shaimael / easybuggy

Apache License 2.0
0 stars 0 forks source link

esapi-2.1.0.1.jar: 20 vulnerabilities (highest severity is: 9.8) #5

Open mend-for-github-com[bot] opened 2 years ago

mend-for-github-com[bot] commented 2 years ago
Vulnerable Library - esapi-2.1.0.1.jar

The Enterprise Security API (ESAPI) project is an OWASP project to create simple strong security controls for every web platform. Security controls are not simple to build. You can read about the hundreds of pitfalls for unwary developers on the OWASP web site. By providing developers with a set of strong controls, we aim to eliminate some of the complexity of creating secure web applications. This can result in significant cost savings across the SDLC.

Library home page: https://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API

Path to dependency file: /pom.xml

Path to vulnerable library: /repository/org/owasp/esapi/esapi/2.1.0.1/esapi-2.1.0.1.jar

Found in HEAD commit: 36642c44fb0c9a97413207864708fd2e88e229b9

Vulnerabilities

CVE Severity CVSS Dependency Type Fixed in Remediation Available
CVE-2016-1000031 High 9.8 commons-fileupload-1.3.1.jar Transitive N/A
CVE-2016-2510 High 8.1 bsh-core-2.0b4.jar Transitive N/A
CVE-2016-3092 High 7.5 commons-fileupload-1.3.1.jar Transitive N/A
CVE-2022-23457 High 7.5 esapi-2.1.0.1.jar Direct org.owasp.esapi:esapi:2.3.0.0
CVE-2022-24839 High 7.5 nekohtml-1.9.16.jar Transitive N/A
CVE-2012-0881 High 7.5 xercesImpl-2.8.0.jar Transitive N/A
WS-2014-0034 High 7.5 commons-fileupload-1.3.1.jar Transitive N/A
CVE-2014-0107 High 7.3 xalan-2.7.0.jar Transitive N/A
CVE-2019-10086 High 7.3 commons-beanutils-core-1.8.3.jar Transitive N/A
CVE-2014-0114 High 7.3 commons-beanutils-core-1.8.3.jar Transitive N/A
CVE-2022-23437 Medium 6.5 xercesImpl-2.8.0.jar Transitive N/A
CVE-2016-10006 Medium 6.1 antisamy-1.5.3.jar Transitive N/A
CVE-2022-28367 Medium 6.1 antisamy-1.5.3.jar Transitive N/A
CVE-2022-29577 Medium 6.1 antisamy-1.5.3.jar Transitive N/A
CVE-2021-35043 Medium 6.1 antisamy-1.5.3.jar Transitive N/A
CVE-2017-14735 Medium 6.1 antisamy-1.5.3.jar Transitive N/A
CVE-2013-4002 Medium 5.9 xercesImpl-2.8.0.jar Transitive N/A
CVE-2009-2625 Medium 5.3 xercesImpl-2.8.0.jar Transitive N/A
CVE-2012-5783 Medium 4.8 commons-httpclient-3.1.jar Transitive N/A
CVE-2021-29425 Medium 4.8 commons-io-2.2.jar Transitive N/A

Details

Partial details (15 vulnerabilities) are displayed below due to a content size limitation in GitHub. To view information on the remaining vulnerabilities, navigate to the WhiteSource Application.

CVE-2016-1000031 ### Vulnerable Library - commons-fileupload-1.3.1.jar

The Apache Commons FileUpload component provides a simple yet flexible means of adding support for multipart file upload functionality to servlets and web applications.

Library home page: http://commons.apache.org/proper/commons-fileupload/

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-fileupload/commons-fileupload/1.3.1/commons-fileupload-1.3.1.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - :x: **commons-fileupload-1.3.1.jar** (Vulnerable Library)

Found in HEAD commit: 36642c44fb0c9a97413207864708fd2e88e229b9

Found in base branch: master

### Vulnerability Details

Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution

Publish Date: 2016-10-25

URL: CVE-2016-1000031

### CVSS 3 Score Details (9.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000031

Release Date: 2016-10-25

Fix Resolution: 1.3.3

CVE-2016-2510 ### Vulnerable Library - bsh-core-2.0b4.jar

BeanShell core

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/beanshell/bsh-core/2.0b4/bsh-core-2.0b4.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - :x: **bsh-core-2.0b4.jar** (Vulnerable Library)

Found in HEAD commit: 36642c44fb0c9a97413207864708fd2e88e229b9

Found in base branch: master

### Vulnerability Details

BeanShell (bsh) before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to execute arbitrary code via crafted serialized data, related to XThis.Handler.

Publish Date: 2016-04-07

URL: CVE-2016-2510

### CVSS 3 Score Details (8.1)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2016-2510

Release Date: 2016-04-07

Fix Resolution: 2.0b6

CVE-2016-3092 ### Vulnerable Library - commons-fileupload-1.3.1.jar

The Apache Commons FileUpload component provides a simple yet flexible means of adding support for multipart file upload functionality to servlets and web applications.

Library home page: http://commons.apache.org/proper/commons-fileupload/

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-fileupload/commons-fileupload/1.3.1/commons-fileupload-1.3.1.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - :x: **commons-fileupload-1.3.1.jar** (Vulnerable Library)

Found in HEAD commit: 36642c44fb0c9a97413207864708fd2e88e229b9

Found in base branch: master

### Vulnerability Details

The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.

Publish Date: 2016-07-04

URL: CVE-2016-3092

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3092

Release Date: 2016-07-04

Fix Resolution: org.apache.tomcat.embed:tomcat-embed-core:9.0.0.M8,8.5.3,8.0.36,7.0.70,org.apache.tomcat:tomcat-coyote:9.0.0.M8,8.5.3,8.0.36,7.0.70,commons-fileupload:commons-fileupload:1.3.2

CVE-2022-23457 ### Vulnerable Library - esapi-2.1.0.1.jar

The Enterprise Security API (ESAPI) project is an OWASP project to create simple strong security controls for every web platform. Security controls are not simple to build. You can read about the hundreds of pitfalls for unwary developers on the OWASP web site. By providing developers with a set of strong controls, we aim to eliminate some of the complexity of creating secure web applications. This can result in significant cost savings across the SDLC.

Library home page: https://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API

Path to dependency file: /pom.xml

Path to vulnerable library: /repository/org/owasp/esapi/esapi/2.1.0.1/esapi-2.1.0.1.jar

Dependency Hierarchy: - :x: **esapi-2.1.0.1.jar** (Vulnerable Library)

Found in HEAD commit: 36642c44fb0c9a97413207864708fd2e88e229b9

Found in base branch: master

### Vulnerability Details

ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Prior to version 2.3.0.0, the default implementation of `Validator.getValidDirectoryPath(String, String, File, boolean)` may incorrectly treat the tested input string as a child of the specified parent directory. This potentially could allow control-flow bypass checks to be defeated if an attack can specify the entire string representing the 'input' path. This vulnerability is patched in release 2.3.0.0 of ESAPI. As a workaround, it is possible to write one's own implementation of the Validator interface. However, maintainers do not recommend this.

Publish Date: 2022-04-25

URL: CVE-2022-23457

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://github.com/ESAPI/esapi-java-legacy/security/advisories/GHSA-8m5h-hrqm-pxm2

Release Date: 2022-04-25

Fix Resolution: org.owasp.esapi:esapi:2.3.0.0

:rescue_worker_helmet: Automatic Remediation is available for this issue
CVE-2022-24839 ### Vulnerable Library - nekohtml-1.9.16.jar

An HTML parser and tag balancer.

Library home page: http://nekohtml.sourceforge.net/

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/net/sourceforge/nekohtml/nekohtml/1.9.16/nekohtml-1.9.16.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - antisamy-1.5.3.jar - :x: **nekohtml-1.9.16.jar** (Vulnerable Library)

Found in HEAD commit: 36642c44fb0c9a97413207864708fd2e88e229b9

Found in base branch: master

### Vulnerability Details

org.cyberneko.html is an html parser written in Java. The fork of `org.cyberneko.html` used by Nokogiri (Rubygem) raises a `java.lang.OutOfMemoryError` exception when parsing ill-formed HTML markup. Users are advised to upgrade to `>= 1.9.22.noko2`. Note: The upstream library `org.cyberneko.html` is no longer maintained. Nokogiri uses its own fork of this library located at https://github.com/sparklemotion/nekohtml and this CVE applies only to that fork. Other forks of nekohtml may have a similar vulnerability.

Publish Date: 2022-04-11

URL: CVE-2022-24839

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://github.com/sparklemotion/nekohtml/security/advisories/GHSA-9849-p7jc-9rmv

Release Date: 2022-04-11

Fix Resolution: net.sourceforge.nekohtml:nekohtml:1.9.22.noko2

CVE-2012-0881 ### Vulnerable Library - xercesImpl-2.8.0.jar

Xerces2 is the next generation of high performance, fully compliant XML parsers in the Apache Xerces family. This new version of Xerces introduces the Xerces Native Interface (XNI), a complete framework for building parser components and configurations that is extremely modular and easy to program.

Library home page: http://xerces.apache.org/xerces2-j

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/xerces/xercesImpl/2.8.0/xercesImpl-2.8.0.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - xom-1.2.5.jar - :x: **xercesImpl-2.8.0.jar** (Vulnerable Library)

Found in HEAD commit: 36642c44fb0c9a97413207864708fd2e88e229b9

Found in base branch: master

### Vulnerability Details

Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service (CPU consumption) via a crafted message to an XML service, which triggers hash table collisions.

Publish Date: 2017-10-30

URL: CVE-2012-0881

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0881

Release Date: 2017-10-30

Fix Resolution: xerces:xercesImpl:2.12.0

WS-2014-0034 ### Vulnerable Library - commons-fileupload-1.3.1.jar

The Apache Commons FileUpload component provides a simple yet flexible means of adding support for multipart file upload functionality to servlets and web applications.

Library home page: http://commons.apache.org/proper/commons-fileupload/

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-fileupload/commons-fileupload/1.3.1/commons-fileupload-1.3.1.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - :x: **commons-fileupload-1.3.1.jar** (Vulnerable Library)

Found in HEAD commit: 36642c44fb0c9a97413207864708fd2e88e229b9

Found in base branch: master

### Vulnerability Details

The class FileUploadBase in Apache Commons Fileupload before 1.4 has potential resource leak - InputStream not closed on exception.

Publish Date: 2014-02-17

URL: WS-2014-0034

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: None - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://github.com/apache/commons-fileupload/commit/5b4881d7f75f439326f54fa554a9ca7de6d60814

Release Date: 2014-02-17

Fix Resolution: 1.4

CVE-2014-0107 ### Vulnerable Library - xalan-2.7.0.jar

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/xalan/xalan/2.7.0/xalan-2.7.0.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - xom-1.2.5.jar - :x: **xalan-2.7.0.jar** (Vulnerable Library)

Found in HEAD commit: 36642c44fb0c9a97413207864708fd2e88e229b9

Found in base branch: master

### Vulnerability Details

The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function.

Publish Date: 2014-04-15

URL: CVE-2014-0107

### CVSS 3 Score Details (7.3)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: Low

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0107

Release Date: 2014-04-15

Fix Resolution: 2.7.2

CVE-2019-10086 ### Vulnerable Library - commons-beanutils-core-1.8.3.jar

The Apache Software Foundation provides support for the Apache community of open-source software projects. The Apache projects are characterized by a collaborative, consensus based development process, an open and pragmatic software license, and a desire to create high quality software that leads the way in its field. We consider ourselves not simply a group of projects sharing a server, but rather a community of developers and users.

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-beanutils/commons-beanutils-core/1.8.3/commons-beanutils-core-1.8.3.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - :x: **commons-beanutils-core-1.8.3.jar** (Vulnerable Library)

Found in HEAD commit: 36642c44fb0c9a97413207864708fd2e88e229b9

Found in base branch: master

### Vulnerability Details

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.

Publish Date: 2019-08-20

URL: CVE-2019-10086

### CVSS 3 Score Details (7.3)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: Low

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://github.com/victims/victims-cve-db/commit/16a669c84d95bbbd4294f30e609049a36700847f

Release Date: 2019-08-20

Fix Resolution: commons-beanutils:commons-beanutils:1.9.4

CVE-2014-0114 ### Vulnerable Library - commons-beanutils-core-1.8.3.jar

The Apache Software Foundation provides support for the Apache community of open-source software projects. The Apache projects are characterized by a collaborative, consensus based development process, an open and pragmatic software license, and a desire to create high quality software that leads the way in its field. We consider ourselves not simply a group of projects sharing a server, but rather a community of developers and users.

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-beanutils/commons-beanutils-core/1.8.3/commons-beanutils-core-1.8.3.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - :x: **commons-beanutils-core-1.8.3.jar** (Vulnerable Library)

Found in HEAD commit: 36642c44fb0c9a97413207864708fd2e88e229b9

Found in base branch: master

### Vulnerability Details

Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.

Publish Date: 2014-04-30

URL: CVE-2014-0114

### CVSS 3 Score Details (7.3)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: Low

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0114

Release Date: 2014-04-30

Fix Resolution: commons-beanutils:commons-beanutils:1.9.4;org.apache.struts:struts2-core:2.0.5

CVE-2022-23437 ### Vulnerable Library - xercesImpl-2.8.0.jar

Xerces2 is the next generation of high performance, fully compliant XML parsers in the Apache Xerces family. This new version of Xerces introduces the Xerces Native Interface (XNI), a complete framework for building parser components and configurations that is extremely modular and easy to program.

Library home page: http://xerces.apache.org/xerces2-j

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/xerces/xercesImpl/2.8.0/xercesImpl-2.8.0.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - xom-1.2.5.jar - :x: **xercesImpl-2.8.0.jar** (Vulnerable Library)

Found in HEAD commit: 36642c44fb0c9a97413207864708fd2e88e229b9

Found in base branch: master

### Vulnerability Details

There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolonged duration. This vulnerability is present within XercesJ version 2.12.1 and the previous versions.

Publish Date: 2022-01-24

URL: CVE-2022-23437

### CVSS 3 Score Details (6.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://github.com/advisories/GHSA-h65f-jvqw-m9fj

Release Date: 2022-01-24

Fix Resolution: xerces:xercesImpl:2.12.2

CVE-2016-10006 ### Vulnerable Library - antisamy-1.5.3.jar

The OWASP AntiSamy project is a collection of APIs for safely allowing users to supply their own HTML and CSS without exposing the site to XSS vulnerabilities.

Library home page: http://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/owasp/antisamy/antisamy/1.5.3/antisamy-1.5.3.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - :x: **antisamy-1.5.3.jar** (Vulnerable Library)

Found in HEAD commit: 36642c44fb0c9a97413207864708fd2e88e229b9

Found in base branch: master

### Vulnerability Details

In OWASP AntiSamy before 1.5.5, by submitting a specially crafted input (a tag that supports style with active content), you could bypass the library protections and supply executable code. The impact is XSS.

Publish Date: 2016-12-24

URL: CVE-2016-10006

### CVSS 3 Score Details (6.1)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Changed - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10006

Release Date: 2016-12-24

Fix Resolution: 1.5.5

CVE-2022-28367 ### Vulnerable Library - antisamy-1.5.3.jar

The OWASP AntiSamy project is a collection of APIs for safely allowing users to supply their own HTML and CSS without exposing the site to XSS vulnerabilities.

Library home page: http://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/owasp/antisamy/antisamy/1.5.3/antisamy-1.5.3.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - :x: **antisamy-1.5.3.jar** (Vulnerable Library)

Found in HEAD commit: 36642c44fb0c9a97413207864708fd2e88e229b9

Found in base branch: master

### Vulnerability Details

OWASP AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets (CSS) content.

Publish Date: 2022-04-21

URL: CVE-2022-28367

### CVSS 3 Score Details (6.1)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Changed - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28367

Release Date: 2022-04-21

Fix Resolution: org.owasp.antisamy:antisamy - 1.6.6

CVE-2022-29577 ### Vulnerable Library - antisamy-1.5.3.jar

The OWASP AntiSamy project is a collection of APIs for safely allowing users to supply their own HTML and CSS without exposing the site to XSS vulnerabilities.

Library home page: http://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/owasp/antisamy/antisamy/1.5.3/antisamy-1.5.3.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - :x: **antisamy-1.5.3.jar** (Vulnerable Library)

Found in HEAD commit: 36642c44fb0c9a97413207864708fd2e88e229b9

Found in base branch: master

### Vulnerability Details

OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets (CSS) content. NOTE: this issue exists because of an incomplete fix for CVE-2022-28367.

Publish Date: 2022-04-21

URL: CVE-2022-29577

### CVSS 3 Score Details (6.1)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Changed - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29577

Release Date: 2022-04-21

Fix Resolution: org.owasp.antisamy:antisamy - 1.6.7

CVE-2021-35043 ### Vulnerable Library - antisamy-1.5.3.jar

The OWASP AntiSamy project is a collection of APIs for safely allowing users to supply their own HTML and CSS without exposing the site to XSS vulnerabilities.

Library home page: http://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project

Path to dependency file: /pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/owasp/antisamy/antisamy/1.5.3/antisamy-1.5.3.jar

Dependency Hierarchy: - esapi-2.1.0.1.jar (Root Library) - :x: **antisamy-1.5.3.jar** (Vulnerable Library)

Found in HEAD commit: 36642c44fb0c9a97413207864708fd2e88e229b9

Found in base branch: master

### Vulnerability Details

OWASP AntiSamy before 1.6.4 allows XSS via HTML attributes when using the HTML output serializer (XHTML is not affected). This was demonstrated by a javascript: URL with : as the replacement for the : character.

Publish Date: 2021-07-19

URL: CVE-2021-35043

### CVSS 3 Score Details (6.1)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Changed - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: None

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35043

Release Date: 2021-07-19

Fix Resolution: org.owasp.antisamy:antisamy:1.6.4


:rescue_worker_helmet: Automatic Remediation is available for this issue.

mend-for-github-com[bot] commented 2 years ago

:heavy_check_mark: This issue was automatically closed by WhiteSource because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the WhiteSource inventory.

mend-for-github-com[bot] commented 2 years ago

:information_source: This issue was automatically re-opened by WhiteSource because the vulnerable library in the specific branch(es) has been detected in the WhiteSource inventory.

mend-for-github-com[bot] commented 2 years ago

:heavy_check_mark: This issue was automatically closed by WhiteSource because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the WhiteSource inventory.

mend-for-github-com[bot] commented 2 years ago

:information_source: This issue was automatically re-opened by WhiteSource because the vulnerable library in the specific branch(es) has been detected in the WhiteSource inventory.