mend-for-github-com[bot]
commented
7 months ago :information_source: This issue was automatically closed by Mend because it is a duplicate of an existing issue: #25
Closed mend-for-github-com[bot] closed 7 months ago
mend-for-github-com[bot]
commented
7 months ago :information_source: This issue was automatically closed by Mend because it is a duplicate of an existing issue: #25
mend-for-github-com[bot]
commented
7 months ago :information_source: This issue was automatically closed by Mend because it is a duplicate of an existing issue: #25
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/tomcat/embed/tomcat-embed-core/9.0.62/tomcat-embed-core-9.0.62.jar
Found in HEAD commit: 7b8cb47d60e217a5471918e15b838e9304037ddc
Vulnerabilities
Reachable
Reachable
Reachable
Reachable
Reachable
Reachable
Reachable
Reachable
Unreachable
Unreachable
Unreachable
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
CVE-2023-46589 (Reachable)
### Vulnerable Library - tomcat-embed-core-9.0.62.jarCore Tomcat implementation
Library home page: https://tomcat.apache.org/
Path to dependency file: /service/synapse-service-imperative/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/tomcat/embed/tomcat-embed-core/9.0.62/tomcat-embed-core-9.0.62.jar
Dependency Hierarchy: - synapse-data-postgres-0.3.32-SNAPSHOT.jar (Root Library) - spring-boot-starter-data-rest-2.7.4.jar - spring-boot-starter-web-2.7.4.jar - spring-boot-starter-tomcat-2.7.4.jar - :x: **tomcat-embed-core-9.0.62.jar** (Vulnerable Library)
Found in HEAD commit: 7b8cb47d60e217a5471918e15b838e9304037ddc
Found in base branch: develop
### Reachability Analysis This vulnerability is potentially reachable ``` io.americanexpress.synapse.api.rest.imperative.controller.exceptionhandler.ControllerExceptionHandler (Application) -> ❌ org.apache.catalina.connector.Request (Vulnerable Component) ``` ### Vulnerability DetailsImproper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy. Users are recommended to upgrade to version 11.0.0-M11 onwards, 10.1.16 onwards, 9.0.83 onwards or 8.5.96 onwards, which fix the issue.
Publish Date: 2023-11-28
URL: CVE-2023-46589
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://tomcat.apache.org/security-11.html
Release Date: 2023-11-28
Fix Resolution: org.apache.tomcat:tomcat-coyote:8.5.96,9.0.83,10.1.16,11.0.0-M11, org.apache.tomcat.embed:tomcat-embed-core:8.5.96,9.0.83,10.1.16,11.0.0-M11, org.apache.tomcat:tomcat-catalina:8.5.96,9.0.83,10.1.16,11.0.0-M11
CVE-2023-44487 (Reachable)
### Vulnerable Library - tomcat-embed-core-9.0.62.jarCore Tomcat implementation
Library home page: https://tomcat.apache.org/
Path to dependency file: /service/synapse-service-imperative/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/tomcat/embed/tomcat-embed-core/9.0.62/tomcat-embed-core-9.0.62.jar
Dependency Hierarchy: - synapse-data-postgres-0.3.32-SNAPSHOT.jar (Root Library) - spring-boot-starter-data-rest-2.7.4.jar - spring-boot-starter-web-2.7.4.jar - spring-boot-starter-tomcat-2.7.4.jar - :x: **tomcat-embed-core-9.0.62.jar** (Vulnerable Library)
Found in HEAD commit: 7b8cb47d60e217a5471918e15b838e9304037ddc
Found in base branch: develop
### Reachability Analysis This vulnerability is potentially reachable ``` io.americanexpress.synapse.service.reactive.rest.config.BaseServiceReactiveRestConfig (Application) -> org.springframework.boot.autoconfigure.web.reactive.WebFluxAutoConfiguration$WebFluxConfig (Extension) -> org.springframework.boot.autoconfigure.web.reactive.WebFluxAutoConfiguration (Extension) -> org.springframework.boot.autoconfigure.web.reactive.ReactiveWebServerFactoryAutoConfiguration (Extension) ... -> org.springframework.boot.web.embedded.tomcat.TomcatReactiveWebServerFactory (Extension) -> org.apache.coyote.http2.Http2Protocol (Extension) -> ❌ org.apache.coyote.http2.Http2UpgradeHandler (Vulnerable Component) ``` ### Vulnerability DetailsThe HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Publish Date: 2023-10-10
URL: CVE-2023-44487
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://www.cve.org/CVERecord?id=CVE-2023-44487
Release Date: 2023-10-10
Fix Resolution: org.eclipse.jetty.http2:http2-server:9.4.53.v20231009,10.0.17,11.0.17, org.eclipse.jetty.http2:jetty-http2-server:12.0.2, org.eclipse.jetty.http2:http2-common:9.4.53.v20231009,10.0.17,11.0.17, org.eclipse.jetty.http2:jetty-http2-common:12.0.2, nghttp - v1.57.0, swift-nio-http2 - 1.28.0, io.netty:netty-codec-http2:4.1.100.Final, trafficserver - 9.2.3, org.apache.tomcat:tomcat-coyote:8.5.94,9.0.81,10.1.14, org.apache.tomcat.embed:tomcat-embed-core:8.5.94,9.0.81,10.1.14, Microsoft.AspNetCore.App - 6.0.23,7.0.12, contour - v1.26.1, proxygen - v2023.10.16.00, grpc-go - v1.56.3, v1.57.1, v1.58.3
CVE-2023-24998 (Reachable)
### Vulnerable Library - tomcat-embed-core-9.0.62.jarCore Tomcat implementation
Library home page: https://tomcat.apache.org/
Path to dependency file: /service/synapse-service-imperative/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/tomcat/embed/tomcat-embed-core/9.0.62/tomcat-embed-core-9.0.62.jar
Dependency Hierarchy: - synapse-data-postgres-0.3.32-SNAPSHOT.jar (Root Library) - spring-boot-starter-data-rest-2.7.4.jar - spring-boot-starter-web-2.7.4.jar - spring-boot-starter-tomcat-2.7.4.jar - :x: **tomcat-embed-core-9.0.62.jar** (Vulnerable Library)
Found in HEAD commit: 7b8cb47d60e217a5471918e15b838e9304037ddc
Found in base branch: develop
### Reachability Analysis This vulnerability is potentially reachable ``` io.americanexpress.synapse.api.rest.imperative.controller.exceptionhandler.ControllerExceptionHandler (Application) -> org.apache.catalina.connector.Request (Extension) -> org.apache.catalina.connector.Request$7 (Extension) -> org.apache.coyote.http11.AbstractHttp11Protocol (Extension) ... -> org.apache.coyote.RequestGroupInfo (Extension) -> org.apache.tomcat.util.modeler.ManagedBean (Extension) -> ❌ org.apache.tomcat.util.modeler.OperationInfo (Vulnerable Component) ``` ### Vulnerability DetailsApache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the possibility of an attacker triggering a DoS with a malicious upload or series of uploads. Note that, like all of the file upload limits, the new configuration option (FileUploadBase#setFileCountMax) is not enabled by default and must be explicitly configured.
Publish Date: 2023-02-20
URL: CVE-2023-24998
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://tomcat.apache.org/security-10.html
Release Date: 2023-02-20
Fix Resolution: commons-fileupload:commons-fileupload:1.5;org.apache.tomcat:tomcat-coyote:8.5.85,9.0.71,10.1.5,11.0.0-M3;org.apache.tomcat.embed:tomcat-embed-core:8.5.85,9.0.71,10.1.5,11.0.0-M3;org.apache.tomcat:tomcat-util:8.5.85,9.0.71,10.1.5,11.0.0-M3;org.apache.tomcat:tomcat-catalina:8.5.85,9.0.71,10.1.5,11.0.0-M3
CVE-2023-20860 (Reachable)
### Vulnerable Library - spring-webmvc-5.3.18.jarSpring Web MVC
Path to dependency file: /data/data-samples/sample-data-postgres-book/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/spring-webmvc/5.3.18/spring-webmvc-5.3.18.jar
Dependency Hierarchy: - synapse-data-postgres-0.3.32-SNAPSHOT.jar (Root Library) - spring-boot-starter-data-rest-2.7.4.jar - spring-boot-starter-web-2.7.4.jar - :x: **spring-webmvc-5.3.18.jar** (Vulnerable Library)
Found in HEAD commit: 7b8cb47d60e217a5471918e15b838e9304037ddc
Found in base branch: develop
### Reachability Analysis This vulnerability is potentially reachable ``` io.americanexpress.synapse.service.rest.controller.exceptionhandler.ControllerExceptionHandler (Application) -> org.springframework.web.servlet.handler.HandlerMappingIntrospector$AttributesPreservingRequest (Extension) -> ❌ org.springframework.web.servlet.handler.HandlerMappingIntrospector (Vulnerable Component) ``` ### Vulnerability DetailsSpring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using "**" as a pattern in Spring Security configuration with the mvcRequestMatcher creates a mismatch in pattern matching between Spring Security and Spring MVC, and the potential for a security bypass.
Publish Date: 2023-03-27
URL: CVE-2023-20860
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://spring.io/blog/2023/03/21/this-week-in-spring-march-21st-2023/
Release Date: 2023-03-27
Fix Resolution: org.springframework:spring-webmvc:5.3.26,6.0.7
CVE-2022-42252 (Reachable)
### Vulnerable Library - tomcat-embed-core-9.0.62.jarCore Tomcat implementation
Library home page: https://tomcat.apache.org/
Path to dependency file: /service/synapse-service-imperative/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/tomcat/embed/tomcat-embed-core/9.0.62/tomcat-embed-core-9.0.62.jar
Dependency Hierarchy: - synapse-data-postgres-0.3.32-SNAPSHOT.jar (Root Library) - spring-boot-starter-data-rest-2.7.4.jar - spring-boot-starter-web-2.7.4.jar - spring-boot-starter-tomcat-2.7.4.jar - :x: **tomcat-embed-core-9.0.62.jar** (Vulnerable Library)
Found in HEAD commit: 7b8cb47d60e217a5471918e15b838e9304037ddc
Found in base branch: develop
### Reachability Analysis This vulnerability is potentially reachable ``` io.americanexpress.synapse.api.rest.imperative.controller.exceptionhandler.ControllerExceptionHandler (Application) -> org.apache.catalina.connector.Request (Extension) -> org.apache.catalina.connector.Request$7 (Extension) -> org.apache.coyote.http11.AbstractHttp11Protocol (Extension) ... -> org.apache.coyote.RequestGroupInfo (Extension) -> org.apache.tomcat.util.modeler.ManagedBean (Extension) -> ❌ org.apache.tomcat.util.modeler.OperationInfo (Vulnerable Component) ``` ### Vulnerability DetailsIf Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10.0.26 or 10.1.0-M1 to 10.1.0 was configured to ignore invalid HTTP headers via setting rejectIllegalHeader to false (the default for 8.5.x only), Tomcat did not reject a request containing an invalid Content-Length header making a request smuggling attack possible if Tomcat was located behind a reverse proxy that also failed to reject the request with the invalid header.
Publish Date: 2022-11-01
URL: CVE-2022-42252
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://github.com/advisories/GHSA-p22x-g9px-3945
Release Date: 2022-11-01
Fix Resolution: org.apache.tomcat:tomcat:8.5.83,9.0.68,10.0.27,10.1.1
CVE-2023-45648 (Reachable)
### Vulnerable Library - tomcat-embed-core-9.0.62.jarCore Tomcat implementation
Library home page: https://tomcat.apache.org/
Path to dependency file: /service/synapse-service-imperative/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/tomcat/embed/tomcat-embed-core/9.0.62/tomcat-embed-core-9.0.62.jar
Dependency Hierarchy: - synapse-data-postgres-0.3.32-SNAPSHOT.jar (Root Library) - spring-boot-starter-data-rest-2.7.4.jar - spring-boot-starter-web-2.7.4.jar - spring-boot-starter-tomcat-2.7.4.jar - :x: **tomcat-embed-core-9.0.62.jar** (Vulnerable Library)
Found in HEAD commit: 7b8cb47d60e217a5471918e15b838e9304037ddc
Found in base branch: develop
### Reachability Analysis This vulnerability is potentially reachable ``` io.americanexpress.synapse.api.rest.imperative.controller.exceptionhandler.ControllerExceptionHandler (Application) -> org.apache.catalina.connector.Request (Extension) -> org.apache.catalina.core.ApplicationSessionCookieConfig (Extension) -> org.apache.catalina.startup.ConnectorCreateRule (Extension) ... -> org.apache.coyote.http11.AbstractHttp11Protocol (Extension) -> org.apache.coyote.http11.Http11Processor (Extension) -> ❌ org.apache.coyote.http11.Http11InputBuffer (Vulnerable Component) ``` ### Vulnerability DetailsImproper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially crafted, invalid trailer header could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy. Users are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fix the issue.
Publish Date: 2023-10-10
URL: CVE-2023-45648
### CVSS 3 Score Details (5.3)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: Low - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2023-45648
Release Date: 2023-10-10
Fix Resolution: org.apache.tomcat.embed:tomcat-embed-core - 11.0.0-M12,8.5.94,9.0.81;org.apache.tomcat:tomcat-coyote - 8.5.94,10.0.0-M1,10.1.14,11.0.0-M12
CVE-2023-42795 (Reachable)
### Vulnerable Library - tomcat-embed-core-9.0.62.jarCore Tomcat implementation
Library home page: https://tomcat.apache.org/
Path to dependency file: /service/synapse-service-imperative/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/tomcat/embed/tomcat-embed-core/9.0.62/tomcat-embed-core-9.0.62.jar
Dependency Hierarchy: - synapse-data-postgres-0.3.32-SNAPSHOT.jar (Root Library) - spring-boot-starter-data-rest-2.7.4.jar - spring-boot-starter-web-2.7.4.jar - spring-boot-starter-tomcat-2.7.4.jar - :x: **tomcat-embed-core-9.0.62.jar** (Vulnerable Library)
Found in HEAD commit: 7b8cb47d60e217a5471918e15b838e9304037ddc
Found in base branch: develop
### Reachability Analysis This vulnerability is potentially reachable ``` io.americanexpress.synapse.service.rest.controller.exceptionhandler.ControllerExceptionHandler (Application) -> ❌ org.apache.catalina.core.ApplicationHttpRequest (Vulnerable Component) ``` ### Vulnerability DetailsIncomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.80 and from 8.5.0 through 8.5.93, an error could cause Tomcat to skip some parts of the recycling process leading to information leaking from the current request/response to the next. Users are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fixes the issue.
Publish Date: 2023-10-10
URL: CVE-2023-42795
### CVSS 3 Score Details (5.3)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: None - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2023-42795
Release Date: 2023-10-10
Fix Resolution: org.apache.tomcat:tomcat-util - 8.5.94,10.1.14,11.0.0-M12,10.0.0-M1;org.apache.tomcat.embed:tomcat-embed-core - 11.0.0-M12,8.5.94,9.0.81;org.apache.tomcat:tomcat-coyote - 8.5.94,10.0.0-M1,11.0.0-M12,10.1.14;org.apache.tomcat:tomcat-catalina - 8.5.94,10.0.0-M1,10.1.14,11.0.0-M12
CVE-2023-28708 (Reachable)
### Vulnerable Library - tomcat-embed-core-9.0.62.jarCore Tomcat implementation
Library home page: https://tomcat.apache.org/
Path to dependency file: /service/synapse-service-imperative/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/tomcat/embed/tomcat-embed-core/9.0.62/tomcat-embed-core-9.0.62.jar
Dependency Hierarchy: - synapse-data-postgres-0.3.32-SNAPSHOT.jar (Root Library) - spring-boot-starter-data-rest-2.7.4.jar - spring-boot-starter-web-2.7.4.jar - spring-boot-starter-tomcat-2.7.4.jar - :x: **tomcat-embed-core-9.0.62.jar** (Vulnerable Library)
Found in HEAD commit: 7b8cb47d60e217a5471918e15b838e9304037ddc
Found in base branch: develop
### Reachability Analysis This vulnerability is potentially reachable ``` io.americanexpress.synapse.api.rest.imperative.controller.exceptionhandler.ControllerExceptionHandler (Application) -> org.apache.catalina.connector.RequestFacade (Extension) -> org.apache.catalina.connector.Connector (Extension) -> org.apache.tomcat.util.net.SSLHostConfig (Extension) -> ❌ org.apache.tomcat.util.net.SSLHostConfigCertificate$Type (Vulnerable Component) ``` ### Vulnerability DetailsWhen using the RemoteIpFilter with requests received from a reverse proxy via HTTP that include the X-Forwarded-Proto header set to https, session cookies created by Apache Tomcat 11.0.0-M1 to 11.0.0.-M2, 10.1.0-M1 to 10.1.5, 9.0.0-M1 to 9.0.71 and 8.5.0 to 8.5.85 did not include the secure attribute. This could result in the user agent transmitting the session cookie over an insecure channel.
Publish Date: 2023-03-22
URL: CVE-2023-28708
### CVSS 3 Score Details (4.3)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: None - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://lists.apache.org/thread/hdksc59z3s7tm39x0pp33mtwdrt8qr67
Release Date: 2023-03-22
Fix Resolution: org.apache.tomcat:tomcat-catalina:8.5.86,9.0.72,10.1.6;org.apache.tomcat.embed/tomcat-embed-core:8.5.86,9.0.72,10.1.6
CVE-2022-45143 (Unreachable)
### Vulnerable Library - tomcat-embed-core-9.0.62.jarCore Tomcat implementation
Library home page: https://tomcat.apache.org/
Path to dependency file: /service/synapse-service-imperative/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/tomcat/embed/tomcat-embed-core/9.0.62/tomcat-embed-core-9.0.62.jar
Dependency Hierarchy: - synapse-data-postgres-0.3.32-SNAPSHOT.jar (Root Library) - spring-boot-starter-data-rest-2.7.4.jar - spring-boot-starter-web-2.7.4.jar - spring-boot-starter-tomcat-2.7.4.jar - :x: **tomcat-embed-core-9.0.62.jar** (Vulnerable Library)
Found in HEAD commit: 7b8cb47d60e217a5471918e15b838e9304037ddc
Found in base branch: develop
### Reachability AnalysisThe vulnerable code is unreachable
### Vulnerability DetailsThe JsonErrorReportValve in Apache Tomcat 8.5.83, 9.0.40 to 9.0.68 and 10.1.0-M1 to 10.1.1 did not escape the type, message or description values. In some circumstances these are constructed from user provided data and it was therefore possible for users to supply values that invalidated or manipulated the JSON output. Mend Note: After conducting further research, Mend has determined that versions 10.0.x of org.apache.tomcat:tomcat-catalina are vulnerable to CVE-2022-45143.
Publish Date: 2023-01-03
URL: CVE-2022-45143
### CVSS 3 Score Details (7.5)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: High - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://github.com/advisories/GHSA-rq2w-37h9-vg94
Release Date: 2023-01-03
Fix Resolution: org.apache.tomcat:tomcat-catalina:8.5.84,9.0.69,10.1.2, org.apache.tomcat.embed:tomcat-embed-core:8.5.84,9.0.69,10.1.2, org.apache.tomcat.experimental:tomcat-embed-programmatic:9.0.69,10.1.2
CVE-2023-41080 (Unreachable)
### Vulnerable Library - tomcat-embed-core-9.0.62.jarCore Tomcat implementation
Library home page: https://tomcat.apache.org/
Path to dependency file: /service/synapse-service-imperative/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/tomcat/embed/tomcat-embed-core/9.0.62/tomcat-embed-core-9.0.62.jar
Dependency Hierarchy: - synapse-data-postgres-0.3.32-SNAPSHOT.jar (Root Library) - spring-boot-starter-data-rest-2.7.4.jar - spring-boot-starter-web-2.7.4.jar - spring-boot-starter-tomcat-2.7.4.jar - :x: **tomcat-embed-core-9.0.62.jar** (Vulnerable Library)
Found in HEAD commit: 7b8cb47d60e217a5471918e15b838e9304037ddc
Found in base branch: develop
### Reachability AnalysisThe vulnerable code is unreachable
### Vulnerability DetailsURL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. The vulnerability is limited to the ROOT (default) web application.
Publish Date: 2023-08-25
URL: CVE-2023-41080
### CVSS 3 Score Details (6.1)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Changed - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://lists.apache.org/thread/71wvwprtx2j2m54fovq9zr7gbm2wow2f
Release Date: 2023-08-25
Fix Resolution: org.apache.tomcat:tomcat-catalina:8.5.93,9.0.80,10.1.13,11.0.0-M11, org.apache.tomcat.embed:tomcat-embed-core:8.5.93,9.0.80,10.1.13,11.0.0-M11
CVE-2023-34036 (Unreachable)
### Vulnerable Library - spring-hateoas-1.5.2.jarLibrary to support implementing representations for hyper-text driven REST web services.
Path to dependency file: /data/data-samples/sample-data-mysql-reactive-book/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/hateoas/spring-hateoas/1.5.2/spring-hateoas-1.5.2.jar
Dependency Hierarchy: - synapse-data-postgres-0.3.32-SNAPSHOT.jar (Root Library) - spring-boot-starter-data-rest-2.7.4.jar - spring-data-rest-webmvc-3.7.3.jar - spring-data-rest-core-3.7.3.jar - :x: **spring-hateoas-1.5.2.jar** (Vulnerable Library)
Found in HEAD commit: 7b8cb47d60e217a5471918e15b838e9304037ddc
Found in base branch: develop
### Reachability AnalysisThe vulnerable code is unreachable
### Vulnerability DetailsReactive web applications that use Spring HATEOAS to produce hypermedia-based responses might be exposed to malicious forwarded headers if they are not behind a trusted proxy that ensures correctness of such headers, or if they don't have anything else in place to handle (and possibly discard) forwarded headers either in WebFlux or at the level of the underlying HTTP server. For the application to be affected, it needs to satisfy the following requirements: * It needs to use the reactive web stack (Spring WebFlux) and Spring HATEOAS to create links in hypermedia-based responses. * The application infrastructure does not guard against clients submitting (X-)Forwarded… headers.
Publish Date: 2023-07-17
URL: CVE-2023-34036
### CVSS 3 Score Details (5.3)Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: Low - Availability Impact: None
For more information on CVSS3 Scores, click here. ### Suggested FixType: Upgrade version
Origin: https://github.com/advisories/GHSA-7m5c-fgwf-mwph
Release Date: 2023-07-17
Fix Resolution: org.springframework.hateoas:spring-hateoas:1.5.5,2.0.5,2.1.1