CVE-2020-5411

CVE-2020-5411 affects VMware Spring Batch (and IBM DRM aggregations) where Jackson default typing enables deserialization of untrusted data, potentially allowing arbitrary code execution if a malicious actor can write to the JobRepository data store. Connected advisories confirm the root cause: u...

CVE-2020-5411 Jackson Configuration Allows Code Execution with Unknown "Serialization Gadgets"

When configured to enable default typing, Jackson contained a deserialization vulnerability that could lead to arbitrary code execution. Jackson fixed this vulnerability by blacklisting known "deserialization gadgets". Spring Batch configures Jackson with global default typing enabled which means...

XSS Vulnerability in My-Blog-layui

My-Blog-layui by SpringBoot + Layui + Mybatis + Thymeleaf and other technologies to achieve the Java blog system . My-Blog-layui has an XSS vulnerability that can be exploited by attackers to obtain sensitive information such as user cookies...

Genesis has an XSS vulnerability

Genesis is based on Spring + Spring MVC + Mybatis to build the developer community , forum system . Genesis has an XSS vulnerability that can be exploited by an attacker to obtain sensitive information such as user cookies...

com.buession.cas:buession-cas-audit (>=2.0.0 <=2.2.1), com.buession.cas:buession-cas-captcha (>=2.0.0 <=2.2.1) +624 more potentially affected by CVE-2020-5407 via org.springframework.security:spring-security-core (>=5.3.0.RELEASE <=5.3.1.RELEASE)

org.springframework.security:spring-security-core MAVEN version =5.3.0.RELEASE, =2.0.0, =2.0.0, =1.1.1, =1.1.1, =2.0.0, =1.1.1, =2.3.0, =1.1.1, =2.0.0, =2.0.0, =1.3.0, =1.1.1, =1.1.1, =1.1.1, =2.0.0, =2.3.3 and more Source cves: CVE-2020-5407 Source advisory: OSV:GHSA-48RW-J489-928M...

Signature wrapping vulnerability in Spring Security

Spring Security versions 5.2.x prior to 5.2.4 and 5.3.x prior to 5.3.2 contain a signature wrapping vulnerability during SAML response validation. When using the spring-security-saml2-service-provider component, a malicious user can carefully modify an otherwise valid SAML response and append an...

ai.hyacinth.framework:core-service-gateway-server (=0.5.24), au.org.consumerdatastandards:data-holder (>=1.0.0 <=1.12.0) +1476 more potentially affected by CVE-2020-5407 via org.springframework.security:spring-security-core (>=5.2.0.RELEASE <=5.2.3.RELEASE)

org.springframework.security:spring-security-core MAVEN version =5.2.0.RELEASE, =1.0.0, =0.0.9, =0.0.9, =0.0.9, =0.0.9, =0.0.9, =0.0.9, =0.0.9, =0.0.9, =0.0.12 - br.com.damsete:logging =0.0.1 - cc.cc4414:cc-spring-auth-server =0.5.1 - cc.cc4414:cc-spring-resource-starter =0.5.1 -...

GHSA-48RW-J489-928M Signature wrapping vulnerability in Spring Security

Spring Security versions 5.2.x prior to 5.2.4 and 5.3.x prior to 5.3.2 contain a signature wrapping vulnerability during SAML response validation. When using the spring-security-saml2-service-provider component, a malicious user can carefully modify an otherwise valid SAML response and append an...

ai.hyacinth.framework:core-service-config-server (=0.5.24), cloud.altemista.fwk.framework:cloud-altemistafwk-documentation (=3.1.0.RELEASE) +36 more potentially affected by CVE-2020-5410 via org.springframework.cloud:spring-cloud-config-server (>=2.2.0.RELEASE <=2.2.2.RELEASE)

org.springframework.cloud:spring-cloud-config-server MAVEN version =2.2.0.RELEASE, =0.0.1-RELEASE, =1.1.1, =0.1.0, =0.2.0 and more Source cves: CVE-2020-5410 Source advisory: OSV:GHSA-32XF-JWMV-9HF3https://vulners...

ai.hyacinth.framework:core-service-config-server (>=0.5.0 <=0.5.21), com.alibaba.cloud:spring-cloud-alibaba-nacos-config-server (>=2.1.0.RELEASE <=2.1.1.RELEASE) +18 more potentially affected by CVE-2020-5410 via org.springframework.cloud:spring-cloud-config-server (>=2.1.0.RELEASE <=2.1.8.RELEASE)

org.springframework.cloud:spring-cloud-config-server MAVEN version =2.1.0.RELEASE, =0.5.0, =2.1.0.RELEASE, =1.2.0, =1.0.0, =6.0.1, =6.0.1, =6.0.1, =2.1.0.RELEASE, =2.1.0.RELEASE, =2.1.0.RELEASE, =2.1.0.RELEASE, =2.1.4.RELEASE - org.springframework.cloud.stream.app:python-jython-processor-ra...

GHSA-32XF-JWMV-9HF3 Directory traversal attack in Spring Cloud Config

Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted UR...

Directory traversal attack in Spring Cloud Config

Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted UR...

ai.hyacinth.framework:core-service-config-server (>=0.5.0 <=0.5.21), com.alibaba.cloud:spring-cloud-alibaba-nacos-config-server (>=2.1.0.RELEASE <=2.1.1.RELEASE) +17 more potentially affected by CVE-2020-5405 via org.springframework.cloud:spring-cloud-config-server (>=2.1.0.RELEASE <=2.1.6.RELEASE)

org.springframework.cloud:spring-cloud-config-server MAVEN version =2.1.0.RELEASE, =0.5.0, =2.1.0.RELEASE, =1.2.0, =1.0.0, =6.0.1, =6.0.1, =6.0.1, =2.1.0.RELEASE, =2.1.0.RELEASE, =2.1.0.RELEASE, =2.1.0.RELEASE, =2.1.0.RELEASE, =2.1.4.RELEASE - org.springframework.cloud.stream.app:spring-...

GHSA-G86W-V5VG-9GXF Directory traversal attack in Spring Cloud Config

Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x prior to 2.1.7, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted UR...

Directory traversal attack in Spring Cloud Config

Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x prior to 2.1.7, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted UR...

ai.hyacinth.framework:core-service-config-server (=0.5.24), cloud.altemista.fwk.framework:cloud-altemistafwk-documentation (=3.1.0.RELEASE) +12 more potentially affected by CVE-2020-5405 via org.springframework.cloud:spring-cloud-config-server (>=2.2.0.RELEASE <=2.2.1.RELEASE)

org.springframework.cloud:spring-cloud-config-server MAVEN version =2.2.0.RELEASE, =0.0.1-RELEASE, =6.2.0-RC1, =6.2.0-RC1, =2.2.0.RELEASE, =2.2.0.RELEASE, =2.2.1.RELEASE Source cves: CVE-2020-5405 Source advisory: OSV...

Unauthorized Access Vulnerability in Blog-System Personal Blog System Backend

Blog-System personal blog system based on Spring Spring MVC Mybatis Maven way to build. Blog-System personal blog system background unauthorized access vulnerability, attackers can use the vulnerability to directly access the system background functional pages...

XSS Vulnerability in Blog-System Personal Blog System

Blog-System personal blog system based on Spring Spring MVC Mybatis Maven way to build. Blog-System personal blog system has an XSS vulnerability that can be exploited by attackers to obtain user cookie information...

GitHub Security Lab: CodeQL query to detect open Spring Boot actuator endpoints

This bug was reported directly to GitHub Security Lab...

Important: Red Hat Security Advisory: Red Hat support for Spring Boot 2.1.13 security and bug fix update

An update is now available for Red Hat OpenShift Application Runtimes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...