ikonovalov / mq-spring-jms-web Goto Github PK

Vulnerable Library - spring-web-4.0.6.RELEASE.jar

Spring Web

Path to dependency file: /mq-spring-jms-web/pom.xml

Path to vulnerable library: 2/repository/org/springframework/spring-web/4.0.6.RELEASE/spring-web-4.0.6.RELEASE.jar

Dependency Hierarchy:

• ❌ spring-web-4.0.6.RELEASE.jar (Vulnerable Library)

Vulnerability Details

Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versions is vulnerable to a Reflected File Download (RFD) attack. The attack involves a malicious user crafting a URL with a batch script extension that results in the response being downloaded rather than rendered and also includes some input reflected in the response.

Publish Date: 2017-05-25

URL: CVE-2015-5211

CVSS 3 Score Details (8.6)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://pivotal.io/security/cve-2015-5211

Fix Resolution: Users of affected Spring Framework versions should upgrade as follows: For 3.2.x upgrade to 3.2.15+. For 4.0.x and 4.1.x upgrade to 4.1.8+. For 4.2.x upgrade to 4.2.2+. In the above mentioned versions Spring MVC checks if the URL contains a file extension prior to writing with an HttpMessageConverter, and if the extension is unknown a “Content-Disposition” response header is added to suggest the download filename “f.txt”. The list of “known” extensions by default includes the ones associated with the built-in HttpMessageConverter implementations as well as any additional extensions explicitly registered for content negotiation purposes. For 4.x the fix also includes URL checks for SockJS URLs and validation of the JSONP callback parameter in all areas where JSONP is supported.

Vulnerable Library - spring-web-4.0.6.RELEASE.jar

Spring Web

Path to dependency file: /mq-spring-jms-web/pom.xml

Path to vulnerable library: 2/repository/org/springframework/spring-web/4.0.6.RELEASE/spring-web-4.0.6.RELEASE.jar

Dependency Hierarchy:

• ❌ spring-web-4.0.6.RELEASE.jar (Vulnerable Library)

Vulnerability Details

Pivotal Spring Framework before 3.2.14 and 4.x before 4.1.7 do not properly process inline DTD declarations when DTD is not entirely disabled, which allows remote attackers to cause a denial of service (memory consumption and out-of-memory errors) via a crafted XML file.

Publish Date: 2016-07-12

URL: CVE-2015-3192

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2015-3192

Release Date: 2016-07-12

Fix Resolution: 3.2.14,4.1.7