245 matches found
GHSA-FJW4-39PG-VF4F Apache Karaf vulnerable to relative path traversal
Apache Karaf Config service provides a install method via service or MBean that could be used to travel in any directory and overwrite existing file. The vulnerability is low if the Karaf process user has limited permission on the filesystem. Any Apache Karaf version before 4.2.5 is impacted. Use...
This Week in Spring - May 24th, 2022
Hi, Spring fans! Im in Spain for business and not just a little pleasure. Yesterday, my partner, her mother, and I went to Formentera, Spain, a little island off of Ibiza, Spain. It was amazing. Were now in Ibiza, Spain, which is a little island not far from Barcelona, Spain, on the mainland of...
CVE-2022-0866
This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. In particular, the org.jboss.as.ejb3.component.EJBComponent class has an incomingRunAsIdentity field. This field is used by the...
berkano:bean-displaytag (>=20050615.234814 <=20050616.015551), berkano:berkano-util (>=20050725.114415 <=dev-20050723) +28 more potentially affected by CVE-2007-4556 via opensymphony:xwork (>=1.0.3 <=1.2.2)
opensymphony:xwork MAVEN version =1.0.3, =20050615.234814, =20050725.114415, =2.1.5, =1.1.3, =1.0-alpha-1, =1.1-beta-1, =1.1-beta-1, =1.0-beta-2, =1.0-beta-3 - org.codehaus.jet:jet-web-engine =1.0-beta-2 and more Source cves: CVE-2007-4556 Source advisory: OSV:GHSA-H7MF-QRM9-2848...
Exploit for Code Injection in Vmware Spring_Framework
漏洞简介 最近spring爆出重磅级CVE漏洞,cve信息显示"A Spring MVC or Spring WebFl...
ai.h2o:h2o-clustering (>=3.32.1.1 <=3.44.0.2), ai.h2o:h2o-k8s (>=3.30.0.2 <=3.44.0.2) +212 more potentially affected by CVE-2022-21230 via org.nanohttpd:nanohttpd (>=2.2.0 <=2.3.1)
org.nanohttpd:nanohttpd MAVEN version =2.2.0, =3.32.1.1, =3.30.0.2, =3.34.0.3, =1.0.0, =1.0.0, =1.0.0, =3.8, =1.0, =1.1, =0.2.22, =0.2.22, =0.4.15 and more Source cves: CVE-2022-21230 Source advisory: SNYK:JAVA-ORGNANOHTTPD-2422798...
GHSA-WFJ5-2MQR-7JVV Expression Language Injection in Netflix Conductor
Netflix Conductor uses Java Bean Validation JSR 380 custom constraint validators. When building custom constraint violation error messages, different types of interpolation are supported, including Java EL expressions. If an attacker can inject arbitrary data in the error message template being...
Expression Language Injection in Netflix Conductor
Netflix Conductor uses Java Bean Validation JSR 380 custom constraint validators. When building custom constraint violation error messages, different types of interpolation are supported, including Java EL expressions. If an attacker can inject arbitrary data in the error message template being...
Apache Pluto 跨站脚本漏洞
A cross-site scripting vulnerability exists in the Apache Pluto Applicant MVCBean CDI portlet, which stems from the Apache Pluto Applicant MVCBean CDI runtime environment. portlet is vulnerable to cross-site scripting XSS attacks in the input fields of the JSP version of the portlet. No details o...
CVE-2021-31599
An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. A reports .prpt file allows the inclusion of BeanShell scripts to ease the production of complex reports. An authenticated user can run arbitrary code...
Primekey Solutions PrimeKey EJBCA 安全漏洞
Primekey Solutions PrimeKey EJBCA is a full-featured CA system software from PrimeKey Solutions Primekey Solutions, Sweden. The software is used for domain certificate management, enrollment and enrollment-to-certificate validation and other functions to achieve access security. A security...
Beanshooter - JMX Enumeration And Attacking Tool
Beanshooter is a command line tool written in Java , which helps to identify common vulnerabilities on JMX endpoints. Introduction JMX stands for Java Management Extensions and can be used to monitor and configure the Java Virtual Machine from remote. Applications like tomcat or JBoss are often...
PT-2021-19956 · Apache · Apache Dubbo
Name of the Vulnerable Software and Affected Versions: Apache Dubbo versions prior to 2.6.10 and 2.7.10 Description: Apache Dubbo is a Java-based, open-source RPC framework. The issue concerns pre-auth remote code execution via arbitrary bean manipulation in the Telnet handler. The Dubbo main...
CVE-2021-21244
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, There is a vulnerability that enabled pre-auth server side template injection via Bean validation message tampering. Full details in the reference GHSA. This issue was fixed in 4.0.3 by disabling validation interpolation...
Input validation
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, There is a vulnerability that enabled pre-auth server side template injection via Bean validation message tampering. Full details in the reference GHSA. This issue was fixed in 4.0.3 by disabling validation interpolation...
CVE-2021-21244 Pre-Auth SSTI via Bean validation message tampering
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, There is a vulnerability that enabled pre-auth server side template injection via Bean validation message tampering. Full details in the reference GHSA. This issue was fixed in 4.0.3 by disabling validation interpolation...
PT-2021-14354 · Onedev · Onedev
Name of the Vulnerable Software and Affected Versions: OneDev versions prior to 4.0.3 Description: The issue is related to a pre-auth server side template injection via Bean validation message tampering in OneDev, an all-in-one devops platform. This was fixed in version 4.0.3 by disabling...
Theonedev Onedev 代码代码注入漏洞
Theonedev Onedev is a JAVA-based all-in-one DevOps platform from the Theonedev team. The platform supports container build, orchestration, CI, Git management, team collaboration and other features to help developers build a simple, powerful development platform. Theonedev An injection vulnerabili...
UBUNTU-CVE-2021-23926
The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include possibilities for XML Entity Expansion attacks. Affects XMLBeans up to and including v2.6.0...
GHSA-WMFG-55F9-J8HQ Server-Side Template Injection
Impact A Server-Side Template Injection was identified in BrowserUp Proxy enabling attackers to inject arbitrary Java EL expressions, leading to unauthenticated Remote Code Execution RCE vulnerability. This has been assigned CVE-2020-26282. Patches Effective Immediately, all users should upgrade ...