spring-security-test-4.2.1.RELEASE.jar: 9 vulnerabilities (highest severity is: 8.8) #18
Description
Vulnerable Library - spring-security-test-4.2.1.RELEASE.jar
Path to dependency file: /terracotta-bank-servlet/build.gradle
Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework.security/spring-security-web/4.2.1.RELEASE/31a526327f419664fe27455d5b2538a1b4aa5dee/spring-security-web-4.2.1.RELEASE.jar
Found in HEAD commit: 1e3053bb8d609e72ca369d624ab23b2dce8e6e58
Vulnerabilities
| CVE | Severity |  CVSS |
Dependency | Type | Fixed in | Remediation Available |
|---|---|---|---|---|---|---|
| CVE-2021-22112 |  High |
8.8 | spring-security-web-4.2.1.RELEASE.jar | Transitive | 5.2.9.RELEASE | ✅ |
| CVE-2017-4995 | High |
8.1 | spring-security-core-4.2.1.RELEASE.jar | Transitive | 4.2.3.RELEASE | ✅ |
| CVE-2019-11272 | High |
7.3 | spring-security-core-4.2.1.RELEASE.jar | Transitive | 4.2.13.RELEASE | ✅ |
| WS-2017-3767 |  Medium |
6.6 | spring-security-web-4.2.1.RELEASE.jar | Transitive | 4.2.15.RELEASE | ✅ |
| CVE-2020-5408 | Medium |
6.5 | spring-security-core-4.2.1.RELEASE.jar | Transitive | 4.2.16.RELEASE | ✅ |
| WS-2016-7107 | Medium |
5.9 | spring-security-web-4.2.1.RELEASE.jar | Transitive | 5.2.14.RELEASE | ✅ |
| WS-2020-0293 | Medium |
5.9 | spring-security-web-4.2.1.RELEASE.jar | Transitive | 5.2.9.RELEASE | ✅ |
| CVE-2018-1199 | Medium |
5.3 | spring-security-web-4.2.1.RELEASE.jar | Transitive | 4.2.4.RELEASE | ✅ |
| CVE-2019-3795 | Medium |
5.3 | spring-security-core-4.2.1.RELEASE.jar | Transitive | 4.2.12.RELEASE | ✅ |
Details
CVE-2021-22112
Vulnerable Library - spring-security-web-4.2.1.RELEASE.jar
spring-security-web
Library home page: http://spring.io/spring-security
Path to dependency file: /terracotta-bank-servlet/build.gradle
Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework.security/spring-security-web/4.2.1.RELEASE/31a526327f419664fe27455d5b2538a1b4aa5dee/spring-security-web-4.2.1.RELEASE.jar
Dependency Hierarchy:
- spring-security-test-4.2.1.RELEASE.jar (Root Library)
- ❌ spring-security-web-4.2.1.RELEASE.jar (Vulnerable Library)
Found in HEAD commit: 1e3053bb8d609e72ca369d624ab23b2dce8e6e58
Found in base branch: master
Vulnerability Details
Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in a single request.A malicious user cannot cause the bug to happen (it must be programmed in). However, if the application's intent is to only allow the user to run with elevated privileges in a small portion of the application, the bug can be leveraged to extend those privileges to the rest of the application.
Publish Date: 2021-02-23
URL: CVE-2021-22112
CVSS 3 Score Details (8.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
Suggested Fix
Type: Upgrade version
Origin: https://tanzu.vmware.com/security/cve-2021-22112
Release Date: 2021-02-23
Fix Resolution (org.springframework.security:spring-security-web): 5.2.9.RELEASE
Direct dependency fix Resolution (org.springframework.security:spring-security-test): 5.2.9.RELEASE
⛑️ Automatic Remediation is available for this issue
CVE-2017-4995
Vulnerable Library - spring-security-core-4.2.1.RELEASE.jar
spring-security-core
Library home page: http://spring.io/spring-security
Path to dependency file: /terracotta-bank-servlet/build.gradle
Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework.security/spring-security-core/4.2.1.RELEASE/4e8ae0eb3218e1cacc3d7bd2eb41929799340618/spring-security-core-4.2.1.RELEASE.jar
Dependency Hierarchy:
- spring-security-test-4.2.1.RELEASE.jar (Root Library)
- ❌ spring-security-core-4.2.1.RELEASE.jar (Vulnerable Library)
Found in HEAD commit: 1e3053bb8d609e72ca369d624ab23b2dce8e6e58
Found in base branch: master
Vulnerability Details
An issue was discovered in Pivotal Spring Security 4.2.0.RELEASE through 4.2.2.RELEASE, and Spring Security 5.0.0.M1. When configured to enable default typing, Jackson contained a deserialization vulnerability that could lead to arbitrary code execution. Jackson fixed this vulnerability by blacklisting known "deserialization gadgets." Spring Security configures Jackson with global default typing enabled, which means that (through the previous exploit) arbitrary code could be executed if all of the following is true: (1) Spring Security's Jackson support is being leveraged by invoking SecurityJackson2Modules.getModules(ClassLoader) or SecurityJackson2Modules.enableDefaultTyping(ObjectMapper); (2) Jackson is used to deserialize data that is not trusted (Spring Security does not perform deserialization using Jackson, so this is an explicit choice of the user); and (3) there is an unknown (Jackson is not blacklisting it already) "deserialization gadget" that allows code execution present on the classpath. Jackson provides a blacklisting approach to protecting against this type of attack, but Spring Security should be proactive against blocking unknown "deserialization gadgets" when Spring Security enables default typing.
Publish Date: 2017-11-27
URL: CVE-2017-4995
CVSS 3 Score Details (8.1)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
Suggested Fix
Type: Upgrade version
Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-4995
Release Date: 2017-11-27
Fix Resolution (org.springframework.security:spring-security-core): 4.2.3.RELEASE
Direct dependency fix Resolution (org.springframework.security:spring-security-test): 4.2.3.RELEASE
⛑️ Automatic Remediation is available for this issue
CVE-2019-11272
Vulnerable Library - spring-security-core-4.2.1.RELEASE.jar
spring-security-core
Library home page: http://spring.io/spring-security
Path to dependency file: /terracotta-bank-servlet/build.gradle
Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework.security/spring-security-core/4.2.1.RELEASE/4e8ae0eb3218e1cacc3d7bd2eb41929799340618/spring-security-core-4.2.1.RELEASE.jar
Dependency Hierarchy:
- spring-security-test-4.2.1.RELEASE.jar (Root Library)
- ❌ spring-security-core-4.2.1.RELEASE.jar (Vulnerable Library)
Found in HEAD commit: 1e3053bb8d609e72ca369d624ab23b2dce8e6e58
Found in base branch: master
Vulnerability Details
Spring Security, versions 4.2.x up to 4.2.12, and older unsupported versions support plain text passwords using PlaintextPasswordEncoder. If an application using an affected version of Spring Security is leveraging PlaintextPasswordEncoder and a user has a null encoded password, a malicious user (or attacker) can authenticate using a password of "null".
Publish Date: 2019-06-26
URL: CVE-2019-11272
CVSS 3 Score Details (7.3)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: Low
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11272
Release Date: 2019-06-26
Fix Resolution (org.springframework.security:spring-security-core): 4.2.13.RELEASE
Direct dependency fix Resolution (org.springframework.security:spring-security-test): 4.2.13.RELEASE
⛑️ Automatic Remediation is available for this issue
WS-2017-3767
Vulnerable Library - spring-security-web-4.2.1.RELEASE.jar
spring-security-web
Library home page: http://spring.io/spring-security
Path to dependency file: /terracotta-bank-servlet/build.gradle
Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework.security/spring-security-web/4.2.1.RELEASE/31a526327f419664fe27455d5b2538a1b4aa5dee/spring-security-web-4.2.1.RELEASE.jar
Dependency Hierarchy:
- spring-security-test-4.2.1.RELEASE.jar (Root Library)
- ❌ spring-security-web-4.2.1.RELEASE.jar (Vulnerable Library)
Found in HEAD commit: 1e3053bb8d609e72ca369d624ab23b2dce8e6e58
Found in base branch: master
Vulnerability Details
Cross-Site Request Forgery (CSRF) vulnerability was found in spring-security before 4.2.15, 5.0.15, 5.1.9, 5.2.3, and 5.3.1. SwitchUserFilter responds to all HTTP methods, making it vulnerable to CSRF attacks.
Publish Date: 2017-01-03
URL: WS-2017-3767
CVSS 3 Score Details (6.6)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: Low
- Availability Impact: Low
Suggested Fix
Type: Upgrade version
Origin: https://github.com/spring-projects/spring-security/releases/tag/5.3.1.RELEASE
Release Date: 2017-01-03
Fix Resolution (org.springframework.security:spring-security-web): 4.2.15.RELEASE
Direct dependency fix Resolution (org.springframework.security:spring-security-test): 4.2.15.RELEASE
⛑️ Automatic Remediation is available for this issue
CVE-2020-5408
Vulnerable Library - spring-security-core-4.2.1.RELEASE.jar
spring-security-core
Library home page: http://spring.io/spring-security
Path to dependency file: /terracotta-bank-servlet/build.gradle
Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework.security/spring-security-core/4.2.1.RELEASE/4e8ae0eb3218e1cacc3d7bd2eb41929799340618/spring-security-core-4.2.1.RELEASE.jar
Dependency Hierarchy:
- spring-security-test-4.2.1.RELEASE.jar (Root Library)
- ❌ spring-security-core-4.2.1.RELEASE.jar (Vulnerable Library)
Found in HEAD commit: 1e3053bb8d609e72ca369d624ab23b2dce8e6e58
Found in base branch: master
Vulnerability Details
Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null initialization vector with CBC Mode in the implementation of the queryable text encryptor. A malicious user with access to the data that has been encrypted using such an encryptor may be able to derive the unencrypted values using a dictionary attack.
Publish Date: 2020-05-14
URL: CVE-2020-5408
CVSS 3 Score Details (6.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: None
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5408
Release Date: 2020-05-14
Fix Resolution (org.springframework.security:spring-security-core): 4.2.16.RELEASE
Direct dependency fix Resolution (org.springframework.security:spring-security-test): 4.2.16.RELEASE
⛑️ Automatic Remediation is available for this issue
WS-2016-7107
Vulnerable Library - spring-security-web-4.2.1.RELEASE.jar
spring-security-web
Library home page: http://spring.io/spring-security
Path to dependency file: /terracotta-bank-servlet/build.gradle
Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework.security/spring-security-web/4.2.1.RELEASE/31a526327f419664fe27455d5b2538a1b4aa5dee/spring-security-web-4.2.1.RELEASE.jar
Dependency Hierarchy:
- spring-security-test-4.2.1.RELEASE.jar (Root Library)
- ❌ spring-security-web-4.2.1.RELEASE.jar (Vulnerable Library)
Found in HEAD commit: 1e3053bb8d609e72ca369d624ab23b2dce8e6e58
Found in base branch: master
Vulnerability Details
CSRF tokens in Spring Security are vulnerable to a breach attack. Spring Security always returns the same CSRF token to the browser.
Publish Date: 2016-08-02
URL: WS-2016-7107
CVSS 3 Score Details (5.9)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: None
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/WS-2016-7107
Release Date: 2016-08-02
Fix Resolution (org.springframework.security:spring-security-web): 5.2.14.RELEASE
Direct dependency fix Resolution (org.springframework.security:spring-security-test): 5.2.14.RELEASE
⛑️ Automatic Remediation is available for this issue
WS-2020-0293
Vulnerable Library - spring-security-web-4.2.1.RELEASE.jar
spring-security-web
Library home page: http://spring.io/spring-security
Path to dependency file: /terracotta-bank-servlet/build.gradle
Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework.security/spring-security-web/4.2.1.RELEASE/31a526327f419664fe27455d5b2538a1b4aa5dee/spring-security-web-4.2.1.RELEASE.jar
Dependency Hierarchy:
- spring-security-test-4.2.1.RELEASE.jar (Root Library)
- ❌ spring-security-web-4.2.1.RELEASE.jar (Vulnerable Library)
Found in HEAD commit: 1e3053bb8d609e72ca369d624ab23b2dce8e6e58
Found in base branch: master
Vulnerability Details
Spring Security before 5.2.9, 5.3.7, and 5.4.3 vulnerable to side-channel attacks. Vulnerable versions of Spring Security don't use constant time comparisons for CSRF tokens.
Publish Date: 2020-12-17
URL: WS-2020-0293
CVSS 3 Score Details (5.9)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: None
Suggested Fix
Type: Upgrade version
Origin: spring-projects/spring-security#9291
Release Date: 2020-12-17
Fix Resolution (org.springframework.security:spring-security-web): 5.2.9.RELEASE
Direct dependency fix Resolution (org.springframework.security:spring-security-test): 5.2.9.RELEASE
⛑️ Automatic Remediation is available for this issue
CVE-2018-1199
Vulnerable Library - spring-security-web-4.2.1.RELEASE.jar
spring-security-web
Library home page: http://spring.io/spring-security
Path to dependency file: /terracotta-bank-servlet/build.gradle
Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework.security/spring-security-web/4.2.1.RELEASE/31a526327f419664fe27455d5b2538a1b4aa5dee/spring-security-web-4.2.1.RELEASE.jar
Dependency Hierarchy:
- spring-security-test-4.2.1.RELEASE.jar (Root Library)
- ❌ spring-security-web-4.2.1.RELEASE.jar (Vulnerable Library)
Found in HEAD commit: 1e3053bb8d609e72ca369d624ab23b2dce8e6e58
Found in base branch: master
Vulnerability Details
Spring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14 and 5.0.x before 5.0.3) does not consider URL path parameters when processing security constraints. By adding a URL path parameter with special encodings, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path parameters in the Servlet Specification. Some Servlet containers include path parameters in the value returned for getPathInfo() and some do not. Spring Security uses the value returned by getPathInfo() as part of the process of mapping requests to security constraints. In this particular attack, different character encodings used in path parameters allows secured Spring MVC static resource URLs to be bypassed.
Publish Date: 2018-03-16
URL: CVE-2018-1199
CVSS 3 Score Details (5.3)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: None
- Availability Impact: None
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1199
Release Date: 2018-03-16
Fix Resolution (org.springframework.security:spring-security-web): 4.2.4.RELEASE
Direct dependency fix Resolution (org.springframework.security:spring-security-test): 4.2.4.RELEASE
⛑️ Automatic Remediation is available for this issue
CVE-2019-3795
Vulnerable Library - spring-security-core-4.2.1.RELEASE.jar
spring-security-core
Library home page: http://spring.io/spring-security
Path to dependency file: /terracotta-bank-servlet/build.gradle
Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework.security/spring-security-core/4.2.1.RELEASE/4e8ae0eb3218e1cacc3d7bd2eb41929799340618/spring-security-core-4.2.1.RELEASE.jar
Dependency Hierarchy:
- spring-security-test-4.2.1.RELEASE.jar (Root Library)
- ❌ spring-security-core-4.2.1.RELEASE.jar (Vulnerable Library)
Found in HEAD commit: 1e3053bb8d609e72ca369d624ab23b2dce8e6e58
Found in base branch: master
Vulnerability Details
Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, and 5.1.x prior to 5.1.5 contain an insecure randomness vulnerability when using SecureRandomFactoryBean#setSeed to configure a SecureRandom instance. In order to be impacted, an honest application must provide a seed and make the resulting random material available to an attacker for inspection.
Publish Date: 2019-04-09
URL: CVE-2019-3795
CVSS 3 Score Details (5.3)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: None
- Availability Impact: None
Suggested Fix
Type: Upgrade version
Origin: https://pivotal.io/security/cve-2019-3795
Release Date: 2019-04-09
Fix Resolution (org.springframework.security:spring-security-core): 4.2.12.RELEASE
Direct dependency fix Resolution (org.springframework.security:spring-security-test): 4.2.12.RELEASE
⛑️ Automatic Remediation is available for this issue
⛑️ Automatic Remediation is available for this issue.