LY Corporation: Spring Actuator endpoints publicly available and broken authentication

Due to insufficient access control, it was possible to access the Spring Boot Actuator endpoints /heapdump and /env. @kazan71p identified two highly sensitive applications leaking information through these endpoints. The LINE Security team shutdown the secondary endpoints just as it was discovere...

Spring Boot Installed

Binary data pivotalsoftwarespringbootinstalled.nbin...

Stripo Inc: Open memory dump method leaking customer information ,secret keys , password , source code & admin accounts

Summary: Stripo uses Spring boot for the backend API development , and misconfigured the application to open actuator APIs to the public. This issue is found in 3 domains , don't know if I need to publish 3 reports for that, or just one report , but the domains are :...

XSS Vulnerability in Huaxia ERP System

Huaxia ERP based on the SpringBoot framework , SaaS model , aspires to provide small and medium-sized enterprises with open source good ERP software , currently focusing on sales and inventory + financial functions . Huaxia ERP system has an XSS vulnerability that can be exploited by attackers to...

ai.foremast.metrics:foremast-spring-boot-15x-starter (>=0.1.8 <=0.1.12), ai.snips:play-mongo-bson_2.12 (>=0.5 <=0.5.1) +6217 more potentially affected by CVE-2019-14439 via com.fasterxml.jackson.core:jackson-databind (>=2.8.0 <=2.8.11.3)

com.fasterxml.jackson.core:jackson-databind MAVEN version =2.8.0, =0.1.8, =0.5, =2.3.0, =1.5.6, =4.2.1, =4.4.1, =1.0.0.RELEASE, =0.4, =0.4, =0.4, =0.4, =0.4, =0.4, =0.4, =0.4, =0.9 and more Source cves: CVE-2019-14439 Source advisory: OSV:GHSA-GWP4-HFV6-P7HW...

aero.champ:cargojson (=1.0), ai.active:webhook-sdk (>=1.0.0 <=1.0.4) +30531 more potentially affected by CVE-2019-12384 via com.fasterxml.jackson.core:jackson-databind (>=2.9.0 <=2.9.9)

com.fasterxml.jackson.core:jackson-databind MAVEN version =2.9.0, =1.0.0, =4.4.0.0, =0.0.1, =0.0.6, =0.0.1, =local, =0.0.6, =0.0.1, =0.0.1, =0.0.6, =0.0.1, =0.1.2, =0.1.7 - ai.genauth:genauth-java-sdk =3.1.11 - ai.grakn.kgms:client =1.4.3 and more Source cves: CVE-2019-12384 Source advisory:...

ai.foremast.metrics:foremast-spring-boot-15x-starter (>=0.1.8 <=0.1.12), ai.snips:play-mongo-bson_2.12 (>=0.5 <=0.5.1) +6217 more potentially affected by CVE-2019-12384 via com.fasterxml.jackson.core:jackson-databind (>=2.8.0 <=2.8.11.3)

com.fasterxml.jackson.core:jackson-databind MAVEN version =2.8.0, =0.1.8, =0.5, =2.3.0, =1.5.6, =4.2.1, =4.4.1, =1.0.0.RELEASE, =0.4, =0.4, =0.4, =0.4, =0.4, =0.4, =0.4, =0.4, =0.9 and more Source cves: CVE-2019-12384 Source advisory: OSV:GHSA-MPH4-VHRX-MV67...

CVE-2019-9186

In several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default setting allowed remote attackers to execute code when the configuration is running, because a JMX server listens on all interfaces instead of listening on only the localhost interface. This issue has bee...

CVE-2019-9186

In several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default setting allowed remote attackers to execute code when the configuration is running, because a JMX server listens on all interfaces instead of listening on only the localhost interface. This issue has bee...

CVE-2019-9186

In several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default setting allowed remote attackers to execute code when the configuration is running, because a JMX server listens on all interfaces instead of listening on only the localhost interface. This issue has bee...

Default configuration

In several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default setting allowed remote attackers to execute code when the configuration is running, because a JMX server listens on all interfaces instead of listening on only the localhost interface. This issue has bee...

UBUNTU-CVE-2019-9186

In several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default setting allowed remote attackers to execute code when the configuration is running, because a JMX server listens on all interfaces instead of listening on only the localhost interface. This issue has bee...

CVE-2019-9186

In several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default setting allowed remote attackers to execute code when the configuration is running, because a JMX server listens on all interfaces instead of listening on only the localhost interface. This issue has bee...

CVE-2019-9186

In JetBrains IntelliJ IDEA, the Spring Boot run configuration could allow remote code execution because a JMX server listened on all network interfaces instead of only localhost. Affected versions were fixed in 2019.1, 2018.3.4, 2018.2.8, 2018.1.8, and 2017.3.7. The CVE is CVE-2019-9186. Public d...

ai.foremast.metrics:foremast-spring-boot-1x-k8s-metrics-starter (>=0.1.6 <=0.1.7), ai.foremast.metrics:foremast-spring-boot-k8s-metrics-starter (>=0.1.4-SB1X <=0.1.4-SB1X_6) +2588 more potentially affected by CVE-2019-11272 via org.springframework.security:spring-security-core (>=2.0.0 <=4.2.12.RELEASE)

org.springframework.security:spring-security-core MAVEN version =2.0.0, =0.1.6, =0.1.4-SB1X, =1.0.0, =1.0.0, =1.0.0, =1.1.0.RELEASE, =1.1.1, =1.3.1-RELEASE, =0.3.3, =0.1, =1.0.0, =1.2.1, =2.0.0, =3.0.3, =3.0.6 and more Source cves: CVE-2019-11272 Source advisory: OSV:GHSA-V33X-PRHC-GPH5...

ai.foremast.metrics:foremast-spring-boot-15x-starter (>=0.1.8 <=0.1.12), ai.snips:play-mongo-bson_2.12 (>=0.5 <=0.5.1) +6217 more potentially affected by CVE-2019-12086 via com.fasterxml.jackson.core:jackson-databind (>=2.8.0 <=2.8.11.3)

com.fasterxml.jackson.core:jackson-databind MAVEN version =2.8.0, =0.1.8, =0.5, =2.3.0, =1.5.6, =4.2.1, =4.4.1, =1.0.0.RELEASE, =0.4, =0.4, =0.4, =0.4, =0.4, =0.4, =0.4, =0.4, =0.9 and more Source cves: CVE-2019-12086 Source advisory: OSV:GHSA-5WW9-J83M-Q7QX...

com.okta.spring.examples:okta-spring-boot-cloud-config-example (>=1.0.0 <=1.1.0), com.yoozoo.protoconf:protoconf-java (>=0.2.2 <=0.2.3) +9 more potentially affected by CVE-2019-3799 via org.springframework.cloud:spring-cloud-config-server (>=2.0.0.RELEASE <=2.0.3.RELEASE)

org.springframework.cloud:spring-cloud-config-server MAVEN version =2.0.0.RELEASE, =1.0.0, =0.2.2, =1.0.2, =0.0.2, =Darwin.RELEASE, =0.2.1.RELEASE, =2.0.0.RELEASE, =2.0.3.RELEASE - xyz.weechang:moreco-cloud-config =0.0.1 Source cves: CVE-2019-3799 Source advisory: OSV:GHSA-4X49-W62V-76Q7...

VulnCheck KEV: CVE-2017-8046

Malicious PATCH requests submitted to servers using Spring Data REST versions prior to 2.6.9 Ingalls SR9, versions prior to 3.0.1 Kay SR1 and Spring Boot versions prior to 1.5.9, 2.0 M6 can use specially crafted JSON data to run arbitrary Java code...

xss vulnerability in jeeweb frontend

JeeWeb is an agile development system based on SpringBoot 2+Spring+Mybatis+Hibernate An xss vulnerability exists in the frontend of jeeweb, which can be exploited by an attacker to obtain an administrator cookie...

File Upload Vulnerability in Geek-Framework

Geek-Framework is built on the basis of SpringBoot, a Java foundation development framework . Geek-Framework has a file upload vulnerability that can be exploited by an attacker to gain control of a web server...