CVE-2018-8034 Description The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88. Mitigation If SSL is necessary, we recommend upgrading to a version of this component that is not vulnerable to this specific issue. Related links: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8034 http://tomcat.apache.org/security-7.html http://tomcat.apache.org/security-8.html http://tomcat.apache.org/security-9.html Project Category Security Constraint Bypass Tags data functional Date Disclosed 2018-07-22 Date Discovered 2018-03-09 JTVCYnJhbmNoX2xpc3QlNUQlNUIlMkZicmFuY2hfbGlzdCU1RA== Feel Vulnerable? Contact us so we can help you.
Read More
CVE-2018-8031 Description The Apache TomEE console (tomee-webapp) has a XSS vulnerability which could allow javascript to be executed if the user is given a malicious URL. This web application is typically used to add TomEE features to a Tomcat installation. The TomEE bundles do not ship with this application included. This issue can be mitigated by removing the application after TomEE is setup (if using the application to install TomEE), using one of the provided pre-configured bundles, or by upgrading to TomEE 7.0.5. This issue is resolve in this commit: b8bbf50c23ce97dd64f3a5d77f78f84e47579863. Mitigation We recommend upgrading to a version of this…
Read More
CVE-2018-8027 Description Apache Camel 2.20.0 to 2.20.3 and 2.21.0 Core is vulnerable to XXE in XSD validation processor. Mitigation We recommend upgrading to a version of this component that is not vulnerable to this specific issue. Related links: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8027 https://issues.apache.org/jira/browse/CAMEL-10894 https://issues.apache.org/jira/browse/CAMEL-12444 https://lists.apache.org/thread.html/77f596fc63e63c2e9adcff3c34759b32c225cf0b582aedb755adaade@%3Cdev.camel.apache.org%3E Project Category XML External Entity Tags data Date Disclosed 2018-07-31 Date Discovered 2018-03-09 JTVCYnJhbmNoX2xpc3QlNUQlNUIlMkZicmFuY2hfbGlzdCU1RA== Feel Vulnerable? Contact us so we can help you.
Read More
CVE-2018-8014 Description The defaults settings for the CORS filter provided in Apache Tomcat 9.0.0.M1 to 9.0.8, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, 7.0.41 to 7.0.88 are insecure and enable 'supportsCredentials' for all origins. It is expected that users of the CORS filter will have configured it appropriately for their environment rather than using it in the default configuration. Therefore, it is expected that most users will not be impacted by this issue. Mitigation There is no non vulnerable version of this component/package. We recommend investigating alternative components or a potential mitigating control. >Mitigation: >Users of the affected versions should apply…
Read More
CVE-2018-14721 Description FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization. Mitigation *Update*: As of version 2.10.0, Jackson now provides a safe default typing solution that fully mitigates this vulnerability. Reference: (https://medium.com/@cowtowncoder/jackson-2-10-features-cd880674d8a2) In order to mitigate this vulnerability, we recommend upgrading to at least version 2.10.0 and changing any usages of `enableDefaultTyping()` to `activateDefaultTyping()`. Alternatively, if upgrading is not a viable option, this vulnerability can be mitigated by disabling default typing. Instead, you will need to implement your own: >It is also…
Read More
CVE-2018-14720 Description FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization. Mitigation *Update*: As of version 2.10.0, Jackson now provides a safe default typing solution that fully mitigates this vulnerability. Reference: (https://medium.com/@cowtowncoder/jackson-2-10-features-cd880674d8a2) In order to mitigate this vulnerability, we recommend upgrading to at least version 2.10.0 and changing any usages of `enableDefaultTyping()` to `activateDefaultTyping()`. Alternatively, if upgrading is not a viable option, this vulnerability can be mitigated by disabling default typing. Instead, you will need to implement your own: >It is also possible…
Read More
CVE-2018-14719 Description FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization. Mitigation *Update*: As of version 2.10.0, Jackson now provides a safe default typing solution that fully mitigates this vulnerability. Reference: (https://medium.com/@cowtowncoder/jackson-2-10-features-cd880674d8a2) In order to mitigate this vulnerability, we recommend upgrading to at least version 2.10.0 and changing any usages of `enableDefaultTyping()` to `activateDefaultTyping()`. Alternatively, if upgrading is not a viable option, this vulnerability can be mitigated by disabling default typing. Instead, you will need to implement your own: >It is also possible…
Read More
CVE-2018-14718 Description FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization. Mitigation *Update*: As of version 2.10.0, Jackson now provides a safe default typing solution that fully mitigates this vulnerability. Reference: (https://medium.com/@cowtowncoder/jackson-2-10-features-cd880674d8a2) In order to mitigate this vulnerability, we recommend upgrading to at least version 2.10.0 and changing any usages of `enableDefaultTyping()` to `activateDefaultTyping()`. Alternatively, if upgrading is not a viable option, this vulnerability can be mitigated by disabling default typing. Instead, you will need to implement your own: >It is also possible to customize…
Read More
CVE-2018-14371 Description The getLocalePrefix function in ResourceManager.java in Eclipse Mojarra before 2.3.7 is affected by Directory Traversal via the loc parameter. A remote attacker can download configuration files or Java bytecodes from applications. Related links: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14371 https://github.com/eclipse-ee4j/mojarra/commit/1b434748d9239f42eae8aa7d37d7a0930c061e24 https://github.com/javaserverfaces/mojarra/issues/4364 Project Category n/a Tags data Date Disclosed 2018-07-18 Date Discovered 2018-07-17 JTVCYnJhbmNoX2xpc3QlNUQlNUIlMkZicmFuY2hfbGlzdCU1RA== Feel Vulnerable? Contact us so we can help you.
Read More
CVE-2018-14042 Description In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. Mitigation We recommend upgrading to a version of this component that is not vulnerable to this specific issue. Note: If this component is included as a bundled/transitive dependency of another component, there may not be an upgrade path. In this instance, we recommend contacting the maintainers who included the vulnerable package. Alternatively, we recommend investigating alternative components or a potential mitigating control. Related links: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14042 https://github.com/twbs/bootstrap/issues/26423 https://github.com/twbs/bootstrap/issues/26628 https://github.com/twbs/bootstrap/pull/26630 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14042 Project Category n/a Tags data Date Disclosed 2018-07-13 Date Discovered 2018-07-13 JTVCYnJhbmNoX2xpc3QlNUQlNUIlMkZicmFuY2hfbGlzdCU1RA== Feel Vulnerable? Contact us…
Read More
