webwolf-v8.1.0.jar: 10 vulnerabilities (highest severity is: 9.8) - autoclosed

Vulnerable Library - webwolf-v8.1.0.jar

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/5.2.2.RELEASE/spring-web-5.2.2.RELEASE.jar,/home/wss-scanner/.m2/repository/org/springframework/spring-web/5.2.2.RELEASE/spring-web-5.2.2.RELEASE.jar,/home/wss-scanner/.m2/repository/org/springframework/spring-web/5.2.2.RELEASE/spring-web-5.2.2.RELEASE.jar

Found in HEAD commit: f0c1d123bb3375482e903c0febdd18513fb47ec8

Vulnerabilities

CVE	Severity	CVSS	Dependency	Type	Fixed in (webwolf-v8.1.0.jar version)	Remediation Possible**
CVE-2020-10683	Critical	9.8	dom4j-2.1.1.jar	Transitive	N/A*	❌
CVE-2016-1000027	Critical	9.8	spring-web-5.2.2.RELEASE.jar	Transitive	N/A*	❌
CVE-2021-22118	High	7.8	spring-web-5.2.2.RELEASE.jar	Transitive	N/A*	❌
CVE-2020-5398	High	7.5	spring-web-5.2.2.RELEASE.jar	Transitive	N/A*	❌
CVE-2020-25638	High	7.4	hibernate-core-5.4.9.Final.jar	Transitive	N/A*	❌
CVE-2020-5408	Medium	6.5	spring-security-core-5.2.1.RELEASE.jar	Transitive	N/A*	❌
CVE-2019-14900	Medium	6.5	hibernate-core-5.4.9.Final.jar	Transitive	N/A*	❌
CVE-2020-5421	Medium	6.5	spring-web-5.2.2.RELEASE.jar	Transitive	N/A*	❌
CVE-2020-10693	Medium	5.3	hibernate-validator-6.0.18.Final.jar	Transitive	N/A*	❌
CVE-2020-5397	Medium	5.3	detected in multiple dependencies	Transitive	N/A*	❌

*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.

**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation

Details

CVE-2020-10683

### Vulnerable Library - dom4j-2.1.1.jar

flexible XML framework for Java

Library home page: http://dom4j.github.io/

Path to dependency file: /webwolf/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/dom4j/dom4j/2.1.1/dom4j-2.1.1.jar,/home/wss-scanner/.m2/repository/org/dom4j/dom4j/2.1.1/dom4j-2.1.1.jar,/home/wss-scanner/.m2/repository/org/dom4j/dom4j/2.1.1/dom4j-2.1.1.jar

Dependency Hierarchy: - webwolf-v8.1.0.jar (Root Library) - spring-boot-starter-data-jpa-2.2.2.RELEASE.jar - hibernate-core-5.4.9.Final.jar - :x: **dom4j-2.1.1.jar** (Vulnerable Library)

Found in HEAD commit: f0c1d123bb3375482e903c0febdd18513fb47ec8

Found in base branch: master

### Vulnerability Details

dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.

Publish Date: 2020-05-01

URL: CVE-2020-10683

### CVSS 3 Score Details (9.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Release Date: 2020-05-01

Fix Resolution: org.dom4j:dom4j:2.1.3,org.dom4j:dom4j:2.0.3

CVE-2016-1000027

### Vulnerable Library - spring-web-5.2.2.RELEASE.jar

Spring Web

Library home page: https://github.com/spring-projects/spring-framework

Path to dependency file: /webwolf/pom.xml

Dependency Hierarchy: - webwolf-v8.1.0.jar (Root Library) - spring-boot-starter-web-2.2.2.RELEASE.jar - :x: **spring-web-5.2.2.RELEASE.jar** (Vulnerable Library)

Found in HEAD commit: f0c1d123bb3375482e903c0febdd18513fb47ec8

Found in base branch: master

### Vulnerability Details

Pivotal Spring Framework through 5.3.16 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication may be required. NOTE: the vendor's position is that untrusted data is not an intended use case. The product's behavior will not be changed because some users rely on deserialization of trusted data.

Publish Date: 2020-01-02

URL: CVE-2016-1000027

### CVSS 3 Score Details (9.8)

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Release Date: 2020-01-02

Fix Resolution: org.springframework:spring-web:5.3.0

CVE-2021-22118

### Vulnerable Library - spring-web-5.2.2.RELEASE.jar

Spring Web

Library home page: https://github.com/spring-projects/spring-framework

Path to dependency file: /webwolf/pom.xml

Dependency Hierarchy: - webwolf-v8.1.0.jar (Root Library) - spring-boot-starter-web-2.2.2.RELEASE.jar - :x: **spring-web-5.2.2.RELEASE.jar** (Vulnerable Library)

Found in HEAD commit: f0c1d123bb3375482e903c0febdd18513fb47ec8

Found in base branch: master

### Vulnerability Details

In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFlux application, or overwrite arbitrary files with multipart request data.

Publish Date: 2021-05-27

URL: CVE-2021-22118

### CVSS 3 Score Details (7.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://tanzu.vmware.com/security/cve-2021-22118

Release Date: 2021-05-27

Fix Resolution: org.springframework:spring-web:5.2.15,5.3.7

CVE-2020-5398

### Vulnerable Library - spring-web-5.2.2.RELEASE.jar

Spring Web

Library home page: https://github.com/spring-projects/spring-framework

Path to dependency file: /webwolf/pom.xml

Dependency Hierarchy: - webwolf-v8.1.0.jar (Root Library) - spring-boot-starter-web-2.2.2.RELEASE.jar - :x: **spring-web-5.2.2.RELEASE.jar** (Vulnerable Library)

Found in HEAD commit: f0c1d123bb3375482e903c0febdd18513fb47ec8

Found in base branch: master

### Vulnerability Details

In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input.

Publish Date: 2020-01-17

URL: CVE-2020-5398

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://pivotal.io/security/cve-2020-5398

Release Date: 2020-01-17

Fix Resolution: org.springframework:spring-web:5.0.16.RELEASE,org.springframework:spring-web:5.1.13.RELEASE,org.springframework:spring-web:5.2.3.RELEASE

CVE-2020-25638

### Vulnerable Library - hibernate-core-5.4.9.Final.jar

Hibernate's core ORM functionality

Library home page: http://hibernate.org/orm

Path to dependency file: /webgoat-container/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/hibernate/hibernate-core/5.4.9.Final/hibernate-core-5.4.9.Final.jar,/home/wss-scanner/.m2/repository/org/hibernate/hibernate-core/5.4.9.Final/hibernate-core-5.4.9.Final.jar,/home/wss-scanner/.m2/repository/org/hibernate/hibernate-core/5.4.9.Final/hibernate-core-5.4.9.Final.jar

Dependency Hierarchy: - webwolf-v8.1.0.jar (Root Library) - spring-boot-starter-data-jpa-2.2.2.RELEASE.jar - :x: **hibernate-core-5.4.9.Final.jar** (Vulnerable Library)

Found in HEAD commit: f0c1d123bb3375482e903c0febdd18513fb47ec8

Found in base branch: master

### Vulnerability Details

A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.

Publish Date: 2020-12-02

URL: CVE-2020-25638

### CVSS 3 Score Details (7.4)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://in.relation.to/2020/11/19/hibernate-orm-5424-final-release/

Release Date: 2020-12-02

Fix Resolution: org.hibernate:hibernate-core:5.3.20.Final,5.4.24.Final

CVE-2020-5408

### Vulnerable Library - spring-security-core-5.2.1.RELEASE.jar

spring-security-core

Library home page: http://spring.io/spring-security

Path to dependency file: /webgoat-integration-tests/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/security/spring-security-core/5.2.1.RELEASE/spring-security-core-5.2.1.RELEASE.jar

Dependency Hierarchy: - webwolf-v8.1.0.jar (Root Library) - spring-security-test-5.2.1.RELEASE.jar - :x: **spring-security-core-5.2.1.RELEASE.jar** (Vulnerable Library)

Found in HEAD commit: f0c1d123bb3375482e903c0febdd18513fb47ec8

Found in base branch: master

### Vulnerability Details

Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null initialization vector with CBC Mode in the implementation of the queryable text encryptor. A malicious user with access to the data that has been encrypted using such an encryptor may be able to derive the unencrypted values using a dictionary attack.

Publish Date: 2020-05-14

URL: CVE-2020-5408

### CVSS 3 Score Details (6.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5408

Release Date: 2020-05-14

Fix Resolution: org.springframework.security:spring-security-crypto:4.2.16,5.0.16,5.1.10,5.2.4,5.3.2,org.springframework.security:spring-security-core:4.2.16,5.0.16,5.1.10,5.2.4,5.3.2

CVE-2019-14900

### Vulnerable Library - hibernate-core-5.4.9.Final.jar

Hibernate's core ORM functionality

Library home page: http://hibernate.org/orm

Path to dependency file: /webgoat-container/pom.xml

Dependency Hierarchy: - webwolf-v8.1.0.jar (Root Library) - spring-boot-starter-data-jpa-2.2.2.RELEASE.jar - :x: **hibernate-core-5.4.9.Final.jar** (Vulnerable Library)

Found in HEAD commit: f0c1d123bb3375482e903c0febdd18513fb47ec8

Found in base branch: master

### Vulnerability Details

A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.

Publish Date: 2020-07-06

URL: CVE-2019-14900

### CVSS 3 Score Details (6.5)

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14900

Release Date: 2020-07-06

Fix Resolution: org.hibernate:hibernate-core:5.4.18.Final

CVE-2020-5421

### Vulnerable Library - spring-web-5.2.2.RELEASE.jar

Spring Web

Library home page: https://github.com/spring-projects/spring-framework

Path to dependency file: /webwolf/pom.xml

Dependency Hierarchy: - webwolf-v8.1.0.jar (Root Library) - spring-boot-starter-web-2.2.2.RELEASE.jar - :x: **spring-web-5.2.2.RELEASE.jar** (Vulnerable Library)

Found in HEAD commit: f0c1d123bb3375482e903c0febdd18513fb47ec8

Found in base branch: master

### Vulnerability Details

In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter.

Publish Date: 2020-09-19

URL: CVE-2020-5421

### CVSS 3 Score Details (6.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: Low - User Interaction: Required - Scope: Changed - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: High - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://tanzu.vmware.com/security/cve-2020-5421

Release Date: 2020-09-19

Fix Resolution: org.springframework:spring-web:4.3.29,5.0.19,5.1.18,5.2.9

CVE-2020-10693

### Vulnerable Library - hibernate-validator-6.0.18.Final.jar

Hibernate's Bean Validation (JSR-380) reference implementation.

Library home page: http://hibernate.org/validator

Path to dependency file: /webgoat-container/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/hibernate/validator/hibernate-validator/6.0.18.Final/hibernate-validator-6.0.18.Final.jar,/home/wss-scanner/.m2/repository/org/hibernate/validator/hibernate-validator/6.0.18.Final/hibernate-validator-6.0.18.Final.jar,/home/wss-scanner/.m2/repository/org/hibernate/validator/hibernate-validator/6.0.18.Final/hibernate-validator-6.0.18.Final.jar

Dependency Hierarchy: - webwolf-v8.1.0.jar (Root Library) - spring-boot-starter-web-2.2.2.RELEASE.jar - spring-boot-starter-validation-2.2.2.RELEASE.jar - :x: **hibernate-validator-6.0.18.Final.jar** (Vulnerable Library)

Found in HEAD commit: f0c1d123bb3375482e903c0febdd18513fb47ec8

Found in base branch: master

### Vulnerability Details

A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping) controls that developers may have put in place when handling user-controlled data in error messages.

Publish Date: 2020-05-06

URL: CVE-2020-10693

### CVSS 3 Score Details (5.3)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: Low - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://hibernate.atlassian.net/projects/HV/issues/HV-1774

Release Date: 2020-05-06

Fix Resolution: org.hibernate.validator:hibernate-validator:6.0.20.Final,org.hibernate.validator:hibernate-validator:6.1.5.Final,org.hibernate.validator:hibernate-validator:7.0.0.Alpha2

CVE-2020-5397

### Vulnerable Libraries - spring-webmvc-5.2.2.RELEASE.jar, spring-web-5.2.2.RELEASE.jar

### spring-webmvc-5.2.2.RELEASE.jar

Spring Web MVC

Library home page: https://github.com/spring-projects/spring-framework

Path to dependency file: /webgoat-integration-tests/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-webmvc/5.2.2.RELEASE/spring-webmvc-5.2.2.RELEASE.jar,/home/wss-scanner/.m2/repository/org/springframework/spring-webmvc/5.2.2.RELEASE/spring-webmvc-5.2.2.RELEASE.jar,/home/wss-scanner/.m2/repository/org/springframework/spring-webmvc/5.2.2.RELEASE/spring-webmvc-5.2.2.RELEASE.jar

Dependency Hierarchy: - webwolf-v8.1.0.jar (Root Library) - spring-boot-starter-web-2.2.2.RELEASE.jar - :x: **spring-webmvc-5.2.2.RELEASE.jar** (Vulnerable Library) ### spring-web-5.2.2.RELEASE.jar

Spring Web

Library home page: https://github.com/spring-projects/spring-framework

Path to dependency file: /webwolf/pom.xml

Dependency Hierarchy: - webwolf-v8.1.0.jar (Root Library) - spring-boot-starter-web-2.2.2.RELEASE.jar - :x: **spring-web-5.2.2.RELEASE.jar** (Vulnerable Library)

Found in HEAD commit: f0c1d123bb3375482e903c0febdd18513fb47ec8

Found in base branch: master

### Vulnerability Details

Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module) endpoints. Only non-authenticated endpoints are vulnerable because preflight requests should not include credentials and therefore requests should fail authentication. However a notable exception to this are Chrome based browsers when using client certificates for authentication since Chrome sends TLS client certificates in CORS preflight requests in violation of spec requirements. No HTTP body can be sent or received as a result of this attack.

Publish Date: 2020-01-17

URL: CVE-2020-5397

### CVSS 3 Score Details (5.3)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: Low - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://pivotal.io/security/cve-2020-5397

Release Date: 2020-01-17

Fix Resolution: 5.2.3

ReachabilityOrg / WebGoat_8.1.0_2

webwolf-v8.1.0.jar: 10 vulnerabilities (highest severity is: 9.8) - autoclosed #11

Vulnerabilities

Details