search

RonenDabach / MaccabiTelAviv

0 stars 0 forks source link

spring-web-2.5.6.jar: 9 vulnerabilities (highest severity is: 7.3) - autoclosed #3

Closed dev-mend-for-github-com[bot] closed 1 year ago

dev-mend-for-github-com[bot] commented 1 year ago
Vulnerable Library - spring-web-2.5.6.jar

Spring Framework: Web

Library home page: http://www.springframework.org

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/2.5.6/spring-web-2.5.6.jar

Found in HEAD commit: 634bc119747b081af21b39702793df190f2aa429

Vulnerabilities

CVE Severity CVSS Dependency Type Fixed in (spring-web version) Remediation Available
CVE-2011-2730 High 7.3 spring-web-2.5.6.jar Direct 2.5.6.SEC01
CVE-2020-5421 Medium 6.5 spring-web-2.5.6.jar Direct 4.3.29.RELEASE
CVE-2010-1622 Medium 6.0 spring-beans-2.5.6.jar Transitive 2.5.6.SEC01
CVE-2013-6429 Medium 5.6 spring-web-2.5.6.jar Direct 2.5.6.SEC01
CVE-2014-0054 Medium 5.6 spring-web-2.5.6.jar Direct 2.5.6.SEC01
CVE-2013-6430 Medium 5.4 spring-web-2.5.6.jar Direct 2.5.6.SEC01
CVE-2018-1199 Medium 5.3 spring-core-2.5.6.jar Transitive 3.0.6.RELEASE
CVE-2009-1190 Medium 5.0 detected in multiple dependencies Transitive 2.5.6.SEC01
CVE-2014-3578 Medium 5.0 spring-core-2.5.6.jar Transitive 2.5.6.SEC01

Details

CVE-2011-2730 ### Vulnerable Library - spring-web-2.5.6.jar

Spring Framework: Web

Library home page: http://www.springframework.org

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/2.5.6/spring-web-2.5.6.jar

Dependency Hierarchy: - :x: **spring-web-2.5.6.jar** (Vulnerable Library)

Found in HEAD commit: 634bc119747b081af21b39702793df190f2aa429

Found in base branch: main

### Vulnerability Details

VMware SpringSource Spring Framework before 2.5.6.SEC03, 2.5.7.SR023, and 3.x before 3.0.6, when a container supports Expression Language (EL), evaluates EL expressions in tags twice, which allows remote attackers to obtain sensitive information via a (1) name attribute in a (a) spring:hasBindErrors tag; (2) path attribute in a (b) spring:bind or (c) spring:nestedpath tag; (3) arguments, (4) code, (5) text, (6) var, (7) scope, or (8) message attribute in a (d) spring:message or (e) spring:theme tag; or (9) var, (10) scope, or (11) value attribute in a (f) spring:transform tag, aka "Expression Language Injection."

Publish Date: 2012-12-05

URL: CVE-2011-2730

### CVSS 3 Score Details (7.3)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: Low

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2011-2730

Release Date: 2012-12-05

Fix Resolution: 2.5.6.SEC01

:rescue_worker_helmet: Automatic Remediation is available for this issue
CVE-2020-5421 ### Vulnerable Library - spring-web-2.5.6.jar

Spring Framework: Web

Library home page: http://www.springframework.org

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/2.5.6/spring-web-2.5.6.jar

Dependency Hierarchy: - :x: **spring-web-2.5.6.jar** (Vulnerable Library)

Found in HEAD commit: 634bc119747b081af21b39702793df190f2aa429

Found in base branch: main

### Vulnerability Details

In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter.

Publish Date: 2020-09-19

URL: CVE-2020-5421

### CVSS 3 Score Details (6.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: Low - User Interaction: Required - Scope: Changed - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: High - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://tanzu.vmware.com/security/cve-2020-5421

Release Date: 2020-09-19

Fix Resolution: 4.3.29.RELEASE

:rescue_worker_helmet: Automatic Remediation is available for this issue
CVE-2010-1622 ### Vulnerable Library - spring-beans-2.5.6.jar

Spring Framework: Beans

Library home page: http://www.springframework.org

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-beans/2.5.6/spring-beans-2.5.6.jar

Dependency Hierarchy: - spring-web-2.5.6.jar (Root Library) - :x: **spring-beans-2.5.6.jar** (Vulnerable Library)

Found in HEAD commit: 634bc119747b081af21b39702793df190f2aa429

Found in base branch: main

### Vulnerability Details

SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file.

Publish Date: 2010-06-21

URL: CVE-2010-1622

### CVSS 2 Score Details (6.0)

Base Score Metrics not available

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1622

Release Date: 2010-06-21

Fix Resolution (org.springframework:spring-beans): 2.5.6.SEC01

Direct dependency fix Resolution (org.springframework:spring-web): 2.5.6.SEC01

:rescue_worker_helmet: Automatic Remediation is available for this issue
CVE-2013-6429 ### Vulnerable Library - spring-web-2.5.6.jar

Spring Framework: Web

Library home page: http://www.springframework.org

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/2.5.6/spring-web-2.5.6.jar

Dependency Hierarchy: - :x: **spring-web-2.5.6.jar** (Vulnerable Library)

Found in HEAD commit: 634bc119747b081af21b39702793df190f2aa429

Found in base branch: main

### Vulnerability Details

The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152 and CVE-2013-7315.

Publish Date: 2014-01-26

URL: CVE-2013-6429

### CVSS 3 Score Details (5.6)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: Low

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2013-6429

Release Date: 2014-01-26

Fix Resolution: 2.5.6.SEC01

:rescue_worker_helmet: Automatic Remediation is available for this issue
CVE-2014-0054 ### Vulnerable Library - spring-web-2.5.6.jar

Spring Framework: Web

Library home page: http://www.springframework.org

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/2.5.6/spring-web-2.5.6.jar

Dependency Hierarchy: - :x: **spring-web-2.5.6.jar** (Vulnerable Library)

Found in HEAD commit: 634bc119747b081af21b39702793df190f2aa429

Found in base branch: main

### Vulnerability Details

The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4152, CVE-2013-7315, and CVE-2013-6429.

Publish Date: 2014-04-17

URL: CVE-2014-0054

### CVSS 3 Score Details (5.6)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: Low

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2014-0054

Release Date: 2014-04-17

Fix Resolution: 2.5.6.SEC01

:rescue_worker_helmet: Automatic Remediation is available for this issue
CVE-2013-6430 ### Vulnerable Library - spring-web-2.5.6.jar

Spring Framework: Web

Library home page: http://www.springframework.org

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-web/2.5.6/spring-web-2.5.6.jar

Dependency Hierarchy: - :x: **spring-web-2.5.6.jar** (Vulnerable Library)

Found in HEAD commit: 634bc119747b081af21b39702793df190f2aa429

Found in base branch: main

### Vulnerability Details

The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring Framework before 3.2.2 does not properly escape certain characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a (1) line separator or (2) paragraph separator Unicode character or (3) left or (4) right angle bracket.

Publish Date: 2020-01-10

URL: CVE-2013-6430

### CVSS 3 Score Details (5.4)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: Low - User Interaction: Required - Scope: Changed - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6430

Release Date: 2020-01-10

Fix Resolution: 2.5.6.SEC01

:rescue_worker_helmet: Automatic Remediation is available for this issue
CVE-2018-1199 ### Vulnerable Library - spring-core-2.5.6.jar

Spring Framework: Core

Library home page: http://www.springframework.org

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-core/2.5.6/spring-core-2.5.6.jar

Dependency Hierarchy: - spring-web-2.5.6.jar (Root Library) - :x: **spring-core-2.5.6.jar** (Vulnerable Library)

Found in HEAD commit: 634bc119747b081af21b39702793df190f2aa429

Found in base branch: main

### Vulnerability Details

Spring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14 and 5.0.x before 5.0.3) does not consider URL path parameters when processing security constraints. By adding a URL path parameter with special encodings, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path parameters in the Servlet Specification. Some Servlet containers include path parameters in the value returned for getPathInfo() and some do not. Spring Security uses the value returned by getPathInfo() as part of the process of mapping requests to security constraints. In this particular attack, different character encodings used in path parameters allows secured Spring MVC static resource URLs to be bypassed.

Publish Date: 2018-03-16

URL: CVE-2018-1199

### CVSS 3 Score Details (5.3)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: None - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2018-1199

Release Date: 2018-03-16

Fix Resolution (org.springframework:spring-core): 4.2.0.RELEASE

Direct dependency fix Resolution (org.springframework:spring-web): 3.0.6.RELEASE

:rescue_worker_helmet: Automatic Remediation is available for this issue
CVE-2009-1190 ### Vulnerable Libraries - spring-context-2.5.6.jar, spring-beans-2.5.6.jar, spring-core-2.5.6.jar

### spring-context-2.5.6.jar

Spring Framework: Context

Library home page: http://www.springframework.org

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-context/2.5.6/spring-context-2.5.6.jar

Dependency Hierarchy: - spring-web-2.5.6.jar (Root Library) - :x: **spring-context-2.5.6.jar** (Vulnerable Library) ### spring-beans-2.5.6.jar

Spring Framework: Beans

Library home page: http://www.springframework.org

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-beans/2.5.6/spring-beans-2.5.6.jar

Dependency Hierarchy: - spring-web-2.5.6.jar (Root Library) - :x: **spring-beans-2.5.6.jar** (Vulnerable Library) ### spring-core-2.5.6.jar

Spring Framework: Core

Library home page: http://www.springframework.org

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-core/2.5.6/spring-core-2.5.6.jar

Dependency Hierarchy: - spring-web-2.5.6.jar (Root Library) - :x: **spring-core-2.5.6.jar** (Vulnerable Library)

Found in HEAD commit: 634bc119747b081af21b39702793df190f2aa429

Found in base branch: main

### Vulnerability Details

Algorithmic complexity vulnerability in the java.util.regex.Pattern.compile method in Sun Java Development Kit (JDK) before 1.6, when used with spring.jar in SpringSource Spring Framework 1.1.0 through 2.5.6 and 3.0.0.M1 through 3.0.0.M2 and dm Server 1.0.0 through 1.0.2, allows remote attackers to cause a denial of service (CPU consumption) via serializable data with a long regex string containing multiple optional groups, a related issue to CVE-2004-2540.

Publish Date: 2009-04-27

URL: CVE-2009-1190

### CVSS 2 Score Details (5.0)

Base Score Metrics not available

### Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2009-1190

Release Date: 2009-04-27

Fix Resolution (org.springframework:spring-context): 2.5.6.SEC01

Direct dependency fix Resolution (org.springframework:spring-web): 2.5.6.SEC01

Fix Resolution (org.springframework:spring-beans): 2.5.6.SEC01

Direct dependency fix Resolution (org.springframework:spring-web): 2.5.6.SEC01

Fix Resolution (org.springframework:spring-core): 2.5.6.SEC01

Direct dependency fix Resolution (org.springframework:spring-web): 2.5.6.SEC01

:rescue_worker_helmet: Automatic Remediation is available for this issue
CVE-2014-3578 ### Vulnerable Library - spring-core-2.5.6.jar

Spring Framework: Core

Library home page: http://www.springframework.org

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-core/2.5.6/spring-core-2.5.6.jar

Dependency Hierarchy: - spring-web-2.5.6.jar (Root Library) - :x: **spring-core-2.5.6.jar** (Vulnerable Library)

Found in HEAD commit: 634bc119747b081af21b39702793df190f2aa429

Found in base branch: main

### Vulnerability Details

Directory traversal vulnerability in Pivotal Spring Framework 3.x before 3.2.9 and 4.0 before 4.0.5 allows remote attackers to read arbitrary files via a crafted URL.

Publish Date: 2015-02-19

URL: CVE-2014-3578

### CVSS 2 Score Details (5.0)

Base Score Metrics not available

### Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2014-3578

Release Date: 2015-02-19

Fix Resolution (org.springframework:spring-core): 2.5.6.SEC01

Direct dependency fix Resolution (org.springframework:spring-web): 2.5.6.SEC01

:rescue_worker_helmet: Automatic Remediation is available for this issue

:rescue_worker_helmet: Automatic Remediation is available for this issue.

dev-mend-for-github-com[bot] commented 1 year ago

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.