Release Note
Issue
Commit
VPC FlowLogs Disabled @ /terraform_examples/positive2.tf
VPC FlowLogs Disabled issue exists @ positive2.tf in branch main
VPC hasn't got any FlowLog associated
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2ada010b-ce16-4ef9-b4ff-c3caea471eb3
Branch: main
Application: astlab2
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
CVE-2019-17571 @ Maven-log4j:log4j-1.2.17
Vulnerable Package issue exists @ Maven-log4j:log4j-1.2.17 in branch main
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j 1.2 up to 1.2.17.
NOTE: log4j:log4j 1.2 is end-of-life since 2015 and will not be fixed.
MITIGATION: Migrate to org.apache.logging.log4j:log4j-core 2.8.2 or above.
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 5b651f14-f990-4178-8575-f8ffa64eaeb9
Branch: main
Application: astlab2
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-502
Addition Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: HIGH
Availability impact: HIGH
References
Mail Thread
Release Note
Issue
Commit
Advisory
CVE-2014-3578 @ Maven-org.springframework:spring-core-3.2.4.RELEASE
Vulnerable Package issue exists @ Maven-org.springframework:spring-core-3.2.4.RELEASE in branch main
Directory traversal vulnerability in Pivotal Spring Framework 3.x before 3.2.9 and 4.0 before 4.0.5 allows remote attackers to read arbitrary files via a crafted URL.
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2ada010b-ce16-4ef9-b4ff-c3caea471eb3
Branch: main
Application: astlab2
Severity: MEDIUM
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-22
Addition Info
Remediation Upgrade Recommendation: 5.2.20.RELEASE
CVE-2021-4104 @ Maven-log4j:log4j-1.2.17
Vulnerable Package issue exists @ Maven-log4j:log4j-1.2.17 in branch main
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228. Note this issue only affects Log4j 1.2 when specifically configured to use JMSAppender, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 5b651f14-f990-4178-8575-f8ffa64eaeb9
Branch: main
Application: astlab2
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-502
Addition Info
Attack vector: NETWORK
Attack complexity: HIGH
Confidentiality impact: HIGH
Availability impact: HIGH
References
Advisory
Disclosure
Advisory
Mail Thread
Other
Other
ALB Not Dropping Invalid Headers @ /terraform_examples/positive1.tf
ALB Not Dropping Invalid Headers issue exists @ positive1.tf in branch main
It's considered a best practice when using Application Load Balancers to drop invalid header fields
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2461b328-89a6-40d3-8294-5b5c2119c54b
Branch: main
Application: astlab2
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
VPC Without Network Firewall @ /terraform_examples/positive2.tf
VPC Without Network Firewall issue exists @ positive2.tf in branch main
VPC should have a Network Firewall associated
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2461b328-89a6-40d3-8294-5b5c2119c54b
Branch: main
Application: astlab2
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
CVE-2018-1272 @ Maven-org.springframework:spring-core-3.2.4.RELEASE
Vulnerable Package issue exists @ Maven-org.springframework:spring-core-3.2.4.RELEASE in branch main
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, provide client-side support for multipart requests. When Spring MVC or Spring WebFlux server application (server A) receives input from a remote client, and then uses that input to make a multipart request to another server (server B), it can be exposed to an attack, where an extra multipart is inserted in the content of the request from server A, causing server B to use the wrong value for a part it expects. This could to lead privilege escalation, for example, if the part content represents a username or user roles.
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2ada010b-ce16-4ef9-b4ff-c3caea471eb3
Branch: main
Application: astlab2
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-264
Addition Info
Attack vector: NETWORK
Attack complexity: HIGH
Confidentiality impact: HIGH
Availability impact: HIGH
Remediation Upgrade Recommendation: 5.2.20.RELEASE
CVE-2022-22965 @ Maven-org.springframework:spring-core-3.2.4.RELEASE
Vulnerable Package issue exists @ Maven-org.springframework:spring-core-3.2.4.RELEASE in branch main
spring or spring-beans running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it. This was fixed in versions 5.2.20 and 5.3.18.
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2ada010b-ce16-4ef9-b4ff-c3caea471eb3
Branch: main
Application: astlab2
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-94
Addition Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: HIGH
Availability impact: HIGH
Remediation Upgrade Recommendation: 5.2.20.RELEASE
References
Advisory
Blog Post
POC/Exploit
Blog Post
Release Note
Issue
Commit
Disclosure
Advisory
CVE-2021-22060 @ Maven-org.springframework:spring-core-3.2.4.RELEASE
Vulnerable Package issue exists @ Maven-org.springframework:spring-core-3.2.4.RELEASE in branch main
In Spring Framework versions 5.2.x before 5.2.19.RELEASE, 5.3.x before 5.3.14 and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. This is a follow-up to CVE-2021-22096 that protects against additional types of input and in more places of the Spring Framework codebase.
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2ada010b-ce16-4ef9-b4ff-c3caea471eb3
Branch: main
Application: astlab2
Severity: MEDIUM
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-117
Addition Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: NONE
Remediation Upgrade Recommendation: 5.2.20.RELEASE
CVE-2022-23305 @ Maven-log4j:log4j-1.2.17
Vulnerable Package issue exists @ Maven-log4j:log4j-1.2.17 in branch main
By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default. Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 5b651f14-f990-4178-8575-f8ffa64eaeb9
Branch: main
Application: astlab2
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-89
Addition Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: HIGH
Availability impact: HIGH
References
Advisory
Mail Thread
Advisory
CVE-2016-5007 @ Maven-org.springframework.security:spring-security-config-3.2.4.RELEASE
Vulnerable Package issue exists @ Maven-org.springframework.security:spring-security-config-3.2.4.RELEASE in branch main
Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2.x, 4.0.x, 4.1.x, 4.2.x rely on URL pattern mappings for authorization and for mapping requests to controllers respectively. Differences in the strictness of the pattern matching mechanisms, for example with regards to space trimming in path segments, can lead Spring Security to not recognize certain paths as not protected that are in fact mapped to Spring MVC controllers that should be protected. The problem is compounded by the fact that the Spring Framework provides richer features with regards to pattern matching as well as by the fact that pattern matching in each Spring Security and the Spring Framework can easily be customized creating additional differences.
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2ada010b-ce16-4ef9-b4ff-c3caea471eb3
Branch: main
Application: astlab2
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-264
Addition Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: NONE
Availability impact: NONE
Remediation Upgrade Recommendation: 4.1.1.RELEASE
CVE-2020-5408 @ Maven-org.springframework.security:spring-security-core-3.2.4.RELEASE
Vulnerable Package issue exists @ Maven-org.springframework.security:spring-security-core-3.2.4.RELEASE in branch main
Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and before 4.2.16 use a fixed null initialization vector with CBC Mode in the implementation of the queryable text encryptor. A malicious user with access to the data that has been encrypted using such an encryptor may be able to derive the unencrypted values using a dictionary attack.
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2ada010b-ce16-4ef9-b4ff-c3caea471eb3
Branch: main
Application: astlab2
Severity: MEDIUM
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-330
Addition Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: HIGH
Availability impact: NONE
Remediation Upgrade Recommendation: 4.2.16.RELEASE
References
Advisory
Issue
Pull request
Commit
ALB Listening on HTTP @ /terraform_examples/positive1.tf
ALB Listening on HTTP issue exists @ positive1.tf in branch main
AWS Application Load Balancer (alb) should not listen on HTTP
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2461b328-89a6-40d3-8294-5b5c2119c54b
Branch: main
Application: astlab2
Severity: HIGH
State: TO_VERIFY
Status: RECURRENT
CVE-2022-22965 @ Maven-org.springframework:spring-beans-3.2.8.RELEASE
Vulnerable Package issue exists @ Maven-org.springframework:spring-beans-3.2.8.RELEASE in branch main
spring or spring-beans running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it. This was fixed in versions 5.2.20 and 5.3.18.
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2ada010b-ce16-4ef9-b4ff-c3caea471eb3
Branch: main
Application: astlab2
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-94
Addition Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: HIGH
Availability impact: HIGH
Remediation Upgrade Recommendation: 5.2.20.RELEASE
References
Advisory
Blog Post
POC/Exploit
Blog Post
Release Note
Issue
Commit
Disclosure
Advisory
IAM Access Analyzer Undefined @ /terraform_examples/negative1.tf
IAM Access Analyzer Undefined issue exists @ negative1.tf in branch main
IAM Access Analyzer should be defined to identify unintentional access
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2ada010b-ce16-4ef9-b4ff-c3caea471eb3
Branch: main
Application: astlab2
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
ALB Not Dropping Invalid Headers @ /terraform_examples/positive2.tf
ALB Not Dropping Invalid Headers issue exists @ positive2.tf in branch main
It's considered a best practice when using Application Load Balancers to drop invalid header fields
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2461b328-89a6-40d3-8294-5b5c2119c54b
Branch: main
Application: astlab2
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
VPC FlowLogs Disabled @ /terraform_examples/negative2.tf
VPC FlowLogs Disabled issue exists @ negative2.tf in branch main
VPC hasn't got any FlowLog associated
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2ada010b-ce16-4ef9-b4ff-c3caea471eb3
Branch: main
Application: astlab2
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
CVE-2022-23302 @ Maven-log4j:log4j-1.2.17
Vulnerable Package issue exists @ Maven-log4j:log4j-1.2.17 in branch main
JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 5b651f14-f990-4178-8575-f8ffa64eaeb9
Branch: main
Application: astlab2
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-502
Addition Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: HIGH
Availability impact: HIGH
References
Advisory
Mail Thread
Advisory
CVE-2019-3795 @ Maven-org.springframework.security:spring-security-core-3.2.4.RELEASE
Vulnerable Package issue exists @ Maven-org.springframework.security:spring-security-core-3.2.4.RELEASE in branch main
Spring Security before version 4.2.12, 5.0.x prior to 5.0.12, and 5.1.x prior to 5.1.5 contain an insecure randomness vulnerability when using SecureRandomFactoryBean#setSeed to configure a SecureRandom instance. In order to be impacted, an honest application must provide a seed and make the resulting random material available to an attacker for inspection.
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2ada010b-ce16-4ef9-b4ff-c3caea471eb3
Branch: main
Application: astlab2
Severity: MEDIUM
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-332
Addition Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: LOW
Availability impact: NONE
Remediation Upgrade Recommendation: 4.2.16.RELEASE
VPC Without Network Firewall @ /terraform_examples/negative2.tf
VPC Without Network Firewall issue exists @ negative2.tf in branch main
VPC should have a Network Firewall associated
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 2461b328-89a6-40d3-8294-5b5c2119c54b
Branch: main
Application: astlab2
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
CVE-2022-23307 @ Maven-log4j:log4j-1.2.17
Vulnerable Package issue exists @ Maven-log4j:log4j-1.2.17 in branch main
CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0, Chainsaw was a component of Apache Log4j 1.x where the same issue exists.
Namespace: james-bostock-cx
Repository: astlab2
Repository Url: https://github.com/james-bostock-cx/astlab2
CxAST-Project: james-bostock-cx/astlab2
CxAST platform scan: 5b651f14-f990-4178-8575-f8ffa64eaeb9
Branch: main
Application: astlab2
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-502
Addition Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: HIGH
Availability impact: HIGH
References
Mail Thread
Issue
Advisory
Advisory
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.