esapi-2.1.0.1.jar: 29 vulnerabilities (highest severity is: 9.2) reachable - autoclosed

Vulnerable Library - esapi-2.1.0.1.jar

The Enterprise Security API (ESAPI) project is an OWASP project to create simple strong security controls for every web platform. Security controls are not simple to build. You can read about the hundreds of pitfalls for unwary developers on the OWASP web site. By providing developers with a set of strong controls, we aim to eliminate some of the complexity of creating secure web applications. This can result in significant cost savings across the SDLC.

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/owasp/esapi/esapi/2.1.0.1/esapi-2.1.0.1.jar

Found in HEAD commit: b6804b869baaf0fa73feac9d050564aed5d95c41

Vulnerabilities

CVE	Severity	CVSS	Exploit Maturity	EPSS	Dependency	Type	Fixed in (esapi version)	Remediation Possible**	Reachability
WS-2014-0034	High	8.7	Not Defined		commons-fileupload-1.3.1.jar	Transitive	2.4.0.0	✅	Reachable
CVE-2023-24998	High	8.7	Not Defined	3.2%	commons-fileupload-1.3.1.jar	Transitive	2.5.2.0	✅	Reachable
CVE-2022-29546	High	8.7	Not Defined	0.1%	nekohtml-1.9.16.jar	Transitive	N/A*	❌	Reachable
CVE-2022-24839	High	8.7	Not Defined	0.2%	nekohtml-1.9.16.jar	Transitive	N/A*	❌	Reachable
CVE-2016-3092	High	8.7	Not Defined	5.9%	commons-fileupload-1.3.1.jar	Transitive	2.2.0.0	✅	Reachable
CVE-2012-0881	High	8.7	Not Defined	0.9%	xercesImpl-2.8.0.jar	Transitive	2.5.3.0	✅	Reachable
CVE-2013-4002	High	8.2	Not Defined	1.9%	xercesImpl-2.8.0.jar	Transitive	2.5.3.0	✅	Reachable
WS-2023-0388	High	7.5	Not Defined		esapi-2.1.0.1.jar	Direct	2.5.2.0	✅	Reachable
CVE-2022-23437	High	7.1	Not Defined	0.5%	xercesImpl-2.8.0.jar	Transitive	N/A*	❌	Reachable
CVE-2016-1000031	Medium	6.9	Not Defined	5.9%	commons-fileupload-1.3.1.jar	Transitive	2.2.0.0	✅	Reachable
CVE-2009-2625	Medium	6.9	Not Defined	17.2%	xercesImpl-2.8.0.jar	Transitive	2.5.3.0	✅	Reachable
CVE-2021-29425	Medium	6.3	Not Defined	0.2%	commons-io-2.2.jar	Transitive	2.5.3.0	✅	Reachable
CVE-2024-23635	Medium	5.3	Not Defined	0.0%	antisamy-1.5.3.jar	Transitive	2.5.4.0	✅	Reachable
CVE-2022-29577	Medium	5.3	Not Defined	0.1%	antisamy-1.5.3.jar	Transitive	2.3.0.0	✅	Reachable
CVE-2022-28367	Medium	5.3	Not Defined	0.1%	antisamy-1.5.3.jar	Transitive	2.3.0.0	✅	Reachable
CVE-2021-35043	Medium	5.3	Not Defined	0.1%	antisamy-1.5.3.jar	Transitive	2.3.0.0	✅	Reachable
CVE-2017-14735	Medium	5.3	Not Defined	0.3%	antisamy-1.5.3.jar	Transitive	2.2.0.0	✅	Reachable
CVE-2016-10006	Low	2.3	Not Defined	0.1%	antisamy-1.5.3.jar	Transitive	2.2.0.0	✅	Reachable
CVE-2016-2510	Critical	9.2	Not Defined	11.8%	bsh-core-2.0b4.jar	Transitive	N/A*	❌	Unreachable
CVE-2022-34169	High	8.7	Not Defined	0.2%	xalan-2.7.0.jar	Transitive	N/A*	❌	Unreachable
CVE-2022-28366	High	8.7	Not Defined	0.1%	nekohtml-1.9.16.jar	Transitive	N/A*	❌	Unreachable
CVE-2022-23457	High	7.7	Not Defined	0.3%	esapi-2.1.0.1.jar	Direct	2.3.0.0	✅	Unreachable
CVE-2020-14338	Medium	6.9	Not Defined	0.1%	xercesImpl-2.8.0.jar	Transitive	2.5.3.0	✅	Unreachable
CVE-2019-10086	Medium	6.9	Not Defined	0.4%	commons-beanutils-core-1.8.3.jar	Transitive	N/A*	❌	Unreachable
CVE-2014-0114	Medium	6.3	Not Defined	97.299995%	commons-beanutils-core-1.8.3.jar	Transitive	N/A*	❌	Unreachable
CVE-2014-0107	Medium	6.3	Not Defined	0.5%	xalan-2.7.0.jar	Transitive	2.5.0.0	✅	Unreachable
WS-2023-0429	Medium	5.3	Not Defined		esapi-2.1.0.1.jar	Direct	no_fix	✅	Unreachable
CVE-2022-24891	Medium	5.3	Not Defined	0.2%	esapi-2.1.0.1.jar	Direct	2.3.0.0	✅	Unreachable
CVE-2023-43643	Low	2.3	Not Defined	0.1%	antisamy-1.5.3.jar	Transitive	2.5.3.0	✅	Unreachable

*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.

**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation

Details

Partial details (16 vulnerabilities) are displayed below due to a content size limitation in GitHub. To view information on the remaining vulnerabilities, navigate to the Mend Application.

WS-2014-0034

### Vulnerable Library - commons-fileupload-1.3.1.jar

The Apache Commons FileUpload component provides a simple yet flexible means of adding support for multipart file upload functionality to servlets and web applications.

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-fileupload/commons-fileupload/1.3.1/commons-fileupload-1.3.1.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - :x: **commons-fileupload-1.3.1.jar** (Vulnerable Library)

Found in HEAD commit: b6804b869baaf0fa73feac9d050564aed5d95c41

Found in base branch: master

### Reachability Analysis This vulnerability is potentially reachable ``` org.apache.commons.fileupload.FileUploadBase (Application) -> org.apache.commons.fileupload.servlet.ServletFileUpload (Extension) -> org.owasp.esapi.reference.DefaultHTTPUtilities (Extension) -> org.owasp.esapi.ESAPI (Extension) -> ❌ org.t246osslab.easybuggy.core.servlets.AbstractServlet (Vulnerable Component) ```

### Vulnerability Details

The class FileUploadBase in Apache Commons Fileupload before 1.4 has potential resource leak - InputStream not closed on exception.

Publish Date: 2014-02-17

URL: WS-2014-0034

### Threat Assessment

Exploit Maturity: Not Defined

EPSS:

### CVSS 4 Score Details (8.7)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: N/A - Impact Metrics: - Confidentiality Impact: N/A - Integrity Impact: N/A - Availability Impact: N/A

For more information on CVSS4 Scores, click here.

### Suggested Fix

Type: Upgrade version

Release Date: 2014-02-17

Fix Resolution (commons-fileupload:commons-fileupload): 1.4

Direct dependency fix Resolution (org.owasp.esapi:esapi): 2.4.0.0

In order to enable automatic remediation, please create workflow rules

CVE-2023-24998

### Vulnerable Library - commons-fileupload-1.3.1.jar

The Apache Commons FileUpload component provides a simple yet flexible means of adding support for multipart file upload functionality to servlets and web applications.

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-fileupload/commons-fileupload/1.3.1/commons-fileupload-1.3.1.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - :x: **commons-fileupload-1.3.1.jar** (Vulnerable Library)

Found in HEAD commit: b6804b869baaf0fa73feac9d050564aed5d95c41

Found in base branch: master

### Vulnerability Details

Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, the new configuration option (FileUploadBase#setFileCountMax) is not enabled by default and must be explicitly configured.

Publish Date: 2023-02-20

URL: CVE-2023-24998

### Threat Assessment

Exploit Maturity: Not Defined

EPSS: 3.2%

### CVSS 4 Score Details (8.7)

For more information on CVSS4 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://tomcat.apache.org/security-10.html

Release Date: 2023-02-20

Fix Resolution (commons-fileupload:commons-fileupload): 1.5

Direct dependency fix Resolution (org.owasp.esapi:esapi): 2.5.2.0

In order to enable automatic remediation, please create workflow rules

CVE-2022-29546

### Vulnerable Library - nekohtml-1.9.16.jar

An HTML parser and tag balancer.

Library home page: http://nekohtml.sourceforge.net/

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/net/sourceforge/nekohtml/nekohtml/1.9.16/nekohtml-1.9.16.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - antisamy-1.5.3.jar - :x: **nekohtml-1.9.16.jar** (Vulnerable Library)

Found in HEAD commit: b6804b869baaf0fa73feac9d050564aed5d95c41

Found in base branch: master

### Reachability Analysis This vulnerability is potentially reachable ``` org.cyberneko.html.HTMLScanner$ContentScanner (Application) -> org.cyberneko.html.HTMLScanner (Extension) -> org.cyberneko.html.HTMLConfiguration (Extension) -> org.owasp.validator.html.AntiSamy (Extension) ... -> org.owasp.esapi.reference.DefaultValidator (Extension) -> org.owasp.esapi.ESAPI (Extension) -> ❌ org.t246osslab.easybuggy.core.servlets.AbstractServlet (Vulnerable Component) ```

### Vulnerability Details

HtmlUnit NekoHtml Parser before 2.61.0 suffers from a denial of service vulnerability. Crafted input associated with the parsing of Processing Instruction (PI) data leads to heap memory consumption. This is similar to CVE-2022-28366 but affects a much later version of the product.

Publish Date: 2022-04-25

URL: CVE-2022-29546

### Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.1%

### CVSS 4 Score Details (8.7)

For more information on CVSS4 Scores, click here.

### Suggested Fix

Type: Upgrade version

Release Date: 2022-04-25

Fix Resolution: net.sourceforge.htmlunit:neko-htmlunit:2.61.0

CVE-2022-24839

### Vulnerable Library - nekohtml-1.9.16.jar

An HTML parser and tag balancer.

Library home page: http://nekohtml.sourceforge.net/

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/net/sourceforge/nekohtml/nekohtml/1.9.16/nekohtml-1.9.16.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - antisamy-1.5.3.jar - :x: **nekohtml-1.9.16.jar** (Vulnerable Library)

Found in HEAD commit: b6804b869baaf0fa73feac9d050564aed5d95c41

Found in base branch: master

### Vulnerability Details

org.cyberneko.html is an html parser written in Java. The fork of `org.cyberneko.html` used by Nokogiri (Rubygem) raises a `java.lang.OutOfMemoryError` exception when parsing ill-formed HTML markup. Users are advised to upgrade to `>= 1.9.22.noko2`. Note: The upstream library `org.cyberneko.html` is no longer maintained. Nokogiri uses its own fork of this library located at https://github.com/sparklemotion/nekohtml and this CVE applies only to that fork. Other forks of nekohtml may have a similar vulnerability.

Publish Date: 2022-04-11

URL: CVE-2022-24839

### Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.2%

### CVSS 4 Score Details (8.7)

For more information on CVSS4 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://github.com/sparklemotion/nekohtml/security/advisories/GHSA-9849-p7jc-9rmv

Release Date: 2022-04-11

Fix Resolution: net.sourceforge.nekohtml:nekohtml:1.9.22.noko2

CVE-2016-3092

### Vulnerable Library - commons-fileupload-1.3.1.jar

The Apache Commons FileUpload component provides a simple yet flexible means of adding support for multipart file upload functionality to servlets and web applications.

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-fileupload/commons-fileupload/1.3.1/commons-fileupload-1.3.1.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - :x: **commons-fileupload-1.3.1.jar** (Vulnerable Library)

Found in HEAD commit: b6804b869baaf0fa73feac9d050564aed5d95c41

Found in base branch: master

### Reachability Analysis This vulnerability is potentially reachable ``` org.apache.commons.fileupload.MultipartStream (Application) -> org.apache.commons.fileupload.FileUploadBase$FileItemIteratorImpl (Extension) -> org.apache.commons.fileupload.FileUploadBase (Extension) -> org.apache.commons.fileupload.servlet.ServletFileUpload (Extension) -> org.owasp.esapi.reference.DefaultHTTPUtilities (Extension) -> org.owasp.esapi.ESAPI (Extension) -> ❌ org.t246osslab.easybuggy.core.servlets.AbstractServlet (Vulnerable Component) ```

### Vulnerability Details

The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.

Publish Date: 2016-07-04

URL: CVE-2016-3092

### Threat Assessment

Exploit Maturity: Not Defined

EPSS: 5.9%

### CVSS 4 Score Details (8.7)

For more information on CVSS4 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092

Release Date: 2016-07-04

Fix Resolution (commons-fileupload:commons-fileupload): 1.3.2

Direct dependency fix Resolution (org.owasp.esapi:esapi): 2.2.0.0

In order to enable automatic remediation, please create workflow rules

CVE-2012-0881

### Vulnerable Library - xercesImpl-2.8.0.jar

Xerces2 is the next generation of high performance, fully compliant XML parsers in the Apache Xerces family. This new version of Xerces introduces the Xerces Native Interface (XNI), a complete framework for building parser components and configurations that is extremely modular and easy to program.

Library home page: http://xerces.apache.org/xerces2-j

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/xerces/xercesImpl/2.8.0/xercesImpl-2.8.0.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - xom-1.2.5.jar - :x: **xercesImpl-2.8.0.jar** (Vulnerable Library)

Found in HEAD commit: b6804b869baaf0fa73feac9d050564aed5d95c41

Found in base branch: master

### Reachability Analysis This vulnerability is potentially reachable ``` org.apache.xerces.util.SymbolTable (Application) -> org.apache.xerces.dom.DOMNormalizer (Extension) -> org.apache.xerces.dom.DocumentImpl (Extension) -> org.owasp.validator.html.AntiSamy (Extension) ... -> org.owasp.esapi.reference.DefaultValidator (Extension) -> org.owasp.esapi.ESAPI (Extension) -> ❌ org.t246osslab.easybuggy.core.servlets.AbstractServlet (Vulnerable Component) ```

### Vulnerability Details

Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service (CPU consumption) via a crafted message to an XML service, which triggers hash table collisions.

Publish Date: 2017-10-30

URL: CVE-2012-0881

### Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.9%

### CVSS 4 Score Details (8.7)

For more information on CVSS4 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0881

Release Date: 2017-10-30

Fix Resolution (xerces:xercesImpl): 2.12.0

Direct dependency fix Resolution (org.owasp.esapi:esapi): 2.5.3.0

In order to enable automatic remediation, please create workflow rules

CVE-2013-4002

### Vulnerable Library - xercesImpl-2.8.0.jar

Library home page: http://xerces.apache.org/xerces2-j

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/xerces/xercesImpl/2.8.0/xercesImpl-2.8.0.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - xom-1.2.5.jar - :x: **xercesImpl-2.8.0.jar** (Vulnerable Library)

Found in HEAD commit: b6804b869baaf0fa73feac9d050564aed5d95c41

Found in base branch: master

### Reachability Analysis This vulnerability is potentially reachable ``` org.apache.xerces.impl.XMLScanner (Application) -> org.apache.xerces.impl.dtd.XMLDTDLoader (Extension) -> org.apache.xerces.dom.DeferredDOMImplementationImpl (Extension) -> org.owasp.validator.html.AntiSamy (Extension) ... -> org.owasp.esapi.reference.DefaultValidator (Extension) -> org.owasp.esapi.ESAPI (Extension) -> ❌ org.t246osslab.easybuggy.core.servlets.AbstractServlet (Vulnerable Component) ```

### Vulnerability Details

XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names.

Publish Date: 2013-07-23

URL: CVE-2013-4002

### Threat Assessment

Exploit Maturity: Not Defined

EPSS: 1.9%

### CVSS 4 Score Details (8.2)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: N/A - Impact Metrics: - Confidentiality Impact: N/A - Integrity Impact: N/A - Availability Impact: N/A

For more information on CVSS4 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4002

Release Date: 2013-07-23

Fix Resolution (xerces:xercesImpl): 2.9.0

Direct dependency fix Resolution (org.owasp.esapi:esapi): 2.5.3.0

In order to enable automatic remediation, please create workflow rules

WS-2023-0388

### Vulnerable Library - esapi-2.1.0.1.jar

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/owasp/esapi/esapi/2.1.0.1/esapi-2.1.0.1.jar

Dependency Hierarchy: - :x: **esapi-2.1.0.1.jar** (Vulnerable Library)

Found in HEAD commit: b6804b869baaf0fa73feac9d050564aed5d95c41

Found in base branch: master

### Reachability Analysis This vulnerability is potentially reachable ``` org.owasp.esapi.reference.DefaultHTTPUtilities (Application) -> org.owasp.esapi.ESAPI (Extension) -> ❌ org.t246osslab.easybuggy.core.servlets.AbstractServlet (Vulnerable Component) ```

### Vulnerability Details

ESAPI 2.5.2.0 and later addressed the DoS vulnerability described in CVE-2023-24998, which Apache Commons FileUpload 1.5 attempted to remediate. But while writing up a new security bulletin regarding the impact on the affected ESAPI HTTPUtilities.getFileUploads methods (or more specifically those methods in the DefaultHTTPUtilities implementation class), I realized that a DoS vulnerability still persists in ESAPI and for that matter in Apache Commons FileUpload as well.

Publish Date: 2023-10-28

URL: WS-2023-0388

### Threat Assessment

Exploit Maturity: Not Defined

EPSS:

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://github.com/advisories/GHSA-7c2q-5qmr-v76q

Release Date: 2023-10-28

Fix Resolution: 2.5.2.0

In order to enable automatic remediation, please create workflow rules

CVE-2022-23437

### Vulnerable Library - xercesImpl-2.8.0.jar

Library home page: http://xerces.apache.org/xerces2-j

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/xerces/xercesImpl/2.8.0/xercesImpl-2.8.0.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - xom-1.2.5.jar - :x: **xercesImpl-2.8.0.jar** (Vulnerable Library)

Found in HEAD commit: b6804b869baaf0fa73feac9d050564aed5d95c41

Found in base branch: master

### Reachability Analysis This vulnerability is potentially reachable ``` org.apache.xerces.impl.XMLEntityScanner (Application) -> org.apache.xerces.impl.XMLEntityManager (Extension) -> org.apache.xerces.dom.DOMConfigurationImpl (Extension) -> org.owasp.validator.html.AntiSamy (Extension) ... -> org.owasp.esapi.reference.DefaultValidator (Extension) -> org.owasp.esapi.ESAPI (Extension) -> ❌ org.t246osslab.easybuggy.core.servlets.AbstractServlet (Vulnerable Component) ```

### Vulnerability Details

There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolonged duration. This vulnerability is present within XercesJ version 2.12.1 and the previous versions.

Publish Date: 2022-01-24

URL: CVE-2022-23437

### Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.5%

### CVSS 4 Score Details (7.1)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: N/A - Scope: N/A - Impact Metrics: - Confidentiality Impact: N/A - Integrity Impact: N/A - Availability Impact: N/A

For more information on CVSS4 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://github.com/advisories/GHSA-h65f-jvqw-m9fj

Release Date: 2022-01-24

Fix Resolution: xerces:xercesImpl:2.12.2

CVE-2016-1000031

### Vulnerable Library - commons-fileupload-1.3.1.jar

The Apache Commons FileUpload component provides a simple yet flexible means of adding support for multipart file upload functionality to servlets and web applications.

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-fileupload/commons-fileupload/1.3.1/commons-fileupload-1.3.1.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - :x: **commons-fileupload-1.3.1.jar** (Vulnerable Library)

Found in HEAD commit: b6804b869baaf0fa73feac9d050564aed5d95c41

Found in base branch: master

### Reachability Analysis This vulnerability is potentially reachable ``` org.apache.commons.fileupload.disk.DiskFileItem (Application) -> org.apache.commons.fileupload.disk.DiskFileItemFactory (Extension) -> org.owasp.esapi.reference.DefaultHTTPUtilities (Extension) -> org.owasp.esapi.ESAPI (Extension) -> ❌ org.t246osslab.easybuggy.core.servlets.AbstractServlet (Vulnerable Component) ```

### Vulnerability Details

Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution

Publish Date: 2016-10-25

URL: CVE-2016-1000031

### Threat Assessment

Exploit Maturity: Not Defined

EPSS: 5.9%

### CVSS 4 Score Details (6.9)

For more information on CVSS4 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000031

Release Date: 2016-10-25

Fix Resolution (commons-fileupload:commons-fileupload): 1.3.3

Direct dependency fix Resolution (org.owasp.esapi:esapi): 2.2.0.0

In order to enable automatic remediation, please create workflow rules

CVE-2009-2625

### Vulnerable Library - xercesImpl-2.8.0.jar

Library home page: http://xerces.apache.org/xerces2-j

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/xerces/xercesImpl/2.8.0/xercesImpl-2.8.0.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - xom-1.2.5.jar - :x: **xercesImpl-2.8.0.jar** (Vulnerable Library)

Found in HEAD commit: b6804b869baaf0fa73feac9d050564aed5d95c41

Found in base branch: master

### Vulnerability Details

XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.

Publish Date: 2009-08-06

URL: CVE-2009-2625

### Threat Assessment

Exploit Maturity: Not Defined

EPSS: 17.2%

### CVSS 4 Score Details (6.9)

For more information on CVSS4 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2625

Release Date: 2009-08-06

Fix Resolution (xerces:xercesImpl): 2.9.0

Direct dependency fix Resolution (org.owasp.esapi:esapi): 2.5.3.0

In order to enable automatic remediation, please create workflow rules

CVE-2021-29425

### Vulnerable Library - commons-io-2.2.jar

The Commons IO library contains utility classes, stream implementations, file filters, file comparators, endian transformation classes, and much more.

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-io/commons-io/2.2/commons-io-2.2.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - commons-fileupload-1.3.1.jar - :x: **commons-io-2.2.jar** (Vulnerable Library)

Found in HEAD commit: b6804b869baaf0fa73feac9d050564aed5d95c41

Found in base branch: master

### Reachability Analysis This vulnerability is potentially reachable ``` org.apache.commons.io.FilenameUtils (Application) -> ❌ org.t246osslab.easybuggy.vulnerabilities.UnrestrictedSizeUploadServlet (Vulnerable Component) ```

### Vulnerability Details

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value.

Publish Date: 2021-04-13

URL: CVE-2021-29425

### Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.2%

### CVSS 4 Score Details (6.3)

For more information on CVSS4 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29425

Release Date: 2021-04-13

Fix Resolution (commons-io:commons-io): 2.7

Direct dependency fix Resolution (org.owasp.esapi:esapi): 2.5.3.0

In order to enable automatic remediation, please create workflow rules

CVE-2024-23635

### Vulnerable Library - antisamy-1.5.3.jar

The OWASP AntiSamy project is a collection of APIs for safely allowing users to supply their own HTML and CSS without exposing the site to XSS vulnerabilities.

Library home page: http://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/owasp/antisamy/antisamy/1.5.3/antisamy-1.5.3.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - :x: **antisamy-1.5.3.jar** (Vulnerable Library)

Found in HEAD commit: b6804b869baaf0fa73feac9d050564aed5d95c41

Found in base branch: master

### Reachability Analysis This vulnerability is potentially reachable ``` org.owasp.validator.html.Policy (Application) -> org.owasp.esapi.reference.validation.HTMLValidationRule (Extension) -> org.owasp.esapi.reference.DefaultValidator (Extension) -> org.owasp.esapi.ESAPI (Extension) -> ❌ org.t246osslab.easybuggy.core.servlets.AbstractServlet (Vulnerable Component) ```

### Vulnerability Details

AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Prior to 1.7.5, there is a potential for a mutation XSS (mXSS) vulnerability in AntiSamy caused by flawed parsing of the HTML being sanitized. To be subject to this vulnerability the `preserveComments` directive must be enabled in your policy file. As a result, certain crafty inputs can result in elements in comment tags being interpreted as executable when using AntiSamy's sanitized output. Patched in AntiSamy 1.7.5 and later.

Publish Date: 2024-02-02

URL: CVE-2024-23635

### Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.0%

### CVSS 4 Score Details (5.3)

For more information on CVSS4 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://github.com/nahsra/antisamy/security/advisories/GHSA-2mrq-w8pv-5pvq

Release Date: 2024-02-02

Fix Resolution (org.owasp.antisamy:antisamy): 1.7.5

Direct dependency fix Resolution (org.owasp.esapi:esapi): 2.5.4.0

In order to enable automatic remediation, please create workflow rules

CVE-2022-29577

### Vulnerable Library - antisamy-1.5.3.jar

The OWASP AntiSamy project is a collection of APIs for safely allowing users to supply their own HTML and CSS without exposing the site to XSS vulnerabilities.

Library home page: http://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/owasp/antisamy/antisamy/1.5.3/antisamy-1.5.3.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - :x: **antisamy-1.5.3.jar** (Vulnerable Library)

Found in HEAD commit: b6804b869baaf0fa73feac9d050564aed5d95c41

Found in base branch: master

### Reachability Analysis This vulnerability is potentially reachable ``` org.owasp.validator.html.scan.AntiSamyDOMScanner (Application) -> org.owasp.validator.html.AntiSamy (Extension) -> org.owasp.esapi.reference.validation.HTMLValidationRule (Extension) -> org.owasp.esapi.reference.DefaultValidator (Extension) -> org.owasp.esapi.ESAPI (Extension) -> ❌ org.t246osslab.easybuggy.core.servlets.AbstractServlet (Vulnerable Component) ```

### Vulnerability Details

OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets (CSS) content. NOTE: this issue exists because of an incomplete fix for CVE-2022-28367.

Publish Date: 2022-04-21

URL: CVE-2022-29577

### Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.1%

### CVSS 4 Score Details (5.3)

For more information on CVSS4 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29577

Release Date: 2022-04-21

Fix Resolution (org.owasp.antisamy:antisamy): 1.6.7

Direct dependency fix Resolution (org.owasp.esapi:esapi): 2.3.0.0

In order to enable automatic remediation, please create workflow rules

CVE-2022-28367

### Vulnerable Library - antisamy-1.5.3.jar

The OWASP AntiSamy project is a collection of APIs for safely allowing users to supply their own HTML and CSS without exposing the site to XSS vulnerabilities.

Library home page: http://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/owasp/antisamy/antisamy/1.5.3/antisamy-1.5.3.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - :x: **antisamy-1.5.3.jar** (Vulnerable Library)

Found in HEAD commit: b6804b869baaf0fa73feac9d050564aed5d95c41

Found in base branch: master

### Vulnerability Details

OWASP AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets (CSS) content.

Publish Date: 2022-04-21

URL: CVE-2022-28367

### Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.1%

### CVSS 4 Score Details (5.3)

For more information on CVSS4 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28367

Release Date: 2022-04-21

Fix Resolution (org.owasp.antisamy:antisamy): 1.6.6

Direct dependency fix Resolution (org.owasp.esapi:esapi): 2.3.0.0

In order to enable automatic remediation, please create workflow rules

CVE-2021-35043

### Vulnerable Library - antisamy-1.5.3.jar

The OWASP AntiSamy project is a collection of APIs for safely allowing users to supply their own HTML and CSS without exposing the site to XSS vulnerabilities.

Library home page: http://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/owasp/antisamy/antisamy/1.5.3/antisamy-1.5.3.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - :x: **antisamy-1.5.3.jar** (Vulnerable Library)

Found in HEAD commit: b6804b869baaf0fa73feac9d050564aed5d95c41

Found in base branch: master

### Reachability Analysis This vulnerability is potentially reachable ``` org.owasp.validator.html.scan.ASHTMLSerializer (Application) -> org.owasp.validator.html.scan.AbstractAntiSamyScanner (Extension) -> org.owasp.validator.html.scan.AntiSamySAXScanner (Extension) -> org.owasp.validator.html.AntiSamy (Extension) ... -> org.owasp.esapi.reference.DefaultValidator (Extension) -> org.owasp.esapi.ESAPI (Extension) -> ❌ org.t246osslab.easybuggy.core.servlets.AbstractServlet (Vulnerable Component) ```

### Vulnerability Details

OWASP AntiSamy before 1.6.4 allows XSS via HTML attributes when using the HTML output serializer (XHTML is not affected). This was demonstrated by a javascript: URL with : as the replacement for the : character.

Publish Date: 2021-07-19

URL: CVE-2021-35043

### Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.1%

### CVSS 4 Score Details (5.3)

For more information on CVSS4 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35043

Release Date: 2021-07-19

Fix Resolution (org.owasp.antisamy:antisamy): 1.6.4

Direct dependency fix Resolution (org.owasp.esapi:esapi): 2.3.0.0

In order to enable automatic remediation, please create workflow rules

In order to enable automatic remediation for this issue, please create workflow rules

Mend-Sales / easybuggy

esapi-2.1.0.1.jar: 29 vulnerabilities (highest severity is: 9.2) reachable - autoclosed #12

Vulnerabilities

Details