CVE-2020-7226 Description CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within the header of encoded data. Mitigation We recommend upgrading to a version of this component that is not vulnerable to this specific issue. Note: If this component is included as a bundled/transitive dependency of another component, there may not be an upgrade path. In this instance, we recommend contacting the maintainers who included the vulnerable package. Alternatively, we recommend investigating…

CVE-2020-6950 Description Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter. Related links: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-6950 https://bugs.eclipse.org/bugs/show_bug.cgi?id=550943 https://github.com/eclipse-ee4j/mojarra/issues/4571 https://github.com/eclipse-ee4j/mojarra/pull/4629 Project Category n/a Tags data Date Disclosed 2021-06-02 Date Discovered 2020-01-13 JTVCYnJhbmNoX2xpc3QlNUQlNUIlMkZicmFuY2hfbGlzdCU1RA== Feel Vulnerable?  Contact us so we can help you.

CVE-2020-36518 Description jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. Mitigation We recommend upgrading to a version of this component that is not vulnerable to this specific issue. Note: If this component is included as a bundled/transitive dependency of another component, there may not be an upgrade path. In this instance, we recommend contacting the maintainers who included the vulnerable package. Alternatively, we recommend investigating alternative components or a potential mitigating control. Related links: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-36518 https://github.com/FasterXML/jackson-databind/issues/2816 Project Category n/a Tags data Date Disclosed 2022-03-11 Date Discovered 2022-03-11 JTVCYnJhbmNoX2xpc3QlNUQlNUIlMkZicmFuY2hfbGlzdCU1RA== Feel…

CVE-2020-26939 Description In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inputs. This occurs in org.bouncycastle.crypto.encodings.OAEPEncoding. Sending invalid ciphertext that decrypts to a short payload in the OAEP Decoder could result in the throwing of an early exception, potentially leaking some information about the private exponent of the RSA private key performing the encryption. Mitigation We recommend upgrading to a version of this component that is not vulnerable to this specific issue. Note: If this component is included as…

CVE-2020-15522 Description Bouncy Castle BC Java before 1.66, BC C# .NET before 1.8.7, BC-FJA before 1.0.1.2, 1.0.2.1, and BC-FNA before 1.0.1.1 have a timing issue within the EC math library that can expose information about the private key when an attacker is able to observe timing information for the generation of multiple deterministic ECDSA signatures. Mitigation We recommend upgrading to a version of this component that is not vulnerable to this specific issue. Note: If this component is included as a bundled/transitive dependency of another component, there may not be an upgrade path. In this instance, we recommend contacting the…

CVE-2019-8331 Description In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute. Mitigation We recommend upgrading to a version of this component that is not vulnerable to this specific issue. Note: If this component is included as a bundled/transitive dependency of another component, there may not be an upgrade path. In this instance, we recommend contacting the maintainers who included the vulnerable package. Alternatively, we recommend investigating alternative components or a potential mitigating control. Related links: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-8331 https://github.com/twbs/bootstrap/pull/28236 https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/ Project Category n/a Tags data Date Disclosed 2019-02-20 Date Discovered 2019-02-13 JTVCYnJhbmNoX2xpc3QlNUQlNUIlMkZicmFuY2hfbGlzdCU1RA== Feel…

CVE-2019-17359 Description The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. This is fixed in 1.64. Mitigation We recommend upgrading to a version of this component that is not vulnerable to this specific issue. Note: If this component is included as a bundled/transitive dependency of another component, there may not be an upgrade path. In this instance, we recommend contacting the maintainers who included the vulnerable package. Alternatively, we recommend investigating alternative components or a potential mitigating control. Related links: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-17359 https://bugzilla.suse.com/show_bug.cgi?id=CVE-2019-17359 https://www.bouncycastle.org/releasenotes.html…

CVE-2019-17267 Description A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup. Mitigation *Update*: As of version 2.10.0, Jackson now provides a safe default typing solution that fully mitigates this vulnerability. Reference: (https://medium.com/@cowtowncoder/jackson-2-10-features-cd880674d8a2) In order to mitigate this vulnerability, we recommend upgrading to at least version 2.10.0 and changing any usages of `enableDefaultTyping()` to `activateDefaultTyping()`. Alternatively, if upgrading is not a viable option, this vulnerability can be mitigated by disabling default typing. Instead, you will need to implement your own: >It is also possible to customize global defaulting, using ObjectMapper.setDefaultTyping(...) -- you just have…

CVE-2019-17091 Description faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces before 2.2.20, allows Reflected XSS because a client window field is mishandled. Mitigation We recommend upgrading to a version of this component that is not vulnerable to this specific issue. Note: If this component is included as a bundled/transitive dependency of another component, there may not be an upgrade path. In this instance, we recommend contacting the maintainers who included the vulnerable package. Alternatively, we recommend investigating alternative components or a potential mitigating control. Related links: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-17091 https://bugs.eclipse.org/bugs/show_bug.cgi?id=548244 https://github.com/eclipse-ee4j/mojarra/issues/4556 https://github.com/eclipse-ee4j/mojarra/pull/4567 Project…

CVE-2019-16335 Description A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540. Mitigation *Update*: As of version 2.10.0, Jackson now provides a safe default typing solution that fully mitigates this vulnerability. Reference: (https://medium.com/@cowtowncoder/jackson-2-10-features-cd880674d8a2) We recommend upgrading to a version of this component that is not vulnerable to this specific issue. Related links: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-16335 https://github.com/FasterXML/jackson-databind/issues/2449 https://blog.sonatype.com/jackson-databind-remote-code-execution https://blog.sonatype.com/jackson-databind-the-end-of-the-blacklist Project Category n/a Tags data Date Disclosed 2019-09-15 Date Discovered 2019-09-15 JTVCYnJhbmNoX2xpc3QlNUQlNUIlMkZicmFuY2hfbGlzdCU1RA== Feel Vulnerable?  Contact us so we can help you.