📂 Vulnerable Library - maven-sling-plugin-2.0.4-incubator.jar
Maven Plugin supporting various Sling Development Tasks
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/sling/maven-sling-plugin/2.0.4-incubator/maven-sling-plugin-2.0.4-incubator.jar
Findings
| Finding |
Severity |
🎯 CVSS |
Exploit Maturity |
EPSS |
Library |
Type |
Fixed in |
Remediation Available |
Reachability |
| CVE-2022-47937 |
🟣 Critical |
9.3 |
Not Defined |
< 1% |
org.apache.sling.commons.json-2.0.4-incubator.jar |
Transitive |
N/A |
❌ |
 Unreachable |
| CVE-2023-37460 |
🟣 Critical |
9.2 |
Not Defined |
35.2% |
plexus-archiver-1.0-alpha-3.jar |
Transitive |
N/A |
❌ |
Unreachable |
| CVE-2022-4244 |
🔴 High |
8.7 |
Not Defined |
< 1% |
plexus-utils-1.0.4.jar |
Transitive |
N/A |
❌ |
Unreachable |
| CVE-2013-2254 |
🟠 Medium |
6.9 |
Not Defined |
2.3% |
org.apache.sling.api-2.0.2-incubator.jar |
Transitive |
N/A |
❌ |
|
| CVE-2022-32549 |
🟠 Medium |
6.9 |
Not Defined |
3.2% |
org.apache.sling.api-2.0.2-incubator.jar |
Transitive |
N/A |
❌ |
|
| CVE-2018-1002200 |
🟠 Medium |
6.8 |
Not Defined |
1.9% |
plexus-archiver-1.0-alpha-3.jar |
Transitive |
N/A |
❌ |
Unreachable |
| CVE-2012-5783 |
🟠 Medium |
6.3 |
Not Defined |
< 1% |
commons-httpclient-3.1.jar |
Transitive |
N/A |
❌ |
Unreachable |
| CVE-2015-2944 |
🟠 Medium |
6.3 |
Not Defined |
2.8999999% |
org.apache.sling.api-2.0.2-incubator.jar |
Transitive |
N/A |
❌ |
Unreachable |
| WS-2016-7057 |
🟠 Medium |
5.9 |
N/A |
N/A |
plexus-utils-1.0.4.jar |
Transitive |
N/A |
❌ |
Unreachable |
| CVE-2022-4245 |
🟠 Medium |
5.3 |
Not Defined |
< 1% |
plexus-utils-1.0.4.jar |
Transitive |
N/A |
❌ |
Unreachable |
| WS-2016-7062 |
🟠 Medium |
5.3 |
N/A |
N/A |
plexus-utils-1.0.4.jar |
Transitive |
N/A |
❌ |
Unreachable |
| CVE-2020-15250 |
🟠 Medium |
4.1 |
Not Defined |
< 1% |
junit-4.13.jar |
Transitive |
N/A |
❌ |
Unreachable |
Details
🟣CVE-2022-47937
Vulnerable Library - org.apache.sling.commons.json-2.0.4-incubator.jar
Apache Sling JSON Library
Library home page: http://www.apache.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/sling/org.apache.sling.commons.json/2.0.4-incubator/org.apache.sling.commons.json-2.0.4-incubator.jar
Dependency Hierarchy:
- maven-sling-plugin-2.0.4-incubator.jar (Root Library)
- ❌ org.apache.sling.commons.json-2.0.4-incubator.jar (Vulnerable Library)
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
Improper input validation in the Apache Sling Commons JSON bundle allows an attacker to trigger unexpected errors by supplying specially-crafted input.
The org.apache.sling.commons.json bundle has been deprecated as of March
2017 and should not be used anymore. Consumers are encouraged to
consider the Apache Sling Commons Johnzon OSGi bundle provided by the
Apache Sling project, but may of course use other JSON libraries.
Publish Date: May 15, 2023 09:20 AM
URL: CVE-2022-47937
Threat Assessment
Exploit Maturity:Not Defined
EPSS:< 1%
Score: 9.3
Suggested Fix
Type: Upgrade version
Origin:
Release Date:
Fix Resolution :
🟣CVE-2023-37460
Vulnerable Library - plexus-archiver-1.0-alpha-3.jar
Library home page: http://www.codehaus.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/codehaus/plexus/plexus-archiver/1.0-alpha-3/plexus-archiver-1.0-alpha-3.jar
Dependency Hierarchy:
- maven-sling-plugin-2.0.4-incubator.jar (Root Library)
- maven-archiver-2.0.jar
- ❌ plexus-archiver-1.0-alpha-3.jar (Vulnerable Library)
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
Plexis Archiver is a collection of Plexus components to create archives or extract archives to a directory with a unified "Archiver"/"UnArchiver" API. Prior to version 4.8.0, using AbstractUnArchiver for extracting an archive might lead to an arbitrary file creation and possibly remote code execution. When extracting an archive with an entry that already exists in the destination directory as a symbolic link whose target does not exist - the "resolveFile()" function will return the symlink's source instead of its target, which will pass the verification that ensures the file will not be extracted outside of the destination directory. Later "Files.newOutputStream()", that follows symlinks by default, will actually write the entry's content to the symlink's target. Whoever uses plexus archiver to extract an untrusted archive is vulnerable to an arbitrary file creation and possibly remote code execution. Version 4.8.0 contains a patch for this issue.
Publish Date: Jul 25, 2023 07:41 PM
URL: CVE-2023-37460
Threat Assessment
Exploit Maturity:Not Defined
EPSS:35.2%
Score: 9.2
Suggested Fix
Type: Upgrade version
Origin:
Release Date:
Fix Resolution :
🔴CVE-2022-4244
Vulnerable Library - plexus-utils-1.0.4.jar
Library home page: http://www.codehaus.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/codehaus/plexus/plexus-utils/1.0.4/plexus-utils-1.0.4.jar
Dependency Hierarchy:
- maven-sling-plugin-2.0.4-incubator.jar (Root Library)
- maven-archiver-2.0.jar
- maven-project-2.0.jar
- maven-profile-2.0.jar
- maven-model-2.0.jar
- ❌ plexus-utils-1.0.4.jar (Vulnerable Library)
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files.
Publish Date: Sep 25, 2023 07:20 PM
URL: CVE-2022-4244
Threat Assessment
Exploit Maturity:Not Defined
EPSS:< 1%
Score: 8.7
Suggested Fix
Type: Upgrade version
Origin: GHSA-g6ph-x5wf-g337
Release Date: Sep 25, 2023 07:20 PM
Fix Resolution : org.codehaus.plexus:plexus-utils:3.0.24
🟠CVE-2013-2254
Vulnerable Library - org.apache.sling.api-2.0.2-incubator.jar
The Sling API defines an extension to the Servlet API 2.4 to
provide access to content and unified access to request
parameters hiding the differences between the different methods
of transferring parameters from client to server. Note that the
Sling API bundle does not include the Servlet API but instead
requires the API to be provided by the Servlet container in
which the Sling framework is running or by another bundle.
Library home page: http://www.apache.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/sling/org.apache.sling.api/2.0.2-incubator/org.apache.sling.api-2.0.2-incubator.jar
Dependency Hierarchy:
- maven-sling-plugin-2.0.4-incubator.jar (Root Library)
- org.apache.sling.commons.osgi-2.0.2-incubator.jar
- ❌ org.apache.sling.api-2.0.2-incubator.jar (Vulnerable Library)
Vulnerability Details
The deepGetOrCreateNode function in impl/operations/AbstractCreateOperation.java in org.apache.sling.servlets.post.bundle 2.2.0 and 2.3.0 in Apache Sling does not properly handle a NULL value that returned when the session does not have permissions to the root node, which allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors.
Publish Date: Oct 17, 2013 11:00 PM
URL: CVE-2013-2254
Threat Assessment
Exploit Maturity:Not Defined
EPSS:2.3%
Score: 6.9
Suggested Fix
Type: Upgrade version
Origin: GHSA-cxwh-vmhg-39r2
Release Date: Oct 17, 2013 11:00 PM
Fix Resolution : org.apache.sling:org.apache.sling.api:2.4.0
🟠CVE-2022-32549
Vulnerable Library - org.apache.sling.api-2.0.2-incubator.jar
The Sling API defines an extension to the Servlet API 2.4 to
provide access to content and unified access to request
parameters hiding the differences between the different methods
of transferring parameters from client to server. Note that the
Sling API bundle does not include the Servlet API but instead
requires the API to be provided by the Servlet container in
which the Sling framework is running or by another bundle.
Library home page: http://www.apache.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/sling/org.apache.sling.api/2.0.2-incubator/org.apache.sling.api-2.0.2-incubator.jar
Dependency Hierarchy:
- maven-sling-plugin-2.0.4-incubator.jar (Root Library)
- org.apache.sling.commons.osgi-2.0.2-incubator.jar
- ❌ org.apache.sling.api-2.0.2-incubator.jar (Vulnerable Library)
Vulnerability Details
Apache Sling Commons Log <= 5.4.0 and Apache Sling API <= 2.25.0 are vulnerable to log injection. The ability to forge logs may allow an attacker to cover tracks by injecting fake logs and potentially corrupt log files.
Publish Date: Jun 22, 2022 02:25 PM
URL: CVE-2022-32549
Threat Assessment
Exploit Maturity:Not Defined
EPSS:3.2%
Score: 6.9
Suggested Fix
Type: Upgrade version
Origin: GHSA-qmx3-m648-hr74
Release Date: Jun 22, 2022 02:25 PM
Fix Resolution : org.apache.sling:org.apache.sling.api:no_fix,https://github.com/apache/sling-org-apache-sling-api.git - no_fix,https://github.com/apache/sling-org-apache-sling-commons-log.git - no_fix,org.apache.sling:org.apache.sling.commons.log:no_fix
🟠CVE-2018-1002200
Vulnerable Library - plexus-archiver-1.0-alpha-3.jar
Library home page: http://www.codehaus.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/codehaus/plexus/plexus-archiver/1.0-alpha-3/plexus-archiver-1.0-alpha-3.jar
Dependency Hierarchy:
- maven-sling-plugin-2.0.4-incubator.jar (Root Library)
- maven-archiver-2.0.jar
- ❌ plexus-archiver-1.0-alpha-3.jar (Vulnerable Library)
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.
Publish Date: Jul 25, 2018 05:00 PM
URL: CVE-2018-1002200
Threat Assessment
Exploit Maturity:Not Defined
EPSS:1.9%
Score: 6.8
Suggested Fix
Type: Upgrade version
Origin: GHSA-hcxq-x77q-3469
Release Date: Jul 25, 2018 05:00 PM
Fix Resolution : org.codehaus.plexus:plexus-archiver:3.6.0
🟠CVE-2012-5783
Vulnerable Library - commons-httpclient-3.1.jar
The HttpClient component supports the client-side of RFC 1945 (HTTP/1.0) and RFC 2616 (HTTP/1.1) , several related specifications (RFC 2109 (Cookies) , RFC 2617 (HTTP Authentication) , etc.), and provides a framework by which new request types (methods) or HTTP extensions can be created easily.
Library home page: http://jakarta.apache.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-httpclient/commons-httpclient/3.1/commons-httpclient-3.1.jar
Dependency Hierarchy:
- maven-sling-plugin-2.0.4-incubator.jar (Root Library)
- ❌ commons-httpclient-3.1.jar (Vulnerable Library)
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
Publish Date: Nov 04, 2012 10:00 PM
URL: CVE-2012-5783
Threat Assessment
Exploit Maturity:Not Defined
EPSS:< 1%
Score: 6.3
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2012-5783
Release Date: Nov 04, 2012 10:00 PM
Fix Resolution : commons-httpclient:commons-httpclient - 3.1-jenkins-1,3.1-redhat-3,3.1-HTTPCLIENT-1265
🟠CVE-2015-2944
Vulnerable Library - org.apache.sling.api-2.0.2-incubator.jar
The Sling API defines an extension to the Servlet API 2.4 to
provide access to content and unified access to request
parameters hiding the differences between the different methods
of transferring parameters from client to server. Note that the
Sling API bundle does not include the Servlet API but instead
requires the API to be provided by the Servlet container in
which the Sling framework is running or by another bundle.
Library home page: http://www.apache.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/sling/org.apache.sling.api/2.0.2-incubator/org.apache.sling.api-2.0.2-incubator.jar
Dependency Hierarchy:
- maven-sling-plugin-2.0.4-incubator.jar (Root Library)
- org.apache.sling.commons.osgi-2.0.2-incubator.jar
- ❌ org.apache.sling.api-2.0.2-incubator.jar (Vulnerable Library)
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
Multiple cross-site scripting (XSS) vulnerabilities in Apache Sling API before 2.2.2 and Apache Sling Servlets Post before 2.1.2 allow remote attackers to inject arbitrary web script or HTML via the URI, related to (1) org/apache/sling/api/servlets/HtmlResponse and (2) org/apache/sling/servlets/post/HtmlResponse.
Publish Date: Jun 02, 2015 02:00 PM
URL: CVE-2015-2944
Threat Assessment
Exploit Maturity:Not Defined
EPSS:2.8999999%
Score: 6.3
Suggested Fix
Type: Upgrade version
Origin: GHSA-rxvx-44w5-44r7
Release Date: Jun 02, 2015 02:00 PM
Fix Resolution : org.apache.sling:org.apache.sling.api:2.2.2,org.apache.sling:org.apache.sling.servlets.post:2.1.2
🟠WS-2016-7057
Vulnerable Library - plexus-utils-1.0.4.jar
Library home page: http://www.codehaus.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/codehaus/plexus/plexus-utils/1.0.4/plexus-utils-1.0.4.jar
Dependency Hierarchy:
- maven-sling-plugin-2.0.4-incubator.jar (Root Library)
- maven-archiver-2.0.jar
- maven-project-2.0.jar
- maven-profile-2.0.jar
- maven-model-2.0.jar
- ❌ plexus-utils-1.0.4.jar (Vulnerable Library)
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
Plexus-utils before 3.0.24 are vulnerable to Directory Traversal
Publish Date: May 07, 2016 10:17 PM
URL: WS-2016-7057
Threat Assessment
Exploit Maturity:N/A
EPSS:N/A
Score: 5.9
Suggested Fix
Type: Upgrade version
Origin: codehaus-plexus/plexus-utils@33a2853
Release Date: May 07, 2016 10:17 PM
Fix Resolution : 3.0.24
🟠CVE-2022-4245
Vulnerable Library - plexus-utils-1.0.4.jar
Library home page: http://www.codehaus.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/codehaus/plexus/plexus-utils/1.0.4/plexus-utils-1.0.4.jar
Dependency Hierarchy:
- maven-sling-plugin-2.0.4-incubator.jar (Root Library)
- maven-archiver-2.0.jar
- maven-project-2.0.jar
- maven-profile-2.0.jar
- maven-model-2.0.jar
- ❌ plexus-utils-1.0.4.jar (Vulnerable Library)
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection.
Publish Date: Sep 25, 2023 07:20 PM
URL: CVE-2022-4245
Threat Assessment
Exploit Maturity:Not Defined
EPSS:< 1%
Score: 5.3
Suggested Fix
Type: Upgrade version
Origin: GHSA-jcwr-x25h-x5fh
Release Date: Sep 25, 2023 07:20 PM
Fix Resolution : org.codehaus.plexus:plexus-utils:3.0.24
🟠WS-2016-7062
Vulnerable Library - plexus-utils-1.0.4.jar
Library home page: http://www.codehaus.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/codehaus/plexus/plexus-utils/1.0.4/plexus-utils-1.0.4.jar
Dependency Hierarchy:
- maven-sling-plugin-2.0.4-incubator.jar (Root Library)
- maven-archiver-2.0.jar
- maven-project-2.0.jar
- maven-profile-2.0.jar
- maven-model-2.0.jar
- ❌ plexus-utils-1.0.4.jar (Vulnerable Library)
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
Security vulnerability found in plexus-utils before 3.0.24. XML injection found in XmlWriterUtil.java.
Publish Date: May 07, 2016 10:09 PM
URL: WS-2016-7062
Threat Assessment
Exploit Maturity:N/A
EPSS:N/A
Score: 5.3
Suggested Fix
Type: Upgrade version
Origin: codehaus-plexus/plexus-utils@f933e5e
Release Date: May 07, 2016 10:09 PM
Fix Resolution : 3.0.24
🟠CVE-2020-15250
Vulnerable Library - junit-4.13.jar
JUnit is a unit testing framework for Java, created by Erich Gamma and Kent Beck.
Library home page: http://www.junit.org
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/junit/junit/4.13/junit-4.13.jar
Dependency Hierarchy:
- maven-sling-plugin-2.0.4-incubator.jar (Root Library)
- maven-archiver-2.0.jar
- maven-project-2.0.jar
- maven-profile-2.0.jar
- plexus-container-default-1.0-alpha-8.jar
- ❌ junit-4.13.jar (Vulnerable Library)
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability does not allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. This vulnerability impacts you if the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder, and the JUnit tests execute in an environment where the OS has other untrusted users. Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. For Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. For Java 1.6 and lower users: no patch is available, you must use the workaround below. If you are unable to patch, or are stuck running on Java 1.6, specifying the java.io.tmpdir system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. For more information, including an example of vulnerable code, see the referenced GitHub Security Advisory.
Publish Date: Oct 12, 2020 05:55 PM
URL: CVE-2020-15250
Threat Assessment
Exploit Maturity:Not Defined
EPSS:< 1%
Score: 4.1
Suggested Fix
Type: Upgrade version
Origin: GHSA-269g-pwp5-87pp
Release Date: Oct 12, 2020 05:55 PM
Fix Resolution : junit:junit:4.13.1
📂 Vulnerable Library - maven-sling-plugin-2.0.4-incubator.jar
Maven Plugin supporting various Sling Development Tasks
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/sling/maven-sling-plugin/2.0.4-incubator/maven-sling-plugin-2.0.4-incubator.jar
Findings
Details
🟣CVE-2022-47937
Vulnerable Library - org.apache.sling.commons.json-2.0.4-incubator.jar
Apache Sling JSON Library
Library home page: http://www.apache.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/sling/org.apache.sling.commons.json/2.0.4-incubator/org.apache.sling.commons.json-2.0.4-incubator.jar
Dependency Hierarchy:
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
Improper input validation in the Apache Sling Commons JSON bundle allows an attacker to trigger unexpected errors by supplying specially-crafted input.
The org.apache.sling.commons.json bundle has been deprecated as of March
2017 and should not be used anymore. Consumers are encouraged to
consider the Apache Sling Commons Johnzon OSGi bundle provided by the
Apache Sling project, but may of course use other JSON libraries.
Publish Date: May 15, 2023 09:20 AM
URL: CVE-2022-47937
Threat Assessment
Exploit Maturity:Not Defined
EPSS:< 1%
Score: 9.3
Suggested Fix
Type: Upgrade version
Origin:
Release Date:
Fix Resolution :
🟣CVE-2023-37460
Vulnerable Library - plexus-archiver-1.0-alpha-3.jar
Library home page: http://www.codehaus.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/codehaus/plexus/plexus-archiver/1.0-alpha-3/plexus-archiver-1.0-alpha-3.jar
Dependency Hierarchy:
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
Plexis Archiver is a collection of Plexus components to create archives or extract archives to a directory with a unified "Archiver"/"UnArchiver" API. Prior to version 4.8.0, using AbstractUnArchiver for extracting an archive might lead to an arbitrary file creation and possibly remote code execution. When extracting an archive with an entry that already exists in the destination directory as a symbolic link whose target does not exist - the "resolveFile()" function will return the symlink's source instead of its target, which will pass the verification that ensures the file will not be extracted outside of the destination directory. Later "Files.newOutputStream()", that follows symlinks by default, will actually write the entry's content to the symlink's target. Whoever uses plexus archiver to extract an untrusted archive is vulnerable to an arbitrary file creation and possibly remote code execution. Version 4.8.0 contains a patch for this issue.
Publish Date: Jul 25, 2023 07:41 PM
URL: CVE-2023-37460
Threat Assessment
Exploit Maturity:Not Defined
EPSS:35.2%
Score: 9.2
Suggested Fix
Type: Upgrade version
Origin:
Release Date:
Fix Resolution :
🔴CVE-2022-4244
Vulnerable Library - plexus-utils-1.0.4.jar
Library home page: http://www.codehaus.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/codehaus/plexus/plexus-utils/1.0.4/plexus-utils-1.0.4.jar
Dependency Hierarchy:
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files.
Publish Date: Sep 25, 2023 07:20 PM
URL: CVE-2022-4244
Threat Assessment
Exploit Maturity:Not Defined
EPSS:< 1%
Score: 8.7
Suggested Fix
Type: Upgrade version
Origin: GHSA-g6ph-x5wf-g337
Release Date: Sep 25, 2023 07:20 PM
Fix Resolution : org.codehaus.plexus:plexus-utils:3.0.24
🟠CVE-2013-2254
Vulnerable Library - org.apache.sling.api-2.0.2-incubator.jar
The Sling API defines an extension to the Servlet API 2.4 to
provide access to content and unified access to request
parameters hiding the differences between the different methods
of transferring parameters from client to server. Note that the
Sling API bundle does not include the Servlet API but instead
requires the API to be provided by the Servlet container in
which the Sling framework is running or by another bundle.
Library home page: http://www.apache.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/sling/org.apache.sling.api/2.0.2-incubator/org.apache.sling.api-2.0.2-incubator.jar
Dependency Hierarchy:
Vulnerability Details
The deepGetOrCreateNode function in impl/operations/AbstractCreateOperation.java in org.apache.sling.servlets.post.bundle 2.2.0 and 2.3.0 in Apache Sling does not properly handle a NULL value that returned when the session does not have permissions to the root node, which allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors.
Publish Date: Oct 17, 2013 11:00 PM
URL: CVE-2013-2254
Threat Assessment
Exploit Maturity:Not Defined
EPSS:2.3%
Score: 6.9
Suggested Fix
Type: Upgrade version
Origin: GHSA-cxwh-vmhg-39r2
Release Date: Oct 17, 2013 11:00 PM
Fix Resolution : org.apache.sling:org.apache.sling.api:2.4.0
🟠CVE-2022-32549
Vulnerable Library - org.apache.sling.api-2.0.2-incubator.jar
The Sling API defines an extension to the Servlet API 2.4 to
provide access to content and unified access to request
parameters hiding the differences between the different methods
of transferring parameters from client to server. Note that the
Sling API bundle does not include the Servlet API but instead
requires the API to be provided by the Servlet container in
which the Sling framework is running or by another bundle.
Library home page: http://www.apache.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/sling/org.apache.sling.api/2.0.2-incubator/org.apache.sling.api-2.0.2-incubator.jar
Dependency Hierarchy:
Vulnerability Details
Apache Sling Commons Log <= 5.4.0 and Apache Sling API <= 2.25.0 are vulnerable to log injection. The ability to forge logs may allow an attacker to cover tracks by injecting fake logs and potentially corrupt log files.
Publish Date: Jun 22, 2022 02:25 PM
URL: CVE-2022-32549
Threat Assessment
Exploit Maturity:Not Defined
EPSS:3.2%
Score: 6.9
Suggested Fix
Type: Upgrade version
Origin: GHSA-qmx3-m648-hr74
Release Date: Jun 22, 2022 02:25 PM
Fix Resolution : org.apache.sling:org.apache.sling.api:no_fix,https://github.com/apache/sling-org-apache-sling-api.git - no_fix,https://github.com/apache/sling-org-apache-sling-commons-log.git - no_fix,org.apache.sling:org.apache.sling.commons.log:no_fix
🟠CVE-2018-1002200
Vulnerable Library - plexus-archiver-1.0-alpha-3.jar
Library home page: http://www.codehaus.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/codehaus/plexus/plexus-archiver/1.0-alpha-3/plexus-archiver-1.0-alpha-3.jar
Dependency Hierarchy:
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.
Publish Date: Jul 25, 2018 05:00 PM
URL: CVE-2018-1002200
Threat Assessment
Exploit Maturity:Not Defined
EPSS:1.9%
Score: 6.8
Suggested Fix
Type: Upgrade version
Origin: GHSA-hcxq-x77q-3469
Release Date: Jul 25, 2018 05:00 PM
Fix Resolution : org.codehaus.plexus:plexus-archiver:3.6.0
🟠CVE-2012-5783
Vulnerable Library - commons-httpclient-3.1.jar
The HttpClient component supports the client-side of RFC 1945 (HTTP/1.0) and RFC 2616 (HTTP/1.1) , several related specifications (RFC 2109 (Cookies) , RFC 2617 (HTTP Authentication) , etc.), and provides a framework by which new request types (methods) or HTTP extensions can be created easily.
Library home page: http://jakarta.apache.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/commons-httpclient/commons-httpclient/3.1/commons-httpclient-3.1.jar
Dependency Hierarchy:
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
Publish Date: Nov 04, 2012 10:00 PM
URL: CVE-2012-5783
Threat Assessment
Exploit Maturity:Not Defined
EPSS:< 1%
Score: 6.3
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2012-5783
Release Date: Nov 04, 2012 10:00 PM
Fix Resolution : commons-httpclient:commons-httpclient - 3.1-jenkins-1,3.1-redhat-3,3.1-HTTPCLIENT-1265
🟠CVE-2015-2944
Vulnerable Library - org.apache.sling.api-2.0.2-incubator.jar
The Sling API defines an extension to the Servlet API 2.4 to
provide access to content and unified access to request
parameters hiding the differences between the different methods
of transferring parameters from client to server. Note that the
Sling API bundle does not include the Servlet API but instead
requires the API to be provided by the Servlet container in
which the Sling framework is running or by another bundle.
Library home page: http://www.apache.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/sling/org.apache.sling.api/2.0.2-incubator/org.apache.sling.api-2.0.2-incubator.jar
Dependency Hierarchy:
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
Multiple cross-site scripting (XSS) vulnerabilities in Apache Sling API before 2.2.2 and Apache Sling Servlets Post before 2.1.2 allow remote attackers to inject arbitrary web script or HTML via the URI, related to (1) org/apache/sling/api/servlets/HtmlResponse and (2) org/apache/sling/servlets/post/HtmlResponse.
Publish Date: Jun 02, 2015 02:00 PM
URL: CVE-2015-2944
Threat Assessment
Exploit Maturity:Not Defined
EPSS:2.8999999%
Score: 6.3
Suggested Fix
Type: Upgrade version
Origin: GHSA-rxvx-44w5-44r7
Release Date: Jun 02, 2015 02:00 PM
Fix Resolution : org.apache.sling:org.apache.sling.api:2.2.2,org.apache.sling:org.apache.sling.servlets.post:2.1.2
🟠WS-2016-7057
Vulnerable Library - plexus-utils-1.0.4.jar
Library home page: http://www.codehaus.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/codehaus/plexus/plexus-utils/1.0.4/plexus-utils-1.0.4.jar
Dependency Hierarchy:
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
Plexus-utils before 3.0.24 are vulnerable to Directory Traversal
Publish Date: May 07, 2016 10:17 PM
URL: WS-2016-7057
Threat Assessment
Exploit Maturity:N/A
EPSS:N/A
Score: 5.9
Suggested Fix
Type: Upgrade version
Origin: codehaus-plexus/plexus-utils@33a2853
Release Date: May 07, 2016 10:17 PM
Fix Resolution : 3.0.24
🟠CVE-2022-4245
Vulnerable Library - plexus-utils-1.0.4.jar
Library home page: http://www.codehaus.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/codehaus/plexus/plexus-utils/1.0.4/plexus-utils-1.0.4.jar
Dependency Hierarchy:
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection.
Publish Date: Sep 25, 2023 07:20 PM
URL: CVE-2022-4245
Threat Assessment
Exploit Maturity:Not Defined
EPSS:< 1%
Score: 5.3
Suggested Fix
Type: Upgrade version
Origin: GHSA-jcwr-x25h-x5fh
Release Date: Sep 25, 2023 07:20 PM
Fix Resolution : org.codehaus.plexus:plexus-utils:3.0.24
🟠WS-2016-7062
Vulnerable Library - plexus-utils-1.0.4.jar
Library home page: http://www.codehaus.org/
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/org/codehaus/plexus/plexus-utils/1.0.4/plexus-utils-1.0.4.jar
Dependency Hierarchy:
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
Security vulnerability found in plexus-utils before 3.0.24. XML injection found in XmlWriterUtil.java.
Publish Date: May 07, 2016 10:09 PM
URL: WS-2016-7062
Threat Assessment
Exploit Maturity:N/A
EPSS:N/A
Score: 5.3
Suggested Fix
Type: Upgrade version
Origin: codehaus-plexus/plexus-utils@f933e5e
Release Date: May 07, 2016 10:09 PM
Fix Resolution : 3.0.24
🟠CVE-2020-15250
Vulnerable Library - junit-4.13.jar
JUnit is a unit testing framework for Java, created by Erich Gamma and Kent Beck.
Library home page: http://www.junit.org
Path to dependency file: /app/pom.xml
Path to vulnerable library: /home/wss-scanner/.m2/repository/junit/junit/4.13/junit-4.13.jar
Dependency Hierarchy:
Reachability Analysis
The vulnerable code is unreachable
Vulnerability Details
In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability does not allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. This vulnerability impacts you if the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder, and the JUnit tests execute in an environment where the OS has other untrusted users. Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. For Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. For Java 1.6 and lower users: no patch is available, you must use the workaround below. If you are unable to patch, or are stuck running on Java 1.6, specifying the
java.io.tmpdirsystem environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. For more information, including an example of vulnerable code, see the referenced GitHub Security Advisory.Publish Date: Oct 12, 2020 05:55 PM
URL: CVE-2020-15250
Threat Assessment
Exploit Maturity:Not Defined
EPSS:< 1%
Score: 4.1
Suggested Fix
Type: Upgrade version
Origin: GHSA-269g-pwp5-87pp
Release Date: Oct 12, 2020 05:55 PM
Fix Resolution : junit:junit:4.13.1