diff --git a/unittests/scans/acunetix/acunetix360_many_findings_large_constructed.json b/unittests/scans/acunetix/acunetix360_many_findings_large_constructed.json
new file mode 100644
index 00000000000..3717458a02f
--- /dev/null
+++ b/unittests/scans/acunetix/acunetix360_many_findings_large_constructed.json
@@ -0,0 +1,89111 @@
+{
+ "Generated": "25/06/2021 10:00 AM",
+ "Target": {
+ "Duration": "01:45:12.3456789",
+ "Initiated": "25/06/2021 01:00 AM",
+ "ScanId": "ab12cd34ef56789012345678abcdef90",
+ "Url": "http://app1.testsparker.com/"
+ },
+ "Vulnerabilities": [
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "394",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v1/products?action=247"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 12:22 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products?action=247 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 36.3113,
+ "StatusCode": 200
+ },
+ "LookupId": "dc17e584-c7bc-533f-af56-4a24c3cf0357",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in URL Path issue.
Fix the Sensitive Data Exposure in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinURLPath",
+ "Url": "http://blog.testsparker.com/api/v1/products?action=247"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "508",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "33"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/profile.php?name=357"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 05:11 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php?name=357 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 106.9595,
+ "StatusCode": 200
+ },
+ "LookupId": "267d0b4f-41e5-5240-a4fa-c3e89e2a5e04",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in Multipart Data via POST Request issue.
Fix the Missing X-Frame-Options in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinMultipartDataviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/profile.php?name=357"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "425",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "33"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Clickjacking in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/blog/post.php?action=521"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 01:18 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php?action=521 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 365.765,
+ "StatusCode": 200
+ },
+ "LookupId": "ba7c7d2b-a163-52aa-8946-e2781a694567",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in POST Body issue.
Fix the Clickjacking in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "ClickjackinginPOSTBody",
+ "Url": "http://api.testsparker.com/blog/post.php?action=521"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "163",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "36"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Command Injection in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 04:31 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 307.3442,
+ "StatusCode": 200
+ },
+ "LookupId": "58414748-da5e-5e35-99b9-a5f202b044ec",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in POST Body issue.
Fix the Command Injection in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CommandInjectioninPOSTBody",
+ "Url": "https://portal.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "286",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Deserialization in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/reports/view?action=275"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 10:42 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?action=275 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 195.7048,
+ "StatusCode": 200
+ },
+ "LookupId": "a77ca12e-61c4-550b-8e62-38fbf91e4ec7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in POST Body issue.
Fix the Insecure Deserialization in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureDeserializationinPOSTBody",
+ "Url": "http://admin.testsparker.com/reports/view?action=275"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "644",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "24"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Directory Traversal vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/api/v2/export"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 02:02 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 334.019,
+ "StatusCode": 200
+ },
+ "LookupId": "9c9344b0-f935-56e0-b460-67480129cc50",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal issue.
Fix the Directory Traversal vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "DirectoryTraversal",
+ "Url": "https://docs.testsparker.com/api/v2/export"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "306",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Integer Overflow in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/api/v2/search?action=314"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 11:08 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?action=314 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 177.9391,
+ "StatusCode": 200
+ },
+ "LookupId": "946b7afb-546d-56a5-a60f-506bdef30006",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in XML Input issue.
Fix the Integer Overflow in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "IntegerOverflowinXMLInput",
+ "Url": "http://api.testsparker.com/api/v2/search?action=314"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "664",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/search?filter=660"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 12:21 AM",
+ "HttpRequest": {
+ "Content": "GET /search?filter=660 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 177.9369,
+ "StatusCode": 200
+ },
+ "LookupId": "4b520779-d43b-55a7-9d30-91fc78d02125",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in XML Input via POST Request issue.
Fix the Cookie Not Marked as HttpOnly in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinXMLInputviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/search?filter=660"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "544",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "12"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Path Disclosure in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/blog/post.php"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 04:56 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 153.1368,
+ "StatusCode": 200
+ },
+ "LookupId": "ba88818b-181b-57a7-8333-62978010fca0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in POST Body via PUT Request issue.
Fix the Path Disclosure in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "PathDisclosureinPOSTBodyviaPUTRequest",
+ "Url": "http://admin.testsparker.com/blog/post.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "454",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a LDAP Injection in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/reports/export?name=779"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 02:48 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export?name=779 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 123.5834,
+ "StatusCode": 200
+ },
+ "LookupId": "c54b6da5-8b79-56a3-855d-c3caff5ff16e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in Header via PUT Request issue.
Fix the LDAP Injection in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "LDAPInjectioninHeaderviaPUTRequest",
+ "Url": "https://docs.testsparker.com/reports/export?name=779"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "561",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "40"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CSRF in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/reports/generate?name=616"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 03:09 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?name=616 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 36.9813,
+ "StatusCode": 200
+ },
+ "LookupId": "b608b6d2-1c8d-500f-afe9-df733fae6f5b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in Query Parameter issue.
Fix the CSRF in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CSRFinQueryParameter",
+ "Url": "https://docs.testsparker.com/reports/generate?name=616"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "321",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a SQL Injection in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/upload.php"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 03:23 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 349.7839,
+ "StatusCode": 200
+ },
+ "LookupId": "7ab6492e-53e3-5be4-96e6-f80eb9d3e7b0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in JSON Payload issue.
Fix the SQL Injection in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "SQLInjectioninJSONPayload",
+ "Url": "http://api.testsparker.com/upload.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "399",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HSTS Missing in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v2/webhook?id=738"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 09:53 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?id=738 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 407.7713,
+ "StatusCode": 200
+ },
+ "LookupId": "8f7fcac7-34ff-5891-95d7-43ea47785401",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in POST Body via POST Request issue.
Fix the HSTS Missing in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "HSTSMissinginPOSTBodyviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/api/v2/webhook?id=738"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "148",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/settings.php?token=747"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 09:21 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?token=747 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 42.3967,
+ "StatusCode": 200
+ },
+ "LookupId": "4516ea26-99c8-55e8-a3a3-f4d402502bb5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in Cookie via POST Request issue.
Fix the Missing Content-Security-Policy in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinCookieviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/settings.php?token=747"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "647",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/settings.php?q=890"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 02:05 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?q=890 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 89.3797,
+ "StatusCode": 200
+ },
+ "LookupId": "86c062c1-516c-5b62-acd4-788e9a34a467",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in File Name issue.
Fix the Unvalidated Redirect in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinFileName",
+ "Url": "http://blog.testsparker.com/settings.php?q=890"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "164",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Session Fixation in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/auth/register.php?action=692"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 11:36 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?action=692 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 274.6065,
+ "StatusCode": 200
+ },
+ "LookupId": "c4f70ea6-2459-59e3-b365-679ac8e263cd",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in URL Path via POST Request issue.
Fix the Session Fixation in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "SessionFixationinURLPathviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/auth/register.php?action=692"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "112",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Session Fixation in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/auth/reset.php"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 11:39 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 31.7054,
+ "StatusCode": 200
+ },
+ "LookupId": "d3ebd2b4-a1a7-51ee-86e1-ee2a4c32a44b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in URL Path issue.
Fix the Session Fixation in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "SessionFixationinURLPath",
+ "Url": "http://blog.testsparker.com/auth/reset.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "290",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cross-site Scripting in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/files/upload"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 10:12 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 391.1999,
+ "StatusCode": 200
+ },
+ "LookupId": "e6bee119-0dc0-5b68-897b-0558b2aa53c5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in Form Field issue.
Fix the Cross-site Scripting in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginFormField",
+ "Url": "http://api.testsparker.com/files/upload"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "141",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XPath Injection in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/checkout.php?name=109"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 02:06 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php?name=109 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 487.5732,
+ "StatusCode": 200
+ },
+ "LookupId": "6ccc64eb-cb51-568e-ac0e-a070fde0e590",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in XML Input via POST Request issue.
Fix the XPath Injection in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "XPathInjectioninXMLInputviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/checkout.php?name=109"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "94",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "29"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a SQL Injection in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/admin/dashboard?type=453"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 03:32 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?type=453 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 213.558,
+ "StatusCode": 200
+ },
+ "LookupId": "c041cfa8-3276-5d33-90fc-e123475582af",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in URL Path issue.
Fix the SQL Injection in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "SQLInjectioninURLPath",
+ "Url": "https://portal.testsparker.com/admin/dashboard?type=453"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "159",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XML External Entity in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 09:07 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 20.3919,
+ "StatusCode": 200
+ },
+ "LookupId": "144806d1-c3ff-5689-9356-ff82c9ae2542",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in File Name via POST Request issue.
Fix the XML External Entity in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "XMLExternalEntityinFileNameviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "356",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 02:28 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 160.8554,
+ "StatusCode": 200
+ },
+ "LookupId": "c2dc4e22-1731-53df-b0c0-6d0cce05be50",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in File Name issue.
Fix the Insecure Direct Object Reference in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinFileName",
+ "Url": "http://api.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "162",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XML External Entity in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/account/billing"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 04:26 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 407.4746,
+ "StatusCode": 200
+ },
+ "LookupId": "cf7e113f-40b6-5cb1-9e43-6a508a2b00df",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in File Name issue.
Fix the XML External Entity in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "XMLExternalEntityinFileName",
+ "Url": "https://app2.testsparker.com/account/billing"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "283",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Information Disclosure in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/upload.php"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 10:53 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 351.6234,
+ "StatusCode": 200
+ },
+ "LookupId": "eea2cf93-8da2-5692-8ad7-bfdf7b13d812",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in Cookie via POST Request issue.
Fix the Information Disclosure in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InformationDisclosureinCookieviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/upload.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "663",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Mass Assignment in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/profile.php?q=36"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 08:03 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php?q=36 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 52.9836,
+ "StatusCode": 200
+ },
+ "LookupId": "5df1000e-082e-5192-81d1-e1ac5c008074",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in JSON Payload issue.
Fix the Mass Assignment in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "MassAssignmentinJSONPayload",
+ "Url": "http://api.testsparker.com/profile.php?q=36"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "621",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v2/search"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 10:50 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 259.6782,
+ "StatusCode": 200
+ },
+ "LookupId": "11fecffc-3ae7-54ed-8cff-bbf16a4a8759",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in Multipart Data via POST Request issue.
Fix the Server-Side Request Forgery in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinMultipartDataviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/api/v2/search"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "179",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Clickjacking in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/api/v2/webhook?sort=536"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 03:45 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?sort=536 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 254.9449,
+ "StatusCode": 200
+ },
+ "LookupId": "e8f471c6-8ff7-5a68-ac75-75c293d54bb5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in POST Body via POST Request issue.
Fix the Clickjacking in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "ClickjackinginPOSTBodyviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/api/v2/webhook?sort=536"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "456",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "44"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Open Redirect in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/reports/export?q=874"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 06:45 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export?q=874 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 41.8201,
+ "StatusCode": 200
+ },
+ "LookupId": "943aad6d-b930-5724-80a5-d45af6e904bd",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in Header issue.
Fix the Open Redirect in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "OpenRedirectinHeader",
+ "Url": "http://admin.testsparker.com/reports/export?q=874"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "375",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a LDAP Injection in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/admin/users?page=276"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 07:44 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users?page=276 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 378.5759,
+ "StatusCode": 200
+ },
+ "LookupId": "7fe0d849-9279-582b-abef-ee949e3823ff",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in File Name issue.
Fix the LDAP Injection in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "LDAPInjectioninFileName",
+ "Url": "http://admin.testsparker.com/admin/users?page=276"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "248",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a NoSQL Injection in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/settings.php?name=91"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 01:40 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?name=91 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 61.5431,
+ "StatusCode": 200
+ },
+ "LookupId": "633c2541-1330-5fec-8345-e2478b72fb6a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in URL Path via PUT Request issue.
Fix the NoSQL Injection in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "NoSQLInjectioninURLPathviaPUTRequest",
+ "Url": "https://docs.testsparker.com/settings.php?name=91"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "317",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XPath Injection in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 10:28 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 236.2232,
+ "StatusCode": 200
+ },
+ "LookupId": "6d1e6af2-165a-5160-a44f-5026c0d0cae5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in Cookie issue.
Fix the XPath Injection in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "XPathInjectioninCookie",
+ "Url": "https://portal.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "118",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "11"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Integer Overflow in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/checkout.php?sort=607"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 06:02 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php?sort=607 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 235.8456,
+ "StatusCode": 200
+ },
+ "LookupId": "251acafe-4991-5ba4-bc38-a597354bbf2d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in Cookie via POST Request issue.
Fix the Integer Overflow in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "IntegerOverflowinCookieviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/checkout.php?sort=607"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "46",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XPath Injection in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v1/products"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 06:24 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 330.482,
+ "StatusCode": 200
+ },
+ "LookupId": "1a13dc19-de02-591e-939b-ef361e8cc0d6",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in Cookie via PUT Request issue.
Fix the XPath Injection in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "XPathInjectioninCookieviaPUTRequest",
+ "Url": "http://blog.testsparker.com/api/v1/products"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "465",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "24"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Command Injection vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v1/orders"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 06:13 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 338.3858,
+ "StatusCode": 200
+ },
+ "LookupId": "cebaf258-e7d7-5372-9ea1-b4b1d3732623",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection issue.
Fix the Command Injection vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CommandInjection",
+ "Url": "http://admin.testsparker.com/api/v1/orders"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "419",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "38"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cross-site Scripting in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/auth/register.php?ref=38"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 10:35 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?ref=38 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 163.873,
+ "StatusCode": 200
+ },
+ "LookupId": "f5939efd-fb07-516b-92cd-3e4f095fbb29",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in POST Body via PUT Request issue.
Fix the Cross-site Scripting in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginPOSTBodyviaPUTRequest",
+ "Url": "https://docs.testsparker.com/auth/register.php?ref=38"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "149",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XML External Entity in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/blog/post.php"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 08:24 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 342.4618,
+ "StatusCode": 200
+ },
+ "LookupId": "06384da1-f048-5af1-9186-30bc99a8b8aa",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in POST Body via POST Request issue.
Fix the XML External Entity in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "XMLExternalEntityinPOSTBodyviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/blog/post.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "337",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "24"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/admin/logs?type=200"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 01:38 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?type=200 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 143.7836,
+ "StatusCode": 200
+ },
+ "LookupId": "0a08bfd0-505b-530d-802f-7afe99b6f38a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in Cookie via PUT Request issue.
Fix the Cookie Not Marked as Secure in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinCookieviaPUTRequest",
+ "Url": "http://app1.testsparker.com/admin/logs?type=200"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "369",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "2"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Command Injection in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 12:28 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 455.5021,
+ "StatusCode": 200
+ },
+ "LookupId": "8cb71716-4298-55ea-b218-e77eb8b65aa8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in POST Body issue.
Fix the Command Injection in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CommandInjectioninPOSTBody",
+ "Url": "https://portal.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "3",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "17"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HSTS Missing vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/products.php"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 07:44 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 479.0856,
+ "StatusCode": 200
+ },
+ "LookupId": "372c22f3-8b27-52e7-8f68-2754b034a127",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing issue.
Fix the HSTS Missing vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "HSTSMissing",
+ "Url": "https://docs.testsparker.com/products.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "640",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Race Condition in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/account/security?ref=100"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 06:22 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?ref=100 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 240.9781,
+ "StatusCode": 200
+ },
+ "LookupId": "475ca8d9-dc5a-52e5-b2b6-36b95098c705",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in URL Path issue.
Fix the Race Condition in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "RaceConditioninURLPath",
+ "Url": "https://portal.testsparker.com/account/security?ref=100"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "426",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Command Injection in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v2/search"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 09:40 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 102.8783,
+ "StatusCode": 200
+ },
+ "LookupId": "6fa51286-a7d5-5d67-837a-639169d06c4a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in XML Input via POST Request issue.
Fix the Command Injection in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CommandInjectioninXMLInputviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/api/v2/search"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "96",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "44"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Version Disclosure in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/contact?id=718"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 09:59 AM",
+ "HttpRequest": {
+ "Content": "GET /contact?id=718 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 97.458,
+ "StatusCode": 200
+ },
+ "LookupId": "d80dc594-bc33-59d7-8cb3-a1ff2a7aac7a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in File Name issue.
Fix the Version Disclosure in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "VersionDisclosureinFileName",
+ "Url": "http://blog.testsparker.com/contact?id=718"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "499",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/account/security?page=529"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 03:28 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?page=529 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 91.1469,
+ "StatusCode": 200
+ },
+ "LookupId": "ebdcc9aa-f84b-5135-afcd-fd07933d3194",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in File Name issue.
Fix the Server-Side Request Forgery in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinFileName",
+ "Url": "https://app2.testsparker.com/account/security?page=529"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "306",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Session Fixation in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v2/webhook"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 09:55 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 281.9842,
+ "StatusCode": 200
+ },
+ "LookupId": "4e9cbeb8-6eae-55a9-adbd-1bbf0617c7ae",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in Form Field issue.
Fix the Session Fixation in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "SessionFixationinFormField",
+ "Url": "https://portal.testsparker.com/api/v2/webhook"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "340",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Deserialization in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/cart.php"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 06:10 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 321.7315,
+ "StatusCode": 200
+ },
+ "LookupId": "fa01606c-f3da-583d-87e8-c4c6c78dd7cb",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in XML Input issue.
Fix the Insecure Deserialization in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "InsecureDeserializationinXMLInput",
+ "Url": "https://shop.testsparker.com/cart.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "142",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/profile.php?filter=994"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 12:35 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php?filter=994 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 431.7467,
+ "StatusCode": 200
+ },
+ "LookupId": "0300a58c-6b37-5010-8c3b-a5bac305655b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in Form Field issue.
Fix the File Upload Vulnerability in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinFormField",
+ "Url": "https://portal.testsparker.com/profile.php?filter=994"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "242",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Race Condition in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/download.php"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 05:37 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 364.2124,
+ "StatusCode": 200
+ },
+ "LookupId": "787cf58a-477b-5cbc-8af8-cc5dff6b5167",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in Header issue.
Fix the Race Condition in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "RaceConditioninHeader",
+ "Url": "https://docs.testsparker.com/download.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "227",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cleartext Transmission in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/auth/reset.php"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 04:31 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 111.3011,
+ "StatusCode": 200
+ },
+ "LookupId": "860493f6-3515-5c40-bef9-98828573f124",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in JSON Payload via PUT Request issue.
Fix the Cleartext Transmission in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CleartextTransmissioninJSONPayloadviaPUTRequest",
+ "Url": "https://shop.testsparker.com/auth/reset.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "358",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Open Redirect in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v2/export?ref=265"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 12:10 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export?ref=265 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 23.1807,
+ "StatusCode": 200
+ },
+ "LookupId": "89fed746-8d35-5968-add8-54f52c3ed846",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in URL Path via POST Request issue.
Fix the Open Redirect in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "OpenRedirectinURLPathviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/api/v2/export?ref=265"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "370",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/download.php?q=366"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 05:18 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?q=366 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 269.51,
+ "StatusCode": 200
+ },
+ "LookupId": "644cf714-aa3f-5232-9713-795a1bfaff7f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in Cookie via POST Request issue.
Fix the File Upload Vulnerability in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinCookieviaPOSTRequest",
+ "Url": "http://api.testsparker.com/download.php?q=366"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "536",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cross-site Scripting in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/account/security?filter=578"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 10:16 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?filter=578 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 241.3339,
+ "StatusCode": 200
+ },
+ "LookupId": "c8b6c487-aa65-5a99-a21d-d32222012a55",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in Cookie via PUT Request issue.
Fix the Cross-site Scripting in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginCookieviaPUTRequest",
+ "Url": "http://admin.testsparker.com/account/security?filter=578"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "238",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v2/search"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 12:57 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 198.2009,
+ "StatusCode": 200
+ },
+ "LookupId": "baeaeaba-4dcc-5302-a721-39b2b948e365",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in Query Parameter via PUT Request issue.
Fix the Insecure HTTP Method in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinQueryParameterviaPUTRequest",
+ "Url": "https://portal.testsparker.com/api/v2/search"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "344",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Deserialization in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v2/search"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 11:37 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 201.6653,
+ "StatusCode": 200
+ },
+ "LookupId": "b85d8473-9743-5b4b-88f5-81ec020b8ceb",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in POST Body via POST Request issue.
Fix the Insecure Deserialization in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureDeserializationinPOSTBodyviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/api/v2/search"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "378",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Broken Authentication in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 01:46 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 44.4902,
+ "StatusCode": 200
+ },
+ "LookupId": "fbe2b247-623f-5344-8d94-9daf061c70a9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in Multipart Data issue.
Fix the Broken Authentication in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinMultipartData",
+ "Url": "https://app2.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "111",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "38"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Email Header Injection in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 09:04 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 417.5831,
+ "StatusCode": 200
+ },
+ "LookupId": "4bad4221-2b1f-5624-b2e9-07938f3cfc46",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in File Name issue.
Fix the Email Header Injection in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninFileName",
+ "Url": "http://api.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "116",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XML External Entity in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/reports/generate?token=707"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 03:06 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?token=707 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 213.8536,
+ "StatusCode": 200
+ },
+ "LookupId": "d73b0a7c-a832-5b11-bc6e-589ed17bce2d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in Form Field issue.
Fix the XML External Entity in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "XMLExternalEntityinFormField",
+ "Url": "http://blog.testsparker.com/reports/generate?token=707"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "647",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XML External Entity in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/api/v2/export?ref=650"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 03:25 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export?ref=650 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 325.5738,
+ "StatusCode": 200
+ },
+ "LookupId": "bc8f94d5-136e-5f1e-983c-9fac481271a2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in Query Parameter issue.
Fix the XML External Entity in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "XMLExternalEntityinQueryParameter",
+ "Url": "http://api.testsparker.com/api/v2/export?ref=650"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "383",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Broken Authentication in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/help?action=447"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 05:10 AM",
+ "HttpRequest": {
+ "Content": "GET /help?action=447 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 295.0107,
+ "StatusCode": 200
+ },
+ "LookupId": "1a4826b0-320f-59f5-991f-8463b4aa8177",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in Cookie via POST Request issue.
Fix the Broken Authentication in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinCookieviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/help?action=447"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "221",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a NoSQL Injection in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/cart.php?q=933"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 01:54 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php?q=933 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 19.8139,
+ "StatusCode": 200
+ },
+ "LookupId": "17b93026-f7f1-5a27-ad4d-6d552e18980e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in POST Body via PUT Request issue.
Fix the NoSQL Injection in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "NoSQLInjectioninPOSTBodyviaPUTRequest",
+ "Url": "http://blog.testsparker.com/cart.php?q=933"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "595",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "22"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Race Condition in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/settings.php"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 11:41 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 124.9211,
+ "StatusCode": 200
+ },
+ "LookupId": "568d4444-16f0-587b-8e81-d5a4953737f9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in Form Field issue.
Fix the Race Condition in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "RaceConditioninFormField",
+ "Url": "https://app2.testsparker.com/settings.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "465",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Integer Overflow in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v1/users"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 08:15 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 451.1531,
+ "StatusCode": 200
+ },
+ "LookupId": "45dc1a72-9861-5220-9f65-00d55ce77ebe",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in POST Body via PUT Request issue.
Fix the Integer Overflow in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "IntegerOverflowinPOSTBodyviaPUTRequest",
+ "Url": "https://portal.testsparker.com/api/v1/users"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "466",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "17"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/blog/edit.php?ref=26"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 11:58 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php?ref=26 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 358.6202,
+ "StatusCode": 200
+ },
+ "LookupId": "9295cc36-b879-5be4-8d6a-93d0352f51a3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in Query Parameter issue.
Fix the Server-Side Request Forgery in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinQueryParameter",
+ "Url": "http://api.testsparker.com/blog/edit.php?ref=26"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "185",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/files/upload"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 03:20 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 320.9045,
+ "StatusCode": 200
+ },
+ "LookupId": "4989dc56-25e9-5edb-8f61-5cc7f3549f29",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in XML Input issue.
Fix the Unvalidated Redirect in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinXMLInput",
+ "Url": "https://shop.testsparker.com/files/upload"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "699",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "33"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Email Header Injection in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/files/list?action=975"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 11:02 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?action=975 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 314.1007,
+ "StatusCode": 200
+ },
+ "LookupId": "1c2a2571-5ac0-5d8b-b83b-332965192212",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in File Name via POST Request issue.
Fix the Email Header Injection in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninFileNameviaPOSTRequest",
+ "Url": "http://api.testsparker.com/files/list?action=975"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "292",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Directory Traversal in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v2/export"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 02:09 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 452.1018,
+ "StatusCode": 200
+ },
+ "LookupId": "d7f1f553-3eb6-583a-b449-a4455606d346",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in Form Field issue.
Fix the Directory Traversal in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "DirectoryTraversalinFormField",
+ "Url": "https://app2.testsparker.com/api/v2/export"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "270",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/admin/logs?q=106"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 09:37 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?q=106 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 325.9668,
+ "StatusCode": 200
+ },
+ "LookupId": "b9687379-8ad3-5031-ae89-b00dcb10d041",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in Cookie via PUT Request issue.
Fix the Server-Side Request Forgery in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinCookieviaPUTRequest",
+ "Url": "http://admin.testsparker.com/admin/logs?q=106"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "326",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "36"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/reports/export?type=395"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 08:01 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export?type=395 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 209.672,
+ "StatusCode": 200
+ },
+ "LookupId": "81110e09-8deb-546d-bc2c-26040943f90a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in URL Path via POST Request issue.
Fix the HTTP Response Splitting in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginURLPathviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/reports/export?type=395"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "556",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "36"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/reports/generate?ref=541"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 03:55 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?ref=541 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 69.506,
+ "StatusCode": 200
+ },
+ "LookupId": "253ca1f2-61c8-5518-8cf2-dd1402f2facb",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in URL Path issue.
Fix the Insecure Direct Object Reference in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinURLPath",
+ "Url": "https://portal.testsparker.com/reports/generate?ref=541"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "368",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Buffer Overflow in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/search?token=822"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 05:28 AM",
+ "HttpRequest": {
+ "Content": "GET /search?token=822 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 394.0178,
+ "StatusCode": 200
+ },
+ "LookupId": "b787bd9e-31fc-508a-a49c-ae2e29a67f54",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in URL Path via PUT Request issue.
Fix the Buffer Overflow in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "BufferOverflowinURLPathviaPUTRequest",
+ "Url": "http://app1.testsparker.com/search?token=822"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "49",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "27"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Race Condition in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v2/export"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 02:53 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 453.522,
+ "StatusCode": 200
+ },
+ "LookupId": "75fd7e74-5124-5afb-860d-fbde773f9716",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in Cookie issue.
Fix the Race Condition in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "RaceConditioninCookie",
+ "Url": "http://blog.testsparker.com/api/v2/export"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "259",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Mass Assignment in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/blog/post.php?ref=360"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 12:53 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php?ref=360 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 360.6482,
+ "StatusCode": 200
+ },
+ "LookupId": "f0ba6999-ed42-5578-9e35-9a0422bf4a1b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in URL Path via PUT Request issue.
Fix the Mass Assignment in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "MassAssignmentinURLPathviaPUTRequest",
+ "Url": "http://api.testsparker.com/blog/post.php?ref=360"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "515",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "22"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/api/v2/search"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 05:23 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 485.0196,
+ "StatusCode": 200
+ },
+ "LookupId": "126d570b-bd37-5ff3-8335-19b06840152f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in Cookie via POST Request issue.
Fix the Insecure Direct Object Reference in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinCookieviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/api/v2/search"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "612",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cleartext Transmission in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/auth/register.php?q=555"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 09:12 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?q=555 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 322.8106,
+ "StatusCode": 200
+ },
+ "LookupId": "f194834c-29ba-57e7-b18e-3b0654da6892",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in File Name via POST Request issue.
Fix the Cleartext Transmission in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CleartextTransmissioninFileNameviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/auth/register.php?q=555"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "238",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XPath Injection in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v2/search?token=750"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 08:28 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?token=750 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 83.6889,
+ "StatusCode": 200
+ },
+ "LookupId": "0710be26-8758-56e1-a393-a249f1aea3ae",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in Multipart Data via POST Request issue.
Fix the XPath Injection in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "XPathInjectioninMultipartDataviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/api/v2/search?token=750"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "40",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/help?sort=657"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 07:16 AM",
+ "HttpRequest": {
+ "Content": "GET /help?sort=657 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 387.9225,
+ "StatusCode": 200
+ },
+ "LookupId": "aa163cf6-951b-598d-ad02-b11a7fe71fdc",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in XML Input via POST Request issue.
Fix the File Upload Vulnerability in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinXMLInputviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/help?sort=657"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "637",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "11"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/search"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 05:59 AM",
+ "HttpRequest": {
+ "Content": "GET /search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 83.531,
+ "StatusCode": 200
+ },
+ "LookupId": "9ffc5b74-e0bd-5cc5-b74e-00a544c940c5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in POST Body via PUT Request issue.
Fix the Server-Side Request Forgery in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinPOSTBodyviaPUTRequest",
+ "Url": "https://shop.testsparker.com/search"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "216",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Command Injection in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/contact"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 07:16 AM",
+ "HttpRequest": {
+ "Content": "GET /contact HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 207.4397,
+ "StatusCode": 200
+ },
+ "LookupId": "2310feae-abd9-5470-a53e-b75ab1ad4fe1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in Header via PUT Request issue.
Fix the Command Injection in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CommandInjectioninHeaderviaPUTRequest",
+ "Url": "https://shop.testsparker.com/contact"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "548",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Mass Assignment in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v1/users"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 07:29 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 375.3606,
+ "StatusCode": 200
+ },
+ "LookupId": "e6ea7b60-dfd8-5029-a5d1-313dab35400d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in Query Parameter via PUT Request issue.
Fix the Mass Assignment in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "MassAssignmentinQueryParameterviaPUTRequest",
+ "Url": "http://blog.testsparker.com/api/v1/users"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "551",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "44"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v1/users"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 09:33 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 426.1182,
+ "StatusCode": 200
+ },
+ "LookupId": "f6977c2b-d743-5dc7-803a-e7e73e03ee58",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in JSON Payload via PUT Request issue.
Fix the Insecure HTTP Method in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinJSONPayloadviaPUTRequest",
+ "Url": "http://app1.testsparker.com/api/v1/users"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "311",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "2"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Email Header Injection in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v2/search?type=231"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 04:34 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?type=231 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 307.9881,
+ "StatusCode": 200
+ },
+ "LookupId": "456558fd-8572-5a39-87c8-3cd15d1701e0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in Query Parameter via PUT Request issue.
Fix the Email Header Injection in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninQueryParameterviaPUTRequest",
+ "Url": "http://app1.testsparker.com/api/v2/search?type=231"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "221",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "33"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/auth/register.php?token=334"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 05:06 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?token=334 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 46.4692,
+ "StatusCode": 200
+ },
+ "LookupId": "9dbac426-34ab-5c5d-9e70-8df67fed6fd0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in Header via PUT Request issue.
Fix the Unvalidated Redirect in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinHeaderviaPUTRequest",
+ "Url": "https://shop.testsparker.com/auth/register.php?token=334"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "464",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/files/upload"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 07:00 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 351.9311,
+ "StatusCode": 200
+ },
+ "LookupId": "7f21ffe9-de89-542e-b3c5-1ee8500c8bce",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in Header issue.
Fix the CORS Misconfiguration in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinHeader",
+ "Url": "http://api.testsparker.com/files/upload"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "532",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/auth/reset.php?page=182"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 01:03 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php?page=182 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 302.1402,
+ "StatusCode": 200
+ },
+ "LookupId": "65fee616-57d7-5dc4-8b91-ee8136374c21",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in URL Path via PUT Request issue.
Fix the Cookie Not Marked as HttpOnly in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinURLPathviaPUTRequest",
+ "Url": "https://shop.testsparker.com/auth/reset.php?page=182"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "477",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "11"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Integer Overflow in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/payment.php"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 09:59 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 448.608,
+ "StatusCode": 200
+ },
+ "LookupId": "f9faeb10-a1bc-5c91-920d-ace5cd94ea17",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in Header issue.
Fix the Integer Overflow in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "IntegerOverflowinHeader",
+ "Url": "http://app1.testsparker.com/payment.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "411",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "27"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Deserialization in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/products.php?name=585"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 04:26 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php?name=585 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 451.2249,
+ "StatusCode": 200
+ },
+ "LookupId": "8f0da1e2-8b95-5036-9067-b1857202ddd7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in Header via PUT Request issue.
Fix the Insecure Deserialization in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureDeserializationinHeaderviaPUTRequest",
+ "Url": "http://blog.testsparker.com/products.php?name=585"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "82",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/admin/config"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 12:23 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/config HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 426.791,
+ "StatusCode": 200
+ },
+ "LookupId": "b2979793-7aa4-5e72-b511-115f558e2f18",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in File Name issue.
Fix the Insecure HTTP Method in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinFileName",
+ "Url": "https://portal.testsparker.com/admin/config"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "454",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/account/billing"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 04:48 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 176.4338,
+ "StatusCode": 200
+ },
+ "LookupId": "22d76ebf-1b74-57b3-9ba5-a24255b621b5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in File Name issue.
Fix the Sensitive Data Exposure in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinFileName",
+ "Url": "https://app2.testsparker.com/account/billing"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "81",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/contact"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 12:35 AM",
+ "HttpRequest": {
+ "Content": "GET /contact HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 113.2771,
+ "StatusCode": 200
+ },
+ "LookupId": "1d6dafbd-80b7-5b6b-b39b-0aaed2acc2a6",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in Query Parameter via PUT Request issue.
Fix the Unvalidated Redirect in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinQueryParameterviaPUTRequest",
+ "Url": "http://app1.testsparker.com/contact"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "257",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/settings.php?token=491"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 12:52 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?token=491 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 184.9096,
+ "StatusCode": 200
+ },
+ "LookupId": "4e9830b4-df97-5dad-a2cf-4660c4bfbe96",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in Query Parameter via PUT Request issue.
Fix the HTTP Response Splitting in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginQueryParameterviaPUTRequest",
+ "Url": "https://portal.testsparker.com/settings.php?token=491"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "207",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Information Disclosure in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v2/export?name=45"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 01:36 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export?name=45 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 324.4583,
+ "StatusCode": 200
+ },
+ "LookupId": "d836d210-b9a5-53f0-9922-4bb6c402b87c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in Multipart Data issue.
Fix the Information Disclosure in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "InformationDisclosureinMultipartData",
+ "Url": "https://shop.testsparker.com/api/v2/export?name=45"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "375",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Buffer Overflow in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/auth/reset.php?token=564"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 02:30 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php?token=564 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 215.312,
+ "StatusCode": 200
+ },
+ "LookupId": "f27dbaf9-9b61-57e5-a311-872521ef75c1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in Form Field via POST Request issue.
Fix the Buffer Overflow in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "BufferOverflowinFormFieldviaPOSTRequest",
+ "Url": "http://api.testsparker.com/auth/reset.php?token=564"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "140",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XML External Entity in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/help?name=463"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 08:43 AM",
+ "HttpRequest": {
+ "Content": "GET /help?name=463 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 379.5867,
+ "StatusCode": 200
+ },
+ "LookupId": "eb02dea1-e8fe-5bbc-9864-2294c822ae39",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in Cookie issue.
Fix the XML External Entity in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "XMLExternalEntityinCookie",
+ "Url": "https://docs.testsparker.com/help?name=463"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "434",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a SQL Injection in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/payment.php?id=1"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 04:38 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php?id=1 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 359.1392,
+ "StatusCode": 200
+ },
+ "LookupId": "b1518eb9-375a-52f8-b0c5-494fd38f4394",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in Multipart Data issue.
Fix the SQL Injection in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "SQLInjectioninMultipartData",
+ "Url": "http://blog.testsparker.com/payment.php?id=1"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "471",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "44"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/download.php?name=916"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 03:29 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?name=916 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 255.1053,
+ "StatusCode": 200
+ },
+ "LookupId": "c8a85f38-27f9-5c87-b4d2-015a71c5bb7a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in Header via PUT Request issue.
Fix the Missing Content-Security-Policy in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinHeaderviaPUTRequest",
+ "Url": "https://portal.testsparker.com/download.php?name=916"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "377",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/reports/view?sort=684"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 12:51 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?sort=684 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 62.5946,
+ "StatusCode": 200
+ },
+ "LookupId": "ce33a093-f811-5c88-8890-aaedf814935d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in Query Parameter via PUT Request issue.
Fix the Missing X-Frame-Options in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinQueryParameterviaPUTRequest",
+ "Url": "https://portal.testsparker.com/reports/view?sort=684"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "167",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/admin/dashboard?action=352"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 06:59 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?action=352 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 445.7602,
+ "StatusCode": 200
+ },
+ "LookupId": "b43e6810-1cea-5ee6-a518-ea399832bef7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in JSON Payload via POST Request issue.
Fix the Missing Content-Security-Policy in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinJSONPayloadviaPOSTRequest",
+ "Url": "http://api.testsparker.com/admin/dashboard?action=352"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "9",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "44"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Email Header Injection in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 10:06 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 169.4637,
+ "StatusCode": 200
+ },
+ "LookupId": "105eacec-483e-5122-be39-4bd546b6ef5f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in File Name issue.
Fix the Email Header Injection in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninFileName",
+ "Url": "http://api.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "112",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/reports/generate?name=236"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 03:38 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?name=236 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 57.1863,
+ "StatusCode": 200
+ },
+ "LookupId": "8056aaf0-7232-57cb-8adf-725cd947b21e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in File Name issue.
Fix the Cookie Not Marked as HttpOnly in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinFileName",
+ "Url": "https://shop.testsparker.com/reports/generate?name=236"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "229",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cross-site Scripting in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/reports/view"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 08:32 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 260.1019,
+ "StatusCode": 200
+ },
+ "LookupId": "9266544a-8485-5048-afbc-354bd025c918",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in File Name issue.
Fix the Cross-site Scripting in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginFileName",
+ "Url": "http://admin.testsparker.com/reports/view"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "569",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "3"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/help?q=801"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 08:53 AM",
+ "HttpRequest": {
+ "Content": "GET /help?q=801 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 314.1577,
+ "StatusCode": 200
+ },
+ "LookupId": "3053a0b0-42ba-5791-a908-0f79e872263f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in URL Path via POST Request issue.
Fix the Unvalidated Redirect in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinURLPathviaPOSTRequest",
+ "Url": "http://api.testsparker.com/help?q=801"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "505",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/reports/export?filter=727"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 06:05 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export?filter=727 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 109.8295,
+ "StatusCode": 200
+ },
+ "LookupId": "f4b0801c-3d27-5eb9-8bf4-24f4da7634de",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in Header via POST Request issue.
Fix the CORS Misconfiguration in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinHeaderviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/reports/export?filter=727"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "503",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/help?id=339"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 11:05 AM",
+ "HttpRequest": {
+ "Content": "GET /help?id=339 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 263.798,
+ "StatusCode": 200
+ },
+ "LookupId": "646bc0d6-66f9-5ca0-91b3-adcc3e46cb71",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in Multipart Data issue.
Fix the Server-Side Request Forgery in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinMultipartData",
+ "Url": "https://docs.testsparker.com/help?id=339"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "288",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "17"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Email Header Injection in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/files/download?q=747"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 07:12 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?q=747 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 242.2075,
+ "StatusCode": 200
+ },
+ "LookupId": "9561e1a0-e68c-5d5e-9f97-b0f377984de4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in Form Field via POST Request issue.
Fix the Email Header Injection in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninFormFieldviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/files/download?q=747"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "563",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CSRF in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/admin/dashboard"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 11:09 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 222.7313,
+ "StatusCode": 200
+ },
+ "LookupId": "ceb11310-853c-509a-9757-670a480c1c4f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in Cookie via PUT Request issue.
Fix the CSRF in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CSRFinCookieviaPUTRequest",
+ "Url": "http://admin.testsparker.com/admin/dashboard"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "237",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "2"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/profile.php"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 12:49 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 243.5351,
+ "StatusCode": 200
+ },
+ "LookupId": "aa594904-3074-5c2d-a2fc-d04ab5645caf",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in Multipart Data issue.
Fix the Insecure Direct Object Reference in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinMultipartData",
+ "Url": "http://app1.testsparker.com/profile.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "165",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v1/users"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 07:25 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 299.794,
+ "StatusCode": 200
+ },
+ "LookupId": "34f3c7c7-36ee-5958-81c3-42b514072e8a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in URL Path via PUT Request issue.
Fix the CORS Misconfiguration in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinURLPathviaPUTRequest",
+ "Url": "https://app2.testsparker.com/api/v1/users"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "406",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v2/search"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 05:20 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 287.1523,
+ "StatusCode": 200
+ },
+ "LookupId": "9192ab92-da78-58f0-ab5d-0e62599ab863",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in POST Body issue.
Fix the Missing Content-Security-Policy in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinPOSTBody",
+ "Url": "http://admin.testsparker.com/api/v2/search"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "69",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "3"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Race Condition in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/account/security?ref=100"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 06:41 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?ref=100 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 63.5877,
+ "StatusCode": 200
+ },
+ "LookupId": "63869af4-6a2a-58fe-ad5e-139a4ad15467",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in URL Path issue.
Fix the Race Condition in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "RaceConditioninURLPath",
+ "Url": "https://portal.testsparker.com/account/security?ref=100"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "641",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/reports/export?q=19"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 01:40 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export?q=19 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 136.2629,
+ "StatusCode": 200
+ },
+ "LookupId": "f1034f7a-89cc-55c1-a653-56d37f5170c8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in Multipart Data issue.
Fix the Unvalidated Redirect in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinMultipartData",
+ "Url": "https://shop.testsparker.com/reports/export?q=19"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "135",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 03:37 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 370.8411,
+ "StatusCode": 200
+ },
+ "LookupId": "e6ec8137-5355-51b9-a6f0-5d9ef825944b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in URL Path via PUT Request issue.
Fix the File Upload Vulnerability in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinURLPathviaPUTRequest",
+ "Url": "https://shop.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "315",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a SQL Injection in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/profile.php"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 05:54 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 97.6044,
+ "StatusCode": 200
+ },
+ "LookupId": "d886beb9-c16d-5730-b486-b5bfa834f43e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in POST Body via PUT Request issue.
Fix the SQL Injection in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "SQLInjectioninPOSTBodyviaPUTRequest",
+ "Url": "https://shop.testsparker.com/profile.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "512",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Information Disclosure in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/settings.php?filter=236"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 08:46 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?filter=236 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 324.4303,
+ "StatusCode": 200
+ },
+ "LookupId": "b274e4cc-7028-50a3-9abf-44a5f5ca6ef9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in URL Path issue.
Fix the Information Disclosure in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InformationDisclosureinURLPath",
+ "Url": "http://blog.testsparker.com/settings.php?filter=236"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "533",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XML External Entity in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/payment.php?ref=245"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 02:40 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php?ref=245 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 228.7635,
+ "StatusCode": 200
+ },
+ "LookupId": "85414af5-655f-5baa-bb50-5fd384eadf95",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in JSON Payload via POST Request issue.
Fix the XML External Entity in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "XMLExternalEntityinJSONPayloadviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/payment.php?ref=245"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "603",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/cart.php?name=802"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 10:55 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php?name=802 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 148.1784,
+ "StatusCode": 200
+ },
+ "LookupId": "7f29d7aa-11d0-5c2a-9891-8427b9f648ec",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in Form Field via POST Request issue.
Fix the Missing X-Frame-Options in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinFormFieldviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/cart.php?name=802"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "498",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Password Policy in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/reports/export?action=263"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 09:41 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export?action=263 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 452.1848,
+ "StatusCode": 200
+ },
+ "LookupId": "4826ce70-6424-5d02-b413-7bf0d7330c38",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in Multipart Data issue.
Fix the Weak Password Policy in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinMultipartData",
+ "Url": "http://blog.testsparker.com/reports/export?action=263"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "624",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a NoSQL Injection in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/blog/edit.php?filter=501"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 06:32 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php?filter=501 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 413.3867,
+ "StatusCode": 200
+ },
+ "LookupId": "dd158007-3a7c-5714-b8a2-8a3a9c106086",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in Cookie via PUT Request issue.
Fix the NoSQL Injection in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "NoSQLInjectioninCookieviaPUTRequest",
+ "Url": "http://blog.testsparker.com/blog/edit.php?filter=501"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "105",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a SQL Injection vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/auth/register.php"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 07:02 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 24.6006,
+ "StatusCode": 200
+ },
+ "LookupId": "a6077245-1b19-561f-8a85-790be13dbaf7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection issue.
Fix the SQL Injection vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "SQLInjection",
+ "Url": "https://app2.testsparker.com/auth/register.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "682",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "3"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Clickjacking in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/reports/view?name=10"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 09:50 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?name=10 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 13.5584,
+ "StatusCode": 200
+ },
+ "LookupId": "3fb17540-baee-57c8-ae32-9c8bd5ee4edc",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in XML Input via POST Request issue.
Fix the Clickjacking in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "ClickjackinginXMLInputviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/reports/view?name=10"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "647",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v2/search"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 09:10 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 474.8631,
+ "StatusCode": 200
+ },
+ "LookupId": "5889ef3f-91bb-577e-8724-2ca615152368",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in Multipart Data via POST Request issue.
Fix the Server-Side Request Forgery in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinMultipartDataviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/api/v2/search"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "214",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XML External Entity in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/auth/register.php?ref=127"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 07:12 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?ref=127 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 110.7598,
+ "StatusCode": 200
+ },
+ "LookupId": "3d2dc880-cf72-504b-ab59-8c0c32b00892",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in URL Path via PUT Request issue.
Fix the XML External Entity in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "XMLExternalEntityinURLPathviaPUTRequest",
+ "Url": "https://shop.testsparker.com/auth/register.php?ref=127"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "225",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Buffer Overflow vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/admin/dashboard"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 09:15 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 459.5603,
+ "StatusCode": 200
+ },
+ "LookupId": "ae0c593e-c256-5f67-aabb-8df42f4dbee7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow issue.
Fix the Buffer Overflow vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "BufferOverflow",
+ "Url": "https://portal.testsparker.com/admin/dashboard"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "302",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "3"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/payment.php?name=8"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 05:18 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php?name=8 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 497.5151,
+ "StatusCode": 200
+ },
+ "LookupId": "dafa852c-5472-5076-90b9-c4c468c7c984",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in Cookie issue.
Fix the File Upload Vulnerability in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinCookie",
+ "Url": "http://api.testsparker.com/payment.php?name=8"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "288",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "22"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HSTS Missing in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/products.php?filter=819"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 09:53 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php?filter=819 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 91.325,
+ "StatusCode": 200
+ },
+ "LookupId": "d365fc20-437f-5002-bf28-9d6c0386ceea",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in Query Parameter issue.
Fix the HSTS Missing in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "HSTSMissinginQueryParameter",
+ "Url": "http://app1.testsparker.com/products.php?filter=819"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "517",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "12"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Clickjacking in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/account/billing?id=462"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 12:28 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing?id=462 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 495.5832,
+ "StatusCode": 200
+ },
+ "LookupId": "f7f9b09f-b98a-5625-8506-d8624c351cee",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in Cookie issue.
Fix the Clickjacking in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "ClickjackinginCookie",
+ "Url": "https://docs.testsparker.com/account/billing?id=462"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "340",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "11"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Clickjacking in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/admin/logs?sort=42"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 11:17 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?sort=42 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 68.2082,
+ "StatusCode": 200
+ },
+ "LookupId": "8037077b-b2d4-5e28-a3d6-cb15fb930c38",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in Form Field via POST Request issue.
Fix the Clickjacking in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "ClickjackinginFormFieldviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/admin/logs?sort=42"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "350",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Buffer Overflow in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/auth/register.php"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 12:24 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 265.1517,
+ "StatusCode": 200
+ },
+ "LookupId": "2e9f063f-3c1e-597a-a0e1-1a903a3d31e8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in Multipart Data issue.
Fix the Buffer Overflow in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "BufferOverflowinMultipartData",
+ "Url": "http://blog.testsparker.com/auth/register.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "162",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cleartext Transmission in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/download.php?filter=283"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 02:27 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?filter=283 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 122.336,
+ "StatusCode": 200
+ },
+ "LookupId": "9d97a188-723e-5c21-ba89-44638b83c364",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in POST Body via PUT Request issue.
Fix the Cleartext Transmission in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CleartextTransmissioninPOSTBodyviaPUTRequest",
+ "Url": "https://app2.testsparker.com/download.php?filter=283"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "608",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Version Disclosure in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/admin/config?q=771"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 07:30 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/config?q=771 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 418.7072,
+ "StatusCode": 200
+ },
+ "LookupId": "049d638a-023c-5ecb-b653-82264c2a541d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in Cookie via PUT Request issue.
Fix the Version Disclosure in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "VersionDisclosureinCookieviaPUTRequest",
+ "Url": "http://admin.testsparker.com/admin/config?q=771"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "330",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Command Injection in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/account/security?page=855"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 03:55 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?page=855 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 318.4732,
+ "StatusCode": 200
+ },
+ "LookupId": "07caed60-6dad-5fe9-b44f-d96f0cfbf6b0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in URL Path issue.
Fix the Command Injection in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CommandInjectioninURLPath",
+ "Url": "http://blog.testsparker.com/account/security?page=855"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "303",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "44"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Clickjacking in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/download.php?page=157"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 09:35 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?page=157 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 167.3598,
+ "StatusCode": 200
+ },
+ "LookupId": "81efb965-ec9f-51e6-861d-b1ad1eede48f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in Multipart Data issue.
Fix the Clickjacking in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "ClickjackinginMultipartData",
+ "Url": "http://api.testsparker.com/download.php?page=157"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "688",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/auth/reset.php?type=635"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 03:16 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php?type=635 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 93.2346,
+ "StatusCode": 200
+ },
+ "LookupId": "83a724d6-d996-5014-ac66-3aff3a07d308",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in Header via POST Request issue.
Fix the Sensitive Data Exposure in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinHeaderviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/auth/reset.php?type=635"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "665",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Mass Assignment in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/files/upload?ref=781"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 11:28 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload?ref=781 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 339.4005,
+ "StatusCode": 200
+ },
+ "LookupId": "711cb4b2-4876-59ef-97c4-2504d5dd26e2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in URL Path via POST Request issue.
Fix the Mass Assignment in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "MassAssignmentinURLPathviaPOSTRequest",
+ "Url": "http://api.testsparker.com/files/upload?ref=781"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "675",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XML External Entity in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/help?name=463"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 01:03 AM",
+ "HttpRequest": {
+ "Content": "GET /help?name=463 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 499.3075,
+ "StatusCode": 200
+ },
+ "LookupId": "d8c929c1-4f6f-507e-9fab-26e7fec794c5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in Cookie issue.
Fix the XML External Entity in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "XMLExternalEntityinCookie",
+ "Url": "https://docs.testsparker.com/help?name=463"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "641",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Race Condition in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v2/webhook"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 06:22 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 211.8455,
+ "StatusCode": 200
+ },
+ "LookupId": "08cd5b5a-c442-5555-94b9-da41dbae339f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in Cookie via POST Request issue.
Fix the Race Condition in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "RaceConditioninCookieviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/api/v2/webhook"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "679",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "38"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Command Injection in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/api/v2/export"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 05:20 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 76.8613,
+ "StatusCode": 200
+ },
+ "LookupId": "cc514c64-02c8-5baf-b03a-88a26fe538f5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in XML Input issue.
Fix the Command Injection in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CommandInjectioninXMLInput",
+ "Url": "http://api.testsparker.com/api/v2/export"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "438",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cross-site Scripting in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v2/search?sort=69"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 05:32 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?sort=69 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 404.0221,
+ "StatusCode": 200
+ },
+ "LookupId": "ba8af3f3-bd7c-57e7-b5b1-2e440ee47694",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in Header via POST Request issue.
Fix the Cross-site Scripting in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginHeaderviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/api/v2/search?sort=69"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "198",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "3"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a SQL Injection in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/help?token=504"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 01:59 AM",
+ "HttpRequest": {
+ "Content": "GET /help?token=504 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 142.2308,
+ "StatusCode": 200
+ },
+ "LookupId": "2447fab8-caa2-554b-9881-b1e0df9caf1e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in Query Parameter issue.
Fix the SQL Injection in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "SQLInjectioninQueryParameter",
+ "Url": "https://docs.testsparker.com/help?token=504"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "588",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "11"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Version Disclosure in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/products.php?type=327"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 10:57 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php?type=327 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 175.9821,
+ "StatusCode": 200
+ },
+ "LookupId": "cc6c0927-8267-5855-b42e-3ad526ebce5b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in Query Parameter issue.
Fix the Version Disclosure in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "VersionDisclosureinQueryParameter",
+ "Url": "https://app2.testsparker.com/products.php?type=327"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "483",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "40"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/blog/post.php"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 04:41 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 40.9764,
+ "StatusCode": 200
+ },
+ "LookupId": "68edb4cf-2d5f-5614-9d1e-d6eca209b40d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in POST Body issue.
Fix the Insecure Direct Object Reference in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinPOSTBody",
+ "Url": "http://admin.testsparker.com/blog/post.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "613",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "38"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/dashboard?action=446"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 02:06 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?action=446 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 50.2265,
+ "StatusCode": 200
+ },
+ "LookupId": "7c833001-9ecb-50f7-9fda-1f45b1b0b422",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in File Name issue.
Fix the File Upload Vulnerability in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinFileName",
+ "Url": "https://app2.testsparker.com/admin/dashboard?action=446"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "150",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "2"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 12:42 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 127.9341,
+ "StatusCode": 200
+ },
+ "LookupId": "6241862a-71f1-53a9-aeff-0fe95b8b15ad",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in Query Parameter via PUT Request issue.
Fix the Missing Content-Security-Policy in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinQueryParameterviaPUTRequest",
+ "Url": "http://admin.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "117",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Cryptography in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v2/search?q=856"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 04:27 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?q=856 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 175.2981,
+ "StatusCode": 200
+ },
+ "LookupId": "9eaf82c1-4e2a-56ac-8fac-73446807b133",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in POST Body via POST Request issue.
Fix the Weak Cryptography in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "WeakCryptographyinPOSTBodyviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/api/v2/search?q=856"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "464",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "15"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/checkout.php?filter=949"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 03:49 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php?filter=949 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 387.3718,
+ "StatusCode": 200
+ },
+ "LookupId": "f61658fc-3c18-5665-a725-4e5654a984f7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in JSON Payload issue.
Fix the HTTP Response Splitting in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginJSONPayload",
+ "Url": "http://api.testsparker.com/checkout.php?filter=949"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "622",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Integer Overflow in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/config?type=394"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 03:36 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/config?type=394 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 116.7258,
+ "StatusCode": 200
+ },
+ "LookupId": "530c499f-cf0c-5f9f-9444-157a09f97713",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in Form Field via POST Request issue.
Fix the Integer Overflow in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "IntegerOverflowinFormFieldviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/admin/config?type=394"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "31",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Broken Authentication in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/dashboard?page=647"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 04:56 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?page=647 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 138.3794,
+ "StatusCode": 200
+ },
+ "LookupId": "cf33f854-7c84-5e96-b0f6-b6f54433b8d2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in JSON Payload via POST Request issue.
Fix the Broken Authentication in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinJSONPayloadviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/admin/dashboard?page=647"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "308",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Deserialization in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/download.php?q=677"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 11:27 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?q=677 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 282.3668,
+ "StatusCode": 200
+ },
+ "LookupId": "12715efa-a59c-56f0-9acf-e0c1c4228993",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in URL Path issue.
Fix the Insecure Deserialization in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InsecureDeserializationinURLPath",
+ "Url": "https://shop.testsparker.com/download.php?q=677"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "247",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "15"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Deserialization in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v1/users"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 06:53 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 125.8175,
+ "StatusCode": 200
+ },
+ "LookupId": "9dc7241b-1ae5-5e0b-a280-d69da9243810",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in URL Path via POST Request issue.
Fix the Insecure Deserialization in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureDeserializationinURLPathviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/api/v1/users"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "321",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HSTS Missing in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v1/products?id=447"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 11:26 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products?id=447 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 151.8625,
+ "StatusCode": 200
+ },
+ "LookupId": "16feaf2a-16f8-59bf-ba4d-7fd92b6f702d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in Cookie issue.
Fix the HSTS Missing in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "HSTSMissinginCookie",
+ "Url": "https://shop.testsparker.com/api/v1/products?id=447"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "204",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Session Fixation in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/reports/export"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 04:59 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 269.4135,
+ "StatusCode": 200
+ },
+ "LookupId": "4b3fd117-4501-50d7-a4f0-b896604a6a41",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in Multipart Data issue.
Fix the Session Fixation in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "SessionFixationinMultipartData",
+ "Url": "https://shop.testsparker.com/reports/export"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "427",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Open Redirect in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/contact"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 03:48 AM",
+ "HttpRequest": {
+ "Content": "GET /contact HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 273.5848,
+ "StatusCode": 200
+ },
+ "LookupId": "6eafd9a2-c326-50a5-a6e9-83ab7b9c7cbb",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in URL Path issue.
Fix the Open Redirect in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "OpenRedirectinURLPath",
+ "Url": "http://app1.testsparker.com/contact"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "56",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/reports/export?type=287"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 01:32 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export?type=287 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 180.1716,
+ "StatusCode": 200
+ },
+ "LookupId": "5e02d238-cc75-5c74-8b4b-c5a54950faa5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in File Name issue.
Fix the DNS Zone Transfer in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "DNSZoneTransferinFileName",
+ "Url": "http://admin.testsparker.com/reports/export?type=287"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "156",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "38"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Information Disclosure in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/settings.php"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 11:29 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 195.8935,
+ "StatusCode": 200
+ },
+ "LookupId": "e42bfcd8-f0aa-5b71-812c-0cc1d7ae01ac",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in POST Body via PUT Request issue.
Fix the Information Disclosure in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "InformationDisclosureinPOSTBodyviaPUTRequest",
+ "Url": "http://blog.testsparker.com/settings.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "391",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/admin/logs"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 05:01 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 489.1928,
+ "StatusCode": 200
+ },
+ "LookupId": "2b294011-2629-50f6-975f-21278f4fbfd6",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in POST Body issue.
Fix the Unvalidated Redirect in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinPOSTBody",
+ "Url": "http://admin.testsparker.com/admin/logs"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "562",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cross-site Scripting in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/files/download"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 07:25 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 132.4491,
+ "StatusCode": 200
+ },
+ "LookupId": "6206e230-a3f8-5031-8327-5ea396b7b4ea",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in Multipart Data issue.
Fix the Cross-site Scripting in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginMultipartData",
+ "Url": "http://app1.testsparker.com/files/download"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "352",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "38"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/reports/view?sort=684"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 07:12 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?sort=684 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 93.5943,
+ "StatusCode": 200
+ },
+ "LookupId": "d703095e-cfe1-5e42-a534-6824c17a2769",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in Query Parameter via PUT Request issue.
Fix the Missing X-Frame-Options in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinQueryParameterviaPUTRequest",
+ "Url": "https://portal.testsparker.com/reports/view?sort=684"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "472",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a LDAP Injection in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v2/search?name=763"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 11:33 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?name=763 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 231.794,
+ "StatusCode": 200
+ },
+ "LookupId": "b88a7d6b-1002-577a-b9c7-c978069277c9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in Multipart Data via POST Request issue.
Fix the LDAP Injection in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "LDAPInjectioninMultipartDataviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/api/v2/search?name=763"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "132",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a LDAP Injection in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/blog/post.php"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 06:57 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 148.7654,
+ "StatusCode": 200
+ },
+ "LookupId": "7831d483-c229-5de9-ab6c-bdb982aec290",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in Cookie via PUT Request issue.
Fix the LDAP Injection in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "LDAPInjectioninCookieviaPUTRequest",
+ "Url": "https://docs.testsparker.com/blog/post.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "558",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Deserialization in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v1/orders"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 05:02 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 473.6452,
+ "StatusCode": 200
+ },
+ "LookupId": "a1dca56b-1d59-5691-a277-9a4d42a369e2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in Form Field via POST Request issue.
Fix the Insecure Deserialization in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InsecureDeserializationinFormFieldviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/api/v1/orders"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "47",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "15"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/download.php"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 05:35 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 468.0315,
+ "StatusCode": 200
+ },
+ "LookupId": "3d01a6ce-c23a-5ffa-8b22-d6cb7ef290cc",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in URL Path issue.
Fix the Missing X-Frame-Options in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinURLPath",
+ "Url": "https://docs.testsparker.com/download.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "320",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "34"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cleartext Transmission in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/blog/post.php"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 02:39 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 35.5518,
+ "StatusCode": 200
+ },
+ "LookupId": "f87e61ff-5aa7-5e92-a4b7-f781ddfc13e9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in Multipart Data issue.
Fix the Cleartext Transmission in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CleartextTransmissioninMultipartData",
+ "Url": "https://portal.testsparker.com/blog/post.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "272",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v2/webhook?page=603"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 02:47 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?page=603 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 41.1434,
+ "StatusCode": 200
+ },
+ "LookupId": "eb8fc2be-be79-58bf-8745-ebfaf1613b2a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in Cookie issue.
Fix the Server-Side Request Forgery in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinCookie",
+ "Url": "http://app1.testsparker.com/api/v2/webhook?page=603"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "76",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "29"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Remote Code Execution in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/help?page=869"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 06:26 AM",
+ "HttpRequest": {
+ "Content": "GET /help?page=869 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 47.6049,
+ "StatusCode": 200
+ },
+ "LookupId": "65a1569b-ac18-580e-b047-209f8c1526e6",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in File Name issue.
Fix the Remote Code Execution in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninFileName",
+ "Url": "http://blog.testsparker.com/help?page=869"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "210",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v1/products?type=272"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 11:41 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products?type=272 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 383.5631,
+ "StatusCode": 200
+ },
+ "LookupId": "f44ff590-f497-5122-a2d8-0ba85e2da378",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure issue.
Fix the Sensitive Data Exposure vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "SensitiveDataExposure",
+ "Url": "https://app2.testsparker.com/api/v1/products?type=272"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "300",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/blog/post.php"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 09:45 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 58.8058,
+ "StatusCode": 200
+ },
+ "LookupId": "a64edb4d-7bb5-5427-adb4-064a1e777121",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in Multipart Data issue.
Fix the HTTP Response Splitting in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginMultipartData",
+ "Url": "https://app2.testsparker.com/blog/post.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "310",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "15"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cross-site Scripting in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/files/download"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 11:37 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 424.3138,
+ "StatusCode": 200
+ },
+ "LookupId": "14cb80cb-9dfc-51f6-a6db-a5fe8606fde4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in Multipart Data issue.
Fix the Cross-site Scripting in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginMultipartData",
+ "Url": "http://app1.testsparker.com/files/download"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "282",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Command Injection in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/files/list?id=745"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 11:25 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?id=745 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 188.0225,
+ "StatusCode": 200
+ },
+ "LookupId": "01b74aca-4437-517a-acd0-ed1b4b2c603c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in Header issue.
Fix the Command Injection in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CommandInjectioninHeader",
+ "Url": "http://api.testsparker.com/files/list?id=745"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "533",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/cart.php?sort=683"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 09:37 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php?sort=683 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 104.3521,
+ "StatusCode": 200
+ },
+ "LookupId": "a3b5663c-fe00-5844-a3ee-2f048cc43735",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in URL Path via POST Request issue.
Fix the Insecure HTTP Method in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinURLPathviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/cart.php?sort=683"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "619",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/products.php?page=318"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 12:43 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php?page=318 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 234.8887,
+ "StatusCode": 200
+ },
+ "LookupId": "5685f971-a2b9-56bf-a544-290d5174e4fa",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in JSON Payload via POST Request issue.
Fix the Unvalidated Redirect in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinJSONPayloadviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/products.php?page=318"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "475",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Command Injection in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/account/security?page=855"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 07:52 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?page=855 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 122.5354,
+ "StatusCode": 200
+ },
+ "LookupId": "2b18a18b-e847-5d57-93bd-e5db8ad01001",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in URL Path issue.
Fix the Command Injection in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CommandInjectioninURLPath",
+ "Url": "http://blog.testsparker.com/account/security?page=855"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "499",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Clickjacking in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/api/v2/webhook?sort=536"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 04:29 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?sort=536 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 73.9029,
+ "StatusCode": 200
+ },
+ "LookupId": "37e7129a-09f6-51db-8930-49459f2c1082",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in POST Body via POST Request issue.
Fix the Clickjacking in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "ClickjackinginPOSTBodyviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/api/v2/webhook?sort=536"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "327",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Command Injection in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/admin/dashboard"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 07:17 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 413.6182,
+ "StatusCode": 200
+ },
+ "LookupId": "7bf23c18-f725-52cc-b9ca-ebd368dd3275",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in Header via POST Request issue.
Fix the Command Injection in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CommandInjectioninHeaderviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/admin/dashboard"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "186",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Information Disclosure in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v2/search"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 10:08 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 136.9399,
+ "StatusCode": 200
+ },
+ "LookupId": "197ff653-937c-5416-a29b-481e101052fa",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in Form Field via POST Request issue.
Fix the Information Disclosure in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "InformationDisclosureinFormFieldviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/api/v2/search"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "413",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/download.php?sort=52"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 10:28 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?sort=52 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 53.1297,
+ "StatusCode": 200
+ },
+ "LookupId": "bc979e12-c8da-5547-b5c4-fbada9e9519d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in Form Field issue.
Fix the Cookie Not Marked as HttpOnly in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinFormField",
+ "Url": "https://docs.testsparker.com/download.php?sort=52"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "94",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cross-site Scripting in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/files/upload"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 09:39 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 319.3693,
+ "StatusCode": 200
+ },
+ "LookupId": "8c6e4175-3567-5b41-9a6f-ea45f609cc9a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in Form Field issue.
Fix the Cross-site Scripting in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginFormField",
+ "Url": "http://api.testsparker.com/files/upload"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "673",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a DNS Zone Transfer vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/checkout.php"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 08:12 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 402.9511,
+ "StatusCode": 200
+ },
+ "LookupId": "0391094b-2053-545b-b829-4ba4b2b36950",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer issue.
Fix the DNS Zone Transfer vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "DNSZoneTransfer",
+ "Url": "http://api.testsparker.com/checkout.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "346",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "3"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Integer Overflow in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v1/users"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 10:38 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 209.2018,
+ "StatusCode": 200
+ },
+ "LookupId": "5e9eea1f-a513-5287-bc88-da3da19b959d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in POST Body via PUT Request issue.
Fix the Integer Overflow in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "IntegerOverflowinPOSTBodyviaPUTRequest",
+ "Url": "https://portal.testsparker.com/api/v1/users"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "174",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/users"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 02:56 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 364.8956,
+ "StatusCode": 200
+ },
+ "LookupId": "e5eedc1d-e75e-5973-97c7-33e0c48e3917",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in Cookie via PUT Request issue.
Fix the File Upload Vulnerability in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinCookieviaPUTRequest",
+ "Url": "https://app2.testsparker.com/admin/users"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "400",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "44"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/search"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 08:51 AM",
+ "HttpRequest": {
+ "Content": "GET /search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 485.7614,
+ "StatusCode": 200
+ },
+ "LookupId": "5015d92b-5049-5057-80db-45066cb3cd0d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in URL Path via POST Request issue.
Fix the Server-Side Request Forgery in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinURLPathviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/search"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "371",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Open Redirect in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/download.php?action=301"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 02:44 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?action=301 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 128.1128,
+ "StatusCode": 200
+ },
+ "LookupId": "a8f41deb-ae84-53ef-a242-6f773b9d34ce",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in POST Body via PUT Request issue.
Fix the Open Redirect in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "OpenRedirectinPOSTBodyviaPUTRequest",
+ "Url": "https://docs.testsparker.com/download.php?action=301"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "256",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v2/webhook"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 07:02 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 311.6182,
+ "StatusCode": 200
+ },
+ "LookupId": "f57b415b-5479-5187-9c10-b2e01aca450b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in Query Parameter via PUT Request issue.
Fix the Insecure Direct Object Reference in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinQueryParameterviaPUTRequest",
+ "Url": "https://portal.testsparker.com/api/v2/webhook"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "676",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v1/orders?sort=729"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 02:04 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders?sort=729 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 486.165,
+ "StatusCode": 200
+ },
+ "LookupId": "b00d10d7-65a5-5ab0-bf10-3d8f22a8f92a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in Multipart Data via POST Request issue.
Fix the CORS Misconfiguration in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinMultipartDataviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/api/v1/orders?sort=729"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "134",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/reports/view?name=96"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 02:26 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?name=96 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 183.2631,
+ "StatusCode": 200
+ },
+ "LookupId": "7926e8fb-4f47-590f-99b5-45ff8c660cde",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in Cookie issue.
Fix the Cookie Not Marked as HttpOnly in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinCookie",
+ "Url": "http://api.testsparker.com/reports/view?name=96"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "141",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "40"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a NoSQL Injection in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/admin/logs"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 01:42 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 453.5403,
+ "StatusCode": 200
+ },
+ "LookupId": "1316a533-6760-54a5-baef-3c303ca17e7c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in Header issue.
Fix the NoSQL Injection in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "NoSQLInjectioninHeader",
+ "Url": "https://portal.testsparker.com/admin/logs"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "622",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Information Disclosure in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/blog/post.php?token=981"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 08:52 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php?token=981 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 365.7556,
+ "StatusCode": 200
+ },
+ "LookupId": "8f45ba0e-6d2b-57ad-a893-e2c0c74c1148",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in Header via PUT Request issue.
Fix the Information Disclosure in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InformationDisclosureinHeaderviaPUTRequest",
+ "Url": "https://docs.testsparker.com/blog/post.php?token=981"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "147",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "44"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a NoSQL Injection in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/admin/config"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 07:00 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/config HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 285.7287,
+ "StatusCode": 200
+ },
+ "LookupId": "f11f6072-375b-542a-b462-064e42306355",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in JSON Payload via PUT Request issue.
Fix the NoSQL Injection in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "NoSQLInjectioninJSONPayloadviaPUTRequest",
+ "Url": "http://app1.testsparker.com/admin/config"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "23",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "17"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/search"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 11:08 AM",
+ "HttpRequest": {
+ "Content": "GET /search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 195.6722,
+ "StatusCode": 200
+ },
+ "LookupId": "3a841aba-f34d-58d7-bf5c-24ce473e47dd",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in JSON Payload via POST Request issue.
Fix the File Upload Vulnerability in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinJSONPayloadviaPOSTRequest",
+ "Url": "http://api.testsparker.com/search"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "137",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v1/orders?id=209"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 03:18 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders?id=209 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 235.5903,
+ "StatusCode": 200
+ },
+ "LookupId": "90950b28-4352-5672-90d8-0d0ba293806d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in File Name via POST Request issue.
Fix the Missing X-Frame-Options in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinFileNameviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/api/v1/orders?id=209"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "399",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Email Header Injection in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/account/security?ref=515"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 09:41 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?ref=515 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 108.126,
+ "StatusCode": 200
+ },
+ "LookupId": "862c458e-4662-5c1d-85f6-0c69132c9bf1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in URL Path via POST Request issue.
Fix the Email Header Injection in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninURLPathviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/account/security?ref=515"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "509",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Remote Code Execution in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 09:17 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 402.5626,
+ "StatusCode": 200
+ },
+ "LookupId": "c68f1982-efeb-5aa2-beb9-be149f63cd4d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in Header issue.
Fix the Remote Code Execution in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninHeader",
+ "Url": "http://blog.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "330",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Mass Assignment in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/upload.php"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 10:39 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 126.1388,
+ "StatusCode": 200
+ },
+ "LookupId": "234facd4-ca4f-5656-89ab-13273745ec74",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in XML Input via POST Request issue.
Fix the Mass Assignment in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "MassAssignmentinXMLInputviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/upload.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "619",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Email Header Injection in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/reports/view?ref=473"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 12:50 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?ref=473 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 62.4208,
+ "StatusCode": 200
+ },
+ "LookupId": "d3ffca3a-344e-5cd1-a7bf-b562371a47f7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in Query Parameter issue.
Fix the Email Header Injection in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninQueryParameter",
+ "Url": "https://app2.testsparker.com/reports/view?ref=473"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "203",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Deserialization in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/download.php?id=763"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 11:28 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?id=763 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 120.5563,
+ "StatusCode": 200
+ },
+ "LookupId": "79dd9f5e-6fce-5856-9b98-1e7ff8f1725a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in Multipart Data issue.
Fix the Insecure Deserialization in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InsecureDeserializationinMultipartData",
+ "Url": "http://admin.testsparker.com/download.php?id=763"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "230",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v2/webhook"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 06:24 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 455.9819,
+ "StatusCode": 200
+ },
+ "LookupId": "363168d8-91f8-5c5a-b1f8-941abebf8fce",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in XML Input via POST Request issue.
Fix the HTTP Response Splitting in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginXMLInputviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/api/v2/webhook"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "346",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "44"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Mass Assignment in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/upload.php"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 07:25 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 45.1934,
+ "StatusCode": 200
+ },
+ "LookupId": "826e6e3a-6676-54e9-a0a3-5d4213291378",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in XML Input via POST Request issue.
Fix the Mass Assignment in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "MassAssignmentinXMLInputviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/upload.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "699",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HSTS Missing in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v2/search?action=969"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 04:03 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?action=969 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 403.3353,
+ "StatusCode": 200
+ },
+ "LookupId": "d715dddf-d412-527d-ae12-73dce5a9e5da",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in Multipart Data via POST Request issue.
Fix the HSTS Missing in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "HSTSMissinginMultipartDataviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/api/v2/search?action=969"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "484",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a SQL Injection in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/admin/users?action=225"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 02:15 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users?action=225 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 331.8636,
+ "StatusCode": 200
+ },
+ "LookupId": "e208703e-aff0-5abd-9ac9-21a2ae4ab697",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in XML Input issue.
Fix the SQL Injection in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "SQLInjectioninXMLInput",
+ "Url": "http://admin.testsparker.com/admin/users?action=225"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "298",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "3"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XPath Injection in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/upload.php"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 05:57 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 281.7201,
+ "StatusCode": 200
+ },
+ "LookupId": "f033a20c-c083-5682-8d88-65db9a253d87",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in Query Parameter issue.
Fix the XPath Injection in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "XPathInjectioninQueryParameter",
+ "Url": "http://api.testsparker.com/upload.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "617",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Deserialization in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/reports/export"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 11:42 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 444.0025,
+ "StatusCode": 200
+ },
+ "LookupId": "b2bca42b-056d-5584-8629-d4d988f1ec97",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in Header via POST Request issue.
Fix the Insecure Deserialization in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "InsecureDeserializationinHeaderviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/reports/export"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "456",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HSTS Missing in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/auth/login.php?id=379"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 02:45 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php?id=379 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 356.0979,
+ "StatusCode": 200
+ },
+ "LookupId": "0047ca60-d74e-54af-92f7-9b45cb63bf2e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in POST Body via PUT Request issue.
Fix the HSTS Missing in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "HSTSMissinginPOSTBodyviaPUTRequest",
+ "Url": "https://portal.testsparker.com/auth/login.php?id=379"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "193",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/admin/logs?action=201"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 07:40 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?action=201 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 419.6598,
+ "StatusCode": 200
+ },
+ "LookupId": "a81d2488-a9cd-5e37-a0f8-b6f014a10f36",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in Multipart Data issue.
Fix the DNS Zone Transfer in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "DNSZoneTransferinMultipartData",
+ "Url": "https://docs.testsparker.com/admin/logs?action=201"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "677",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Buffer Overflow in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/auth/reset.php?type=436"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 05:37 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php?type=436 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 50.0671,
+ "StatusCode": 200
+ },
+ "LookupId": "e1c33b2c-44b2-5759-9880-b4d45c0461a0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in Header via POST Request issue.
Fix the Buffer Overflow in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "BufferOverflowinHeaderviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/auth/reset.php?type=436"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "134",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XML External Entity in XML Input via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/search?ref=676"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 07:12 AM",
+ "HttpRequest": {
+ "Content": "GET /search?ref=676 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 453.2221,
+ "StatusCode": 200
+ },
+ "LookupId": "0a5a904d-a2a9-5054-b94d-4c1fa7b0a63a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in XML Input via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in XML Input via PUT Request issue.
Fix the XML External Entity in XML Input via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "XMLExternalEntityinXMLInputviaPUTRequest",
+ "Url": "http://blog.testsparker.com/search?ref=676"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "6",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "11"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XPath Injection in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/cart.php?token=339"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 08:30 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php?token=339 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 328.764,
+ "StatusCode": 200
+ },
+ "LookupId": "755df3e1-c756-59ae-af0d-8a5369e2d088",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in Header issue.
Fix the XPath Injection in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "XPathInjectioninHeader",
+ "Url": "https://portal.testsparker.com/cart.php?token=339"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "111",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "15"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Mass Assignment in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/users?q=745"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 03:49 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users?q=745 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 484.8639,
+ "StatusCode": 200
+ },
+ "LookupId": "17936cca-3e6f-5c87-be71-d34c02b47275",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in Multipart Data issue.
Fix the Mass Assignment in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "MassAssignmentinMultipartData",
+ "Url": "https://app2.testsparker.com/admin/users?q=745"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "217",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Integer Overflow in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 11:06 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 222.5615,
+ "StatusCode": 200
+ },
+ "LookupId": "2d65b5cb-da7e-5d0a-b825-72315e152e07",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in Header via POST Request issue.
Fix the Integer Overflow in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "IntegerOverflowinHeaderviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "645",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "29"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/blog/edit.php?q=62"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 06:23 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php?q=62 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 284.5715,
+ "StatusCode": 200
+ },
+ "LookupId": "8b77b15f-db88-5662-8ae5-21bf0a75bbf9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in File Name issue.
Fix the HTTP Response Splitting in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginFileName",
+ "Url": "http://app1.testsparker.com/blog/edit.php?q=62"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "403",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a HSTS Missing in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v2/webhook?id=738"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 08:51 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?id=738 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 231.7291,
+ "StatusCode": 200
+ },
+ "LookupId": "73f786df-16c1-536e-8d22-d84cdbcb12f9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in POST Body via POST Request issue.
Fix the HSTS Missing in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "HSTSMissinginPOSTBodyviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/api/v2/webhook?id=738"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "408",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/upload.php?type=963"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 11:14 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php?type=963 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 390.1966,
+ "StatusCode": 200
+ },
+ "LookupId": "e9fa0f77-a705-5916-a327-01241cc1da4f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in URL Path via PUT Request issue.
Fix the Sensitive Data Exposure in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinURLPathviaPUTRequest",
+ "Url": "https://shop.testsparker.com/upload.php?type=963"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "43",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "34"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a SQL Injection in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/search?token=968"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 10:07 AM",
+ "HttpRequest": {
+ "Content": "GET /search?token=968 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 222.3952,
+ "StatusCode": 200
+ },
+ "LookupId": "868090e2-b26c-5978-9318-5c0aee0ea37c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in Query Parameter via PUT Request issue.
Fix the SQL Injection in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "SQLInjectioninQueryParameterviaPUTRequest",
+ "Url": "https://shop.testsparker.com/search?token=968"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "11",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HSTS Missing in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v1/users"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 01:50 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 303.7623,
+ "StatusCode": 200
+ },
+ "LookupId": "3e12db4b-884d-5bdc-a6c3-a787591344c2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in File Name issue.
Fix the HSTS Missing in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "HSTSMissinginFileName",
+ "Url": "http://admin.testsparker.com/api/v1/users"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "457",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "12"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Remote Code Execution in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/help?page=869"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 12:30 AM",
+ "HttpRequest": {
+ "Content": "GET /help?page=869 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 470.1959,
+ "StatusCode": 200
+ },
+ "LookupId": "87b6a9ca-1ef2-5c38-bb65-cbac9dbe8280",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in File Name issue.
Fix the Remote Code Execution in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninFileName",
+ "Url": "http://blog.testsparker.com/help?page=869"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "577",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/files/list?action=941"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 05:32 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?action=941 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 121.6439,
+ "StatusCode": 200
+ },
+ "LookupId": "b0d80738-1c33-5da4-8062-365d37a111c7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in Form Field issue.
Fix the DNS Zone Transfer in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "DNSZoneTransferinFormField",
+ "Url": "https://shop.testsparker.com/files/list?action=941"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "511",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/cart.php?action=797"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 12:54 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php?action=797 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 411.2593,
+ "StatusCode": 200
+ },
+ "LookupId": "1e811686-a485-5cce-aa22-3dab112d1f63",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in Header via PUT Request issue.
Fix the Sensitive Data Exposure in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinHeaderviaPUTRequest",
+ "Url": "https://portal.testsparker.com/cart.php?action=797"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "136",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Remote Code Execution in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/settings.php?q=518"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 05:00 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?q=518 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 373.3003,
+ "StatusCode": 200
+ },
+ "LookupId": "23a25e78-109e-5e6d-96d2-9885cfc710ae",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in POST Body via POST Request issue.
Fix the Remote Code Execution in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninPOSTBodyviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/settings.php?q=518"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "394",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Command Injection in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/auth/register.php?action=492"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 10:08 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?action=492 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 58.7262,
+ "StatusCode": 200
+ },
+ "LookupId": "6c06efa9-5425-55a8-8342-abf0200d8433",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in Form Field via POST Request issue.
Fix the Command Injection in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CommandInjectioninFormFieldviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/auth/register.php?action=492"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "464",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cleartext Transmission in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/account/security?name=942"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 07:11 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?name=942 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 309.3649,
+ "StatusCode": 200
+ },
+ "LookupId": "38c60310-f421-5ae2-8f14-d97c4c1b7cdc",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in File Name issue.
Fix the Cleartext Transmission in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CleartextTransmissioninFileName",
+ "Url": "https://portal.testsparker.com/account/security?name=942"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "79",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/settings.php?name=278"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 03:24 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?name=278 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 228.8807,
+ "StatusCode": 200
+ },
+ "LookupId": "ef660e17-2067-5a55-b9e8-667f2018991c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in File Name via POST Request issue.
Fix the Cookie Not Marked as HttpOnly in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinFileNameviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/settings.php?name=278"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "133",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/payment.php?name=8"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 09:53 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php?name=8 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 337.3436,
+ "StatusCode": 200
+ },
+ "LookupId": "1f416a35-f2bf-5bfc-bc45-c5d740f6e0dc",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in Cookie issue.
Fix the File Upload Vulnerability in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinCookie",
+ "Url": "http://api.testsparker.com/payment.php?name=8"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "449",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/auth/login.php"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 06:11 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 65.7777,
+ "StatusCode": 200
+ },
+ "LookupId": "38e560c1-f252-502a-90d1-70b47de6cd84",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in Form Field issue.
Fix the Server-Side Request Forgery in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinFormField",
+ "Url": "http://app1.testsparker.com/auth/login.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "401",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Cryptography in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/profile.php?name=524"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 12:27 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php?name=524 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 367.6796,
+ "StatusCode": 200
+ },
+ "LookupId": "3511644e-f5b7-54eb-8c29-a5a2199cce15",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in JSON Payload issue.
Fix the Weak Cryptography in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "WeakCryptographyinJSONPayload",
+ "Url": "http://api.testsparker.com/profile.php?name=524"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "681",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HSTS Missing in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/products.php?type=194"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 07:09 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php?type=194 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 147.5274,
+ "StatusCode": 200
+ },
+ "LookupId": "aa13305b-cde1-5811-8a66-1366017c3ffd",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in JSON Payload issue.
Fix the HSTS Missing in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "HSTSMissinginJSONPayload",
+ "Url": "http://admin.testsparker.com/products.php?type=194"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "164",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Email Header Injection in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/checkout.php?type=866"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 11:25 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php?type=866 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 352.4021,
+ "StatusCode": 200
+ },
+ "LookupId": "538a8747-5a1a-5df5-8071-447eb70615e2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in Cookie via PUT Request issue.
Fix the Email Header Injection in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninCookieviaPUTRequest",
+ "Url": "https://app2.testsparker.com/checkout.php?type=866"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "421",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CSRF in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/products.php?ref=889"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 11:32 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php?ref=889 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 139.6151,
+ "StatusCode": 200
+ },
+ "LookupId": "18e1910a-cf5b-59f4-ae6e-48157f25b8f1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in File Name issue.
Fix the CSRF in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CSRFinFileName",
+ "Url": "https://app2.testsparker.com/products.php?ref=889"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "47",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Cryptography in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/checkout.php?action=579"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 01:22 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php?action=579 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 378.3229,
+ "StatusCode": 200
+ },
+ "LookupId": "9a49baca-8b04-5e78-afb3-ce2140e8090c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in File Name via POST Request issue.
Fix the Weak Cryptography in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "WeakCryptographyinFileNameviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/checkout.php?action=579"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "444",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "15"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/account/security?token=174"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 12:05 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?token=174 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 199.5815,
+ "StatusCode": 200
+ },
+ "LookupId": "2eefb074-cdec-5d48-93bd-6b45d3f70b61",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in URL Path issue.
Fix the DNS Zone Transfer in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "DNSZoneTransferinURLPath",
+ "Url": "https://portal.testsparker.com/account/security?token=174"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "316",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/help?filter=745"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 07:00 AM",
+ "HttpRequest": {
+ "Content": "GET /help?filter=745 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 383.4891,
+ "StatusCode": 200
+ },
+ "LookupId": "63af5fd8-2e05-5a18-afe5-3f11c19c1420",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in Header via PUT Request issue.
Fix the HTTP Response Splitting in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginHeaderviaPUTRequest",
+ "Url": "http://admin.testsparker.com/help?filter=745"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "609",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/api/v2/export?id=385"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 01:03 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export?id=385 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 347.9774,
+ "StatusCode": 200
+ },
+ "LookupId": "8719a1ac-105c-5d08-aa18-5965d471166a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in XML Input issue.
Fix the Insecure Direct Object Reference in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinXMLInput",
+ "Url": "http://api.testsparker.com/api/v2/export?id=385"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "643",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Open Redirect in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/payment.php"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 08:59 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 301.9883,
+ "StatusCode": 200
+ },
+ "LookupId": "6cfc9cae-3d0e-5caa-9d9f-101721e67e3a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in Multipart Data via POST Request issue.
Fix the Open Redirect in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "OpenRedirectinMultipartDataviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/payment.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "20",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "33"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a NoSQL Injection in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v2/export?token=743"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 03:39 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export?token=743 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 167.6109,
+ "StatusCode": 200
+ },
+ "LookupId": "875106ab-dceb-5e50-b933-f4a412a6fcab",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in Cookie via POST Request issue.
Fix the NoSQL Injection in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "NoSQLInjectioninCookieviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/api/v2/export?token=743"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "364",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "36"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Deserialization in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/admin/dashboard?id=332"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 08:04 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?id=332 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 182.7164,
+ "StatusCode": 200
+ },
+ "LookupId": "1402a386-5dfa-5b23-a2b0-74ce4fcd8807",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in Cookie via PUT Request issue.
Fix the Insecure Deserialization in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "InsecureDeserializationinCookieviaPUTRequest",
+ "Url": "http://api.testsparker.com/admin/dashboard?id=332"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "473",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Remote Code Execution in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/blog/edit.php?page=748"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 08:28 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php?page=748 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 84.8156,
+ "StatusCode": 200
+ },
+ "LookupId": "7e6115c7-3073-5c37-91bf-ec5361e0b4ce",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in File Name via POST Request issue.
Fix the Remote Code Execution in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninFileNameviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/blog/edit.php?page=748"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "253",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Password Policy in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 08:12 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 399.0864,
+ "StatusCode": 200
+ },
+ "LookupId": "25b9e1fa-094b-56d3-a99d-1d85b79f8586",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in JSON Payload via PUT Request issue.
Fix the Weak Password Policy in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinJSONPayloadviaPUTRequest",
+ "Url": "http://blog.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "557",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HSTS Missing in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/account/billing?q=784"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 11:44 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing?q=784 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 347.2899,
+ "StatusCode": 200
+ },
+ "LookupId": "651168df-4840-5525-b366-1cedc58bfd83",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in Cookie via POST Request issue.
Fix the HSTS Missing in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "HSTSMissinginCookieviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/account/billing?q=784"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "61",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Deserialization in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/settings.php?type=922"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 03:15 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?type=922 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 81.6593,
+ "StatusCode": 200
+ },
+ "LookupId": "8207402f-25e5-5220-86bc-b741b8e11fd4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in JSON Payload issue.
Fix the Insecure Deserialization in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "InsecureDeserializationinJSONPayload",
+ "Url": "http://admin.testsparker.com/settings.php?type=922"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "234",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Cryptography in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/auth/register.php?sort=319"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 06:17 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?sort=319 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 367.1117,
+ "StatusCode": 200
+ },
+ "LookupId": "155d3772-8d95-52ce-ad95-f234ba57ad25",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in XML Input issue.
Fix the Weak Cryptography in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "WeakCryptographyinXMLInput",
+ "Url": "https://shop.testsparker.com/auth/register.php?sort=319"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "168",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Command Injection in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 10:43 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 454.9328,
+ "StatusCode": 200
+ },
+ "LookupId": "1fd0a2ea-6dda-5123-8ca8-9117062556bd",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in POST Body issue.
Fix the Command Injection in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CommandInjectioninPOSTBody",
+ "Url": "https://portal.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "222",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "22"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/account/billing"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 09:37 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 122.3713,
+ "StatusCode": 200
+ },
+ "LookupId": "4d486920-d6cc-5c91-9e7d-06fe1d394545",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in File Name issue.
Fix the Sensitive Data Exposure in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinFileName",
+ "Url": "https://app2.testsparker.com/account/billing"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "47",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/settings.php?filter=606"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 07:40 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?filter=606 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 230.3793,
+ "StatusCode": 200
+ },
+ "LookupId": "54792b29-203d-523d-b4d0-0d2987f299d8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in POST Body via PUT Request issue.
Fix the Missing X-Frame-Options in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinPOSTBodyviaPUTRequest",
+ "Url": "https://portal.testsparker.com/settings.php?filter=606"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "54",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "3"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Path Disclosure in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/cart.php?page=742"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 05:04 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php?page=742 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 139.2263,
+ "StatusCode": 200
+ },
+ "LookupId": "dc34e056-8756-5d18-9d8e-8f359b637db3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in Multipart Data via POST Request issue.
Fix the Path Disclosure in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "PathDisclosureinMultipartDataviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/cart.php?page=742"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "670",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "27"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XPath Injection in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/admin/config"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 05:30 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/config HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 467.8217,
+ "StatusCode": 200
+ },
+ "LookupId": "8148493b-6e87-5f4c-991f-e2f410d05337",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in Header via PUT Request issue.
Fix the XPath Injection in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "XPathInjectioninHeaderviaPUTRequest",
+ "Url": "http://api.testsparker.com/admin/config"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "682",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a HSTS Missing in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/files/upload"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 03:35 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 206.763,
+ "StatusCode": 200
+ },
+ "LookupId": "4394d5eb-7d85-5c25-a488-4e82effd53e9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in Multipart Data issue.
Fix the HSTS Missing in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "HSTSMissinginMultipartData",
+ "Url": "http://api.testsparker.com/files/upload"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "433",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Command Injection in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/settings.php?ref=956"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 10:19 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?ref=956 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 94.918,
+ "StatusCode": 200
+ },
+ "LookupId": "d6129036-1c93-56ea-9718-d736209fba1c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in Query Parameter via PUT Request issue.
Fix the Command Injection in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CommandInjectioninQueryParameterviaPUTRequest",
+ "Url": "https://app2.testsparker.com/settings.php?ref=956"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "337",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Integer Overflow in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v1/products"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 10:09 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 287.1205,
+ "StatusCode": 200
+ },
+ "LookupId": "ec48e528-a2b5-55f0-9dbb-35b05d1a527e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in Form Field issue.
Fix the Integer Overflow in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "IntegerOverflowinFormField",
+ "Url": "http://admin.testsparker.com/api/v1/products"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "163",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a LDAP Injection in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/products.php?type=31"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 12:08 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php?type=31 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 190.4457,
+ "StatusCode": 200
+ },
+ "LookupId": "e7443376-9ca4-5996-b5bb-b5772c50d99e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in JSON Payload via POST Request issue.
Fix the LDAP Injection in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "LDAPInjectioninJSONPayloadviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/products.php?type=31"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "341",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Information Disclosure in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/profile.php"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 12:23 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 263.0068,
+ "StatusCode": 200
+ },
+ "LookupId": "8c7f6806-f304-5250-9a99-683adcd45db4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in Cookie via PUT Request issue.
Fix the Information Disclosure in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "InformationDisclosureinCookieviaPUTRequest",
+ "Url": "https://app2.testsparker.com/profile.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "469",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Email Header Injection in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/api/v1/products?page=739"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 07:21 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products?page=739 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 422.3906,
+ "StatusCode": 200
+ },
+ "LookupId": "2c7dcdef-52d7-5df9-9aca-4b2631ca82cf",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in URL Path issue.
Fix the Email Header Injection in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninURLPath",
+ "Url": "https://docs.testsparker.com/api/v1/products?page=739"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "531",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/admin/dashboard?action=352"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 04:32 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?action=352 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 411.4001,
+ "StatusCode": 200
+ },
+ "LookupId": "5d0e151e-f028-5f89-9326-11e938ef8052",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in JSON Payload via POST Request issue.
Fix the Missing Content-Security-Policy in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinJSONPayloadviaPOSTRequest",
+ "Url": "http://api.testsparker.com/admin/dashboard?action=352"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "249",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cleartext Transmission in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v1/products?q=501"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 03:40 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products?q=501 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 34.4794,
+ "StatusCode": 200
+ },
+ "LookupId": "778af228-a099-59b5-9310-969151c76051",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in POST Body via POST Request issue.
Fix the Cleartext Transmission in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CleartextTransmissioninPOSTBodyviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/api/v1/products?q=501"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "24",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "40"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v2/webhook"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 10:40 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 241.2376,
+ "StatusCode": 200
+ },
+ "LookupId": "a9aa5468-b78f-584c-a420-f62d51363c88",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in Header via PUT Request issue.
Fix the Cookie Not Marked as HttpOnly in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinHeaderviaPUTRequest",
+ "Url": "https://portal.testsparker.com/api/v2/webhook"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "328",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/auth/reset.php?token=230"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 09:43 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php?token=230 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 451.9511,
+ "StatusCode": 200
+ },
+ "LookupId": "1393b7a3-786a-5712-8884-e8c7cc0ae15c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in JSON Payload issue.
Fix the CORS Misconfiguration in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinJSONPayload",
+ "Url": "http://api.testsparker.com/auth/reset.php?token=230"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "402",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "22"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Command Injection in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v1/users?token=546"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 01:47 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users?token=546 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 120.5577,
+ "StatusCode": 200
+ },
+ "LookupId": "7f867b68-1984-5ef8-bf35-c55f9584823d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in JSON Payload via POST Request issue.
Fix the Command Injection in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CommandInjectioninJSONPayloadviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/api/v1/users?token=546"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "415",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Session Fixation in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/profile.php?q=86"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 07:33 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php?q=86 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 114.9114,
+ "StatusCode": 200
+ },
+ "LookupId": "5c9c186d-6ad8-5c14-b704-98131b3188fd",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in File Name via POST Request issue.
Fix the Session Fixation in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "SessionFixationinFileNameviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/profile.php?q=86"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "31",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v1/orders?type=282"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 08:26 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders?type=282 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 95.7612,
+ "StatusCode": 200
+ },
+ "LookupId": "5db26b39-e434-5c3d-9938-1d2d98baec64",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in Header issue.
Fix the Missing X-Frame-Options in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinHeader",
+ "Url": "http://admin.testsparker.com/api/v1/orders?type=282"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "395",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a NoSQL Injection vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/auth/reset.php?token=354"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 12:27 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php?token=354 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 10.8287,
+ "StatusCode": 200
+ },
+ "LookupId": "31575c80-9b57-5478-a038-1baaac73de85",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection issue.
Fix the NoSQL Injection vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "NoSQLInjection",
+ "Url": "http://admin.testsparker.com/auth/reset.php?token=354"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "552",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Directory Traversal in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/download.php?name=982"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 09:45 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?name=982 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 243.1115,
+ "StatusCode": 200
+ },
+ "LookupId": "9a9c1c32-284b-5a6d-900d-71f2d78be33b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in JSON Payload via PUT Request issue.
Fix the Directory Traversal in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "DirectoryTraversalinJSONPayloadviaPUTRequest",
+ "Url": "https://portal.testsparker.com/download.php?name=982"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "99",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Path Disclosure in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/reports/view?sort=45"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 04:11 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?sort=45 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 338.5943,
+ "StatusCode": 200
+ },
+ "LookupId": "1db19cb3-abfb-5dfd-85c6-8ad044a1ac20",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in Cookie via POST Request issue.
Fix the Path Disclosure in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "PathDisclosureinCookieviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/reports/view?sort=45"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "620",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "34"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Buffer Overflow in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/auth/login.php"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 08:29 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 236.7208,
+ "StatusCode": 200
+ },
+ "LookupId": "924979bb-0a3f-52ae-a0af-f1c88de29fdf",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in JSON Payload via POST Request issue.
Fix the Buffer Overflow in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "BufferOverflowinJSONPayloadviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/auth/login.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "372",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v2/export?type=417"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 04:17 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export?type=417 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 14.833,
+ "StatusCode": 200
+ },
+ "LookupId": "444bd7dc-d350-5f1e-8212-3136a9161062",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in Form Field via POST Request issue.
Fix the Missing Content-Security-Policy in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinFormFieldviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/api/v2/export?type=417"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "348",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "44"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CSRF in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/reports/generate?token=902"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 09:21 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?token=902 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 298.0285,
+ "StatusCode": 200
+ },
+ "LookupId": "0490be1e-5cca-518a-8ac6-1a6be143a207",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in JSON Payload via POST Request issue.
Fix the CSRF in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CSRFinJSONPayloadviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/reports/generate?token=902"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "123",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "27"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/search?sort=262"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 08:51 AM",
+ "HttpRequest": {
+ "Content": "GET /search?sort=262 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 33.5352,
+ "StatusCode": 200
+ },
+ "LookupId": "15743dd6-e636-5de4-8250-2314170f7415",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in Header via PUT Request issue.
Fix the Insecure Direct Object Reference in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinHeaderviaPUTRequest",
+ "Url": "https://shop.testsparker.com/search?sort=262"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "454",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Race Condition vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/reports/generate?ref=684"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 09:28 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?ref=684 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 449.632,
+ "StatusCode": 200
+ },
+ "LookupId": "9869ccec-2897-58e6-b675-f87a59dfb677",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition issue.
Fix the Race Condition vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "RaceCondition",
+ "Url": "https://app2.testsparker.com/reports/generate?ref=684"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "611",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XPath Injection in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/upload.php"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 11:03 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 54.3612,
+ "StatusCode": 200
+ },
+ "LookupId": "b11e9380-5125-5ac0-917d-ca44c56e3142",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in Query Parameter issue.
Fix the XPath Injection in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "XPathInjectioninQueryParameter",
+ "Url": "http://api.testsparker.com/upload.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "166",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "24"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/help?action=905"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 08:59 AM",
+ "HttpRequest": {
+ "Content": "GET /help?action=905 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 359.2683,
+ "StatusCode": 200
+ },
+ "LookupId": "99e17751-139e-59c0-83cc-d600b8ef704f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in Header via PUT Request issue.
Fix the Cookie Not Marked as Secure in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinHeaderviaPUTRequest",
+ "Url": "https://app2.testsparker.com/help?action=905"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "347",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Open Redirect in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/reports/view"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 03:43 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 279.9704,
+ "StatusCode": 200
+ },
+ "LookupId": "ab873165-d182-5715-9a0c-005ead83ba7c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in Cookie via POST Request issue.
Fix the Open Redirect in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "OpenRedirectinCookieviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/reports/view"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "117",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/payment.php"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 05:29 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 247.8374,
+ "StatusCode": 200
+ },
+ "LookupId": "14acee62-670c-5c2c-b3e0-2039b9f69b44",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in Header via POST Request issue.
Fix the Server-Side Request Forgery in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinHeaderviaPOSTRequest",
+ "Url": "http://api.testsparker.com/payment.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "628",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Path Disclosure in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/admin/logs?id=409"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 12:59 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?id=409 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 49.7662,
+ "StatusCode": 200
+ },
+ "LookupId": "cd2bf219-a395-51f8-bd52-a379f54b3d58",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in Header via PUT Request issue.
Fix the Path Disclosure in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "PathDisclosureinHeaderviaPUTRequest",
+ "Url": "https://portal.testsparker.com/admin/logs?id=409"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "360",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Buffer Overflow in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/auth/login.php?ref=280"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 03:47 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php?ref=280 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 271.7038,
+ "StatusCode": 200
+ },
+ "LookupId": "3a9eac15-b7f3-5563-bfa7-73ddf2580c98",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in URL Path via POST Request issue.
Fix the Buffer Overflow in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "BufferOverflowinURLPathviaPOSTRequest",
+ "Url": "http://api.testsparker.com/auth/login.php?ref=280"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "133",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Buffer Overflow in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/files/list?q=591"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 07:30 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?q=591 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 197.825,
+ "StatusCode": 200
+ },
+ "LookupId": "d60b0a6d-a5af-560c-89e8-1bbd5fc97425",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in XML Input issue.
Fix the Buffer Overflow in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "BufferOverflowinXMLInput",
+ "Url": "http://app1.testsparker.com/files/list?q=591"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "271",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "38"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/settings.php"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 02:34 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 120.1566,
+ "StatusCode": 200
+ },
+ "LookupId": "ba1fd7a6-5fef-5296-88e0-4d202ca3c95e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in POST Body issue.
Fix the File Upload Vulnerability in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinPOSTBody",
+ "Url": "https://portal.testsparker.com/settings.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "195",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Race Condition in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/admin/config?q=297"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 09:55 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/config?q=297 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 261.609,
+ "StatusCode": 200
+ },
+ "LookupId": "3cc33d8c-4041-5948-b51a-263ad0ff51d7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in Form Field via POST Request issue.
Fix the Race Condition in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "RaceConditioninFormFieldviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/admin/config?q=297"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "509",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Open Redirect in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v2/webhook?action=753"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 06:21 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?action=753 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 417.8437,
+ "StatusCode": 200
+ },
+ "LookupId": "d7ff7e07-97a4-5fd8-a54e-01873252db7f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in Header via POST Request issue.
Fix the Open Redirect in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "OpenRedirectinHeaderviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/api/v2/webhook?action=753"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "116",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a HSTS Missing in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/auth/login.php"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 10:37 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 381.6049,
+ "StatusCode": 200
+ },
+ "LookupId": "b6e386ab-3ba2-5c92-8d6b-63face487b81",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in XML Input issue.
Fix the HSTS Missing in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "HSTSMissinginXMLInput",
+ "Url": "https://docs.testsparker.com/auth/login.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "58",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "11"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/logs?token=759"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 12:32 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?token=759 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 207.6587,
+ "StatusCode": 200
+ },
+ "LookupId": "cfd42480-d724-511c-9748-8faf13016cc5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in XML Input issue.
Fix the Sensitive Data Exposure in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinXMLInput",
+ "Url": "https://app2.testsparker.com/admin/logs?token=759"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "552",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Deserialization in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v1/products"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 08:42 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 266.9796,
+ "StatusCode": 200
+ },
+ "LookupId": "d145c737-99cc-545e-8a3b-caa3ca0d1e24",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in POST Body via PUT Request issue.
Fix the Insecure Deserialization in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "InsecureDeserializationinPOSTBodyviaPUTRequest",
+ "Url": "https://app2.testsparker.com/api/v1/products"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "230",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Information Disclosure in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/upload.php"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 05:40 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 418.7791,
+ "StatusCode": 200
+ },
+ "LookupId": "18d15a35-b961-57d2-9500-e9f06f9cab91",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in Cookie via POST Request issue.
Fix the Information Disclosure in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InformationDisclosureinCookieviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/upload.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "572",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Race Condition in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 07:48 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 180.7842,
+ "StatusCode": 200
+ },
+ "LookupId": "6c6b5565-2042-5b6a-b707-0ae5458871e3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in URL Path via PUT Request issue.
Fix the Race Condition in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "RaceConditioninURLPathviaPUTRequest",
+ "Url": "https://shop.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "364",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "22"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Open Redirect in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/reports/export"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 12:56 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 145.3716,
+ "StatusCode": 200
+ },
+ "LookupId": "24e55ccf-59e6-52ae-bcbf-9fa8884445da",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in POST Body issue.
Fix the Open Redirect in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "OpenRedirectinPOSTBody",
+ "Url": "http://app1.testsparker.com/reports/export"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "321",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Mass Assignment in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/profile.php"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 12:30 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 262.0712,
+ "StatusCode": 200
+ },
+ "LookupId": "26783284-c909-58ad-88e2-a896269fb962",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in POST Body via PUT Request issue.
Fix the Mass Assignment in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "MassAssignmentinPOSTBodyviaPUTRequest",
+ "Url": "http://app1.testsparker.com/profile.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "73",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Information Disclosure vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/auth/login.php?id=235"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 08:13 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php?id=235 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 274.2246,
+ "StatusCode": 200
+ },
+ "LookupId": "c1c1200c-e2fa-5806-bf4a-57cc13500678",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure issue.
Fix the Information Disclosure vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "InformationDisclosure",
+ "Url": "https://portal.testsparker.com/auth/login.php?id=235"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "671",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cross-site Scripting in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/reports/generate?type=430"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 01:44 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?type=430 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 191.5597,
+ "StatusCode": 200
+ },
+ "LookupId": "fa6cf0d6-8d24-5b92-aab9-61452dbb6422",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in Cookie issue.
Fix the Cross-site Scripting in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginCookie",
+ "Url": "http://blog.testsparker.com/reports/generate?type=430"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "348",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XPath Injection in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/cart.php?token=339"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 05:21 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php?token=339 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 278.9646,
+ "StatusCode": 200
+ },
+ "LookupId": "e3c7513b-dcea-5da0-8a61-bc88f5405fb3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in Header issue.
Fix the XPath Injection in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "XPathInjectioninHeader",
+ "Url": "https://portal.testsparker.com/cart.php?token=339"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "101",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a LDAP Injection in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/files/upload?filter=236"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 04:24 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload?filter=236 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 446.7689,
+ "StatusCode": 200
+ },
+ "LookupId": "d0661399-d96f-5a99-b7a7-26cfd267cc3a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in POST Body via POST Request issue.
Fix the LDAP Injection in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "LDAPInjectioninPOSTBodyviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/files/upload?filter=236"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "295",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a SQL Injection in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/reports/export"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 07:51 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 120.6841,
+ "StatusCode": 200
+ },
+ "LookupId": "946d0f97-5b5b-556f-9990-24abfce253f0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in Header via POST Request issue.
Fix the SQL Injection in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "SQLInjectioninHeaderviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/reports/export"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "248",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/account/security?q=24"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 02:46 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?q=24 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 39.3734,
+ "StatusCode": 200
+ },
+ "LookupId": "53238186-aa82-5b03-a383-dbc2cf623484",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in URL Path via POST Request issue.
Fix the File Upload Vulnerability in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinURLPathviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/account/security?q=24"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "571",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Open Redirect in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v2/export?ref=265"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 01:59 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export?ref=265 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 473.6712,
+ "StatusCode": 200
+ },
+ "LookupId": "30f3065e-ad90-54e4-a457-67851db14cca",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in URL Path via POST Request issue.
Fix the Open Redirect in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "OpenRedirectinURLPathviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/api/v2/export?ref=265"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "19",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Race Condition in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/admin/logs"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 12:56 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 178.7314,
+ "StatusCode": 200
+ },
+ "LookupId": "0d274f4d-acf8-5d5a-8a13-8236a269e2e8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in XML Input issue.
Fix the Race Condition in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "RaceConditioninXMLInput",
+ "Url": "http://app1.testsparker.com/admin/logs"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "157",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "40"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/reports/export"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 02:42 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 378.2888,
+ "StatusCode": 200
+ },
+ "LookupId": "994e4eb1-8a06-5d93-8c36-6990bff4b264",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in Cookie via POST Request issue.
Fix the HTTP Response Splitting in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginCookieviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/reports/export"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "6",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Version Disclosure in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/files/download?sort=134"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 03:59 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?sort=134 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 168.0887,
+ "StatusCode": 200
+ },
+ "LookupId": "0186801b-a341-5a6d-90e0-05e93aec2910",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in Form Field issue.
Fix the Version Disclosure in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "VersionDisclosureinFormField",
+ "Url": "http://app1.testsparker.com/files/download?sort=134"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "414",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "40"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a SQL Injection in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/blog/post.php?token=650"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 10:20 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php?token=650 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 149.6143,
+ "StatusCode": 200
+ },
+ "LookupId": "79ea2d68-7295-5c6a-92d1-6973ef335108",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in Multipart Data via POST Request issue.
Fix the SQL Injection in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "SQLInjectioninMultipartDataviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/blog/post.php?token=650"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "54",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Information Disclosure in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/contact?type=756"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 08:50 AM",
+ "HttpRequest": {
+ "Content": "GET /contact?type=756 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 324.1384,
+ "StatusCode": 200
+ },
+ "LookupId": "ce057c9c-c37f-5601-913a-b99406b4fa78",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in Header via POST Request issue.
Fix the Information Disclosure in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InformationDisclosureinHeaderviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/contact?type=756"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "674",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Mass Assignment in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/auth/login.php?id=176"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 10:52 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php?id=176 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 487.2217,
+ "StatusCode": 200
+ },
+ "LookupId": "5fa8a8f3-85ed-5097-8eaf-863bf6838942",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in Header via POST Request issue.
Fix the Mass Assignment in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "MassAssignmentinHeaderviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/auth/login.php?id=176"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "89",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "17"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Buffer Overflow in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/admin/dashboard?page=716"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 06:41 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?page=716 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 238.612,
+ "StatusCode": 200
+ },
+ "LookupId": "6d607e86-af61-5d67-827d-089a698da79d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in Query Parameter via PUT Request issue.
Fix the Buffer Overflow in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "BufferOverflowinQueryParameterviaPUTRequest",
+ "Url": "https://shop.testsparker.com/admin/dashboard?page=716"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "470",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Password Policy in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/auth/reset.php"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 09:54 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 431.9009,
+ "StatusCode": 200
+ },
+ "LookupId": "f40dc66a-41a8-5f31-8ad3-51296109ab3c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in Query Parameter via PUT Request issue.
Fix the Weak Password Policy in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinQueryParameterviaPUTRequest",
+ "Url": "https://docs.testsparker.com/auth/reset.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "177",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/contact?q=472"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 04:54 AM",
+ "HttpRequest": {
+ "Content": "GET /contact?q=472 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 109.6278,
+ "StatusCode": 200
+ },
+ "LookupId": "6e8932d3-811c-56bb-9c2b-9bd948f6773a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in Cookie via PUT Request issue.
Fix the DNS Zone Transfer in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "DNSZoneTransferinCookieviaPUTRequest",
+ "Url": "http://api.testsparker.com/contact?q=472"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "450",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "29"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Version Disclosure in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/files/download"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 06:47 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 222.6405,
+ "StatusCode": 200
+ },
+ "LookupId": "c01bdcb7-9394-5835-beb2-909828521fde",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in Form Field via POST Request issue.
Fix the Version Disclosure in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "VersionDisclosureinFormFieldviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/files/download"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "418",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v1/users?name=825"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 08:09 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users?name=825 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 205.017,
+ "StatusCode": 200
+ },
+ "LookupId": "d236262e-3455-53ce-892d-b5f08961d62a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in Query Parameter via PUT Request issue.
Fix the DNS Zone Transfer in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "DNSZoneTransferinQueryParameterviaPUTRequest",
+ "Url": "https://shop.testsparker.com/api/v1/users?name=825"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "634",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CSRF in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/admin/dashboard?name=255"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 06:41 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?name=255 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 85.42,
+ "StatusCode": 200
+ },
+ "LookupId": "50a8f3c1-3ad0-57a3-86d9-b6d4f92d81f7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in Multipart Data issue.
Fix the CSRF in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CSRFinMultipartData",
+ "Url": "https://docs.testsparker.com/admin/dashboard?name=255"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "316",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "33"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/checkout.php"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 12:37 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 350.6723,
+ "StatusCode": 200
+ },
+ "LookupId": "f112edaa-375a-5ff6-95b4-322704a29df4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in Form Field via POST Request issue.
Fix the Insecure HTTP Method in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinFormFieldviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/checkout.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "443",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "24"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Version Disclosure in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/account/billing"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 05:24 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 22.1119,
+ "StatusCode": 200
+ },
+ "LookupId": "c0f52c19-7223-5f2c-b200-cf59d3827a36",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in JSON Payload via POST Request issue.
Fix the Version Disclosure in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "VersionDisclosureinJSONPayloadviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/account/billing"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "183",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/admin/users?ref=951"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 09:49 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users?ref=951 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 221.3143,
+ "StatusCode": 200
+ },
+ "LookupId": "96127275-f21a-56d2-af7f-eb3566006b4c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in POST Body via POST Request issue.
Fix the Missing Content-Security-Policy in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinPOSTBodyviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/admin/users?ref=951"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "109",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/blog/edit.php"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 07:41 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 164.9577,
+ "StatusCode": 200
+ },
+ "LookupId": "0caee4e7-9201-5a43-8e2d-a5b536970140",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in XML Input via POST Request issue.
Fix the Server-Side Request Forgery in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinXMLInputviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/blog/edit.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "516",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HSTS Missing in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/admin/logs?sort=704"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 02:48 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?sort=704 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 182.5965,
+ "StatusCode": 200
+ },
+ "LookupId": "c8c1e387-afe1-58a4-8590-b85a21204ca7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in Form Field issue.
Fix the HSTS Missing in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "HSTSMissinginFormField",
+ "Url": "https://portal.testsparker.com/admin/logs?sort=704"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "87",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v1/products"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 01:27 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 341.7462,
+ "StatusCode": 200
+ },
+ "LookupId": "0162a549-f370-5013-87bc-c899a58fb28b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in Form Field via POST Request issue.
Fix the File Upload Vulnerability in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinFormFieldviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/api/v1/products"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "157",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/reports/export"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 03:18 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 322.1757,
+ "StatusCode": 200
+ },
+ "LookupId": "db23aa23-1c57-5607-84c5-5809fe65b1f1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in JSON Payload via PUT Request issue.
Fix the HTTP Response Splitting in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginJSONPayloadviaPUTRequest",
+ "Url": "https://portal.testsparker.com/reports/export"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "614",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/settings.php?token=491"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 02:27 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?token=491 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 303.9127,
+ "StatusCode": 200
+ },
+ "LookupId": "47cc5852-22d8-57f4-8853-0a0b5f5ff82f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in Query Parameter via PUT Request issue.
Fix the HTTP Response Splitting in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginQueryParameterviaPUTRequest",
+ "Url": "https://portal.testsparker.com/settings.php?token=491"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "319",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "38"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/help?filter=977"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 07:27 AM",
+ "HttpRequest": {
+ "Content": "GET /help?filter=977 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 166.6251,
+ "StatusCode": 200
+ },
+ "LookupId": "9a16640a-962e-5032-876e-7e8e9a7bce74",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in XML Input via POST Request issue.
Fix the Unvalidated Redirect in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinXMLInputviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/help?filter=977"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "250",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "3"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Path Disclosure in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/admin/config"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 11:39 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/config HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 194.3042,
+ "StatusCode": 200
+ },
+ "LookupId": "f28c9391-5906-59d2-9776-c9237a610b7f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in POST Body via POST Request issue.
Fix the Path Disclosure in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "PathDisclosureinPOSTBodyviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/admin/config"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "10",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Buffer Overflow in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v2/webhook?action=605"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 05:53 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?action=605 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 117.2631,
+ "StatusCode": 200
+ },
+ "LookupId": "ba837099-28a0-555a-808a-4b1332c11729",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in XML Input via POST Request issue.
Fix the Buffer Overflow in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "BufferOverflowinXMLInputviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/api/v2/webhook?action=605"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "38",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cleartext Transmission in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/contact"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 10:13 AM",
+ "HttpRequest": {
+ "Content": "GET /contact HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 496.9403,
+ "StatusCode": 200
+ },
+ "LookupId": "78353d61-0e28-5624-bd31-bc895ec6e2aa",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in Cookie via PUT Request issue.
Fix the Cleartext Transmission in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CleartextTransmissioninCookieviaPUTRequest",
+ "Url": "https://shop.testsparker.com/contact"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "289",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Broken Authentication in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/files/list?q=267"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 03:25 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?q=267 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 439.4311,
+ "StatusCode": 200
+ },
+ "LookupId": "60e2afed-ff42-5efd-b0fd-592a8cb04116",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in Header via POST Request issue.
Fix the Broken Authentication in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinHeaderviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/files/list?q=267"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "247",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Session Fixation in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/reports/generate?type=12"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 02:03 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?type=12 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 297.9647,
+ "StatusCode": 200
+ },
+ "LookupId": "6ed6b59a-669d-5f76-860f-4383bc00d5ce",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in JSON Payload via POST Request issue.
Fix the Session Fixation in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "SessionFixationinJSONPayloadviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/reports/generate?type=12"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "187",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "46"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/admin/config"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 04:07 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/config HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 30.1642,
+ "StatusCode": 200
+ },
+ "LookupId": "22156632-7ede-523b-9787-cb281c724bb0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in Cookie via POST Request issue.
Fix the Server-Side Request Forgery in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinCookieviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/admin/config"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "194",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "17"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Directory Traversal in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/reports/export"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 02:04 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 89.5231,
+ "StatusCode": 200
+ },
+ "LookupId": "027094f6-d6e5-5d25-8eef-d92bbb274976",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in File Name via POST Request issue.
Fix the Directory Traversal in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "DirectoryTraversalinFileNameviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/reports/export"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "615",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "2"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Buffer Overflow in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/auth/login.php?ref=280"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 12:04 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php?ref=280 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 231.6004,
+ "StatusCode": 200
+ },
+ "LookupId": "b1a767b5-cd39-52e1-a5db-8400a3ef954c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in URL Path via POST Request issue.
Fix the Buffer Overflow in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "BufferOverflowinURLPathviaPOSTRequest",
+ "Url": "http://api.testsparker.com/auth/login.php?ref=280"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "663",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v1/users?name=825"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 05:33 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users?name=825 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 469.0664,
+ "StatusCode": 200
+ },
+ "LookupId": "4819e2ac-2419-55fd-a6c4-fba44878224b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in Query Parameter via PUT Request issue.
Fix the DNS Zone Transfer in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "DNSZoneTransferinQueryParameterviaPUTRequest",
+ "Url": "https://shop.testsparker.com/api/v1/users?name=825"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "253",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "46"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Mass Assignment in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/download.php"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 06:08 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 342.9943,
+ "StatusCode": 200
+ },
+ "LookupId": "af6acf90-93d9-599b-9f32-de9238967415",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in Form Field issue.
Fix the Mass Assignment in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "MassAssignmentinFormField",
+ "Url": "https://shop.testsparker.com/download.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "610",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "33"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Clickjacking in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/download.php?page=157"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 07:18 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?page=157 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 395.3205,
+ "StatusCode": 200
+ },
+ "LookupId": "009d0583-2b45-522e-b11d-32b9e7326c19",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in Multipart Data issue.
Fix the Clickjacking in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "ClickjackinginMultipartData",
+ "Url": "http://api.testsparker.com/download.php?page=157"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "325",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Integer Overflow in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/reports/export"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 07:20 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 314.6819,
+ "StatusCode": 200
+ },
+ "LookupId": "be4ac27f-64d8-5473-8044-0980614581cc",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in URL Path via PUT Request issue.
Fix the Integer Overflow in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "IntegerOverflowinURLPathviaPUTRequest",
+ "Url": "http://api.testsparker.com/reports/export"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "486",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Race Condition vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/reports/generate?ref=684"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 10:14 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?ref=684 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 230.143,
+ "StatusCode": 200
+ },
+ "LookupId": "77c2ac75-0c59-5d70-8106-e751dfec09e4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition issue.
Fix the Race Condition vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "RaceCondition",
+ "Url": "https://app2.testsparker.com/reports/generate?ref=684"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "158",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "12"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a NoSQL Injection in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/search"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 08:02 AM",
+ "HttpRequest": {
+ "Content": "GET /search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 211.3207,
+ "StatusCode": 200
+ },
+ "LookupId": "8f5b5f8d-c424-597f-977c-4378cd2b2ed5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in Cookie issue.
Fix the NoSQL Injection in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "NoSQLInjectioninCookie",
+ "Url": "http://app1.testsparker.com/search"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "688",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Path Disclosure in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/download.php?sort=284"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 05:07 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?sort=284 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 17.4758,
+ "StatusCode": 200
+ },
+ "LookupId": "5e522fa2-791d-5b46-a8a6-10dbd8f8d6a7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in Query Parameter issue.
Fix the Path Disclosure in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "PathDisclosureinQueryParameter",
+ "Url": "https://portal.testsparker.com/download.php?sort=284"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "485",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "34"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/auth/register.php?page=415"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 12:35 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?page=415 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 172.0877,
+ "StatusCode": 200
+ },
+ "LookupId": "079c4f65-b26d-5456-8a17-c0592d86c216",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in POST Body issue.
Fix the Cookie Not Marked as HttpOnly in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinPOSTBody",
+ "Url": "https://docs.testsparker.com/auth/register.php?page=415"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "12",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/dashboard?id=619"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 12:53 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?id=619 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 136.4466,
+ "StatusCode": 200
+ },
+ "LookupId": "fe19219b-db20-51b1-9975-b2162829709c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in File Name via POST Request issue.
Fix the File Upload Vulnerability in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinFileNameviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/admin/dashboard?id=619"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "217",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v1/products"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 05:21 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 278.1822,
+ "StatusCode": 200
+ },
+ "LookupId": "d228f9d9-a17d-538b-b91c-a31214284ef4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in JSON Payload issue.
Fix the Cookie Not Marked as HttpOnly in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinJSONPayload",
+ "Url": "https://shop.testsparker.com/api/v1/products"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "445",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "15"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Session Fixation in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/profile.php?token=754"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 01:26 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php?token=754 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 490.2902,
+ "StatusCode": 200
+ },
+ "LookupId": "a6d5ab5e-1731-5015-8ce8-36e39c1e2325",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in POST Body via POST Request issue.
Fix the Session Fixation in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "SessionFixationinPOSTBodyviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/profile.php?token=754"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "295",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a LDAP Injection in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/blog/edit.php"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 11:16 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 376.1959,
+ "StatusCode": 200
+ },
+ "LookupId": "57f760e1-4d46-5998-a9dd-7824d6de1a65",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in Header issue.
Fix the LDAP Injection in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "LDAPInjectioninHeader",
+ "Url": "http://blog.testsparker.com/blog/edit.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "347",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/auth/register.php?id=735"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 01:25 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?id=735 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 382.0043,
+ "StatusCode": 200
+ },
+ "LookupId": "00189dfc-171b-54c3-8574-a8b4411a33a9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in URL Path via POST Request issue.
Fix the Missing X-Frame-Options in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinURLPathviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/auth/register.php?id=735"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "45",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XML External Entity in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/products.php?name=674"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 10:31 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php?name=674 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 491.7202,
+ "StatusCode": 200
+ },
+ "LookupId": "fb315b9e-1156-5e66-a23b-5cf32362dd06",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in XML Input via POST Request issue.
Fix the XML External Entity in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "XMLExternalEntityinXMLInputviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/products.php?name=674"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "591",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Command Injection in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 05:11 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 59.4393,
+ "StatusCode": 200
+ },
+ "LookupId": "b796a842-e0bc-5420-a9e6-cfefd3024494",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in URL Path via PUT Request issue.
Fix the Command Injection in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CommandInjectioninURLPathviaPUTRequest",
+ "Url": "https://shop.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "14",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Integer Overflow in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/payment.php"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 11:54 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 433.9126,
+ "StatusCode": 200
+ },
+ "LookupId": "29d09cf7-f3d4-5af0-90fd-5f3f84d5923d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in Multipart Data via POST Request issue.
Fix the Integer Overflow in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "IntegerOverflowinMultipartDataviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/payment.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "562",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a LDAP Injection in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/upload.php?token=605"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 06:13 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php?token=605 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 408.8187,
+ "StatusCode": 200
+ },
+ "LookupId": "ec0825d0-35f5-581e-bcb5-ffd1849d1b32",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in Query Parameter issue.
Fix the LDAP Injection in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "LDAPInjectioninQueryParameter",
+ "Url": "https://app2.testsparker.com/upload.php?token=605"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "698",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Command Injection in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/api/v2/export?page=209"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 03:01 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export?page=209 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 170.0049,
+ "StatusCode": 200
+ },
+ "LookupId": "719517eb-1483-525d-a295-a6d094a87934",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in POST Body via PUT Request issue.
Fix the Command Injection in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CommandInjectioninPOSTBodyviaPUTRequest",
+ "Url": "https://docs.testsparker.com/api/v2/export?page=209"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "14",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "17"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/files/upload"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 08:53 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 120.5188,
+ "StatusCode": 200
+ },
+ "LookupId": "251b4d07-9b38-5a26-8961-c429a213535a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in Form Field issue.
Fix the Sensitive Data Exposure in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinFormField",
+ "Url": "http://blog.testsparker.com/files/upload"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "432",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "11"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/admin/dashboard?token=692"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 09:53 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?token=692 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 62.151,
+ "StatusCode": 200
+ },
+ "LookupId": "2226499f-cd78-593c-9662-67c97a38ee73",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in Cookie via PUT Request issue.
Fix the HTTP Response Splitting in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginCookieviaPUTRequest",
+ "Url": "http://blog.testsparker.com/admin/dashboard?token=692"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "514",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/reports/export"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 02:06 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 398.4293,
+ "StatusCode": 200
+ },
+ "LookupId": "4b04f4ce-d6e2-5ec0-8467-7f8ab2b82aa6",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in Form Field via POST Request issue.
Fix the CORS Misconfiguration in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinFormFieldviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/reports/export"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "530",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "12"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/auth/register.php"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 03:02 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 152.2405,
+ "StatusCode": 200
+ },
+ "LookupId": "15607f75-54ae-5a14-b7a0-27b3a92fe800",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in Cookie issue.
Fix the Insecure HTTP Method in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinCookie",
+ "Url": "http://blog.testsparker.com/auth/register.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "560",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "22"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/api/v2/export?page=198"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 08:48 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export?page=198 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 108.9796,
+ "StatusCode": 200
+ },
+ "LookupId": "c0067cc3-f3be-5fe2-96b3-3e775f709118",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in Form Field via POST Request issue.
Fix the Unvalidated Redirect in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinFormFieldviaPOSTRequest",
+ "Url": "http://api.testsparker.com/api/v2/export?page=198"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "102",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/checkout.php?name=384"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 03:08 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php?name=384 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 28.7686,
+ "StatusCode": 200
+ },
+ "LookupId": "067187f2-d18b-584e-9892-d579e809d890",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in Cookie issue.
Fix the Unvalidated Redirect in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinCookie",
+ "Url": "https://shop.testsparker.com/checkout.php?name=384"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "597",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Session Fixation in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 02:37 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 442.007,
+ "StatusCode": 200
+ },
+ "LookupId": "931644d1-ef04-5415-8272-b1752b566113",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in POST Body issue.
Fix the Session Fixation in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "SessionFixationinPOSTBody",
+ "Url": "http://app1.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "487",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/help"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 03:23 AM",
+ "HttpRequest": {
+ "Content": "GET /help HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 242.8587,
+ "StatusCode": 200
+ },
+ "LookupId": "d1ba4183-5022-5fbb-b5b1-1a64ec3eb7d1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in Header via POST Request issue.
Fix the Cookie Not Marked as HttpOnly in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinHeaderviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/help"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "35",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "17"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Password Policy in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/files/download?filter=383"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 10:52 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?filter=383 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 439.8535,
+ "StatusCode": 200
+ },
+ "LookupId": "b0da555d-96e9-5011-b5fb-f3d7934b6867",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in Multipart Data via POST Request issue.
Fix the Weak Password Policy in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinMultipartDataviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/files/download?filter=383"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "455",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "2"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cleartext Transmission in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/account/security?name=384"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 03:12 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?name=384 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 176.6568,
+ "StatusCode": 200
+ },
+ "LookupId": "31f5b835-d5ed-5e90-bf28-b20b46bf3c91",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in Query Parameter issue.
Fix the Cleartext Transmission in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CleartextTransmissioninQueryParameter",
+ "Url": "https://portal.testsparker.com/account/security?name=384"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "147",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Cryptography in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/upload.php"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 07:44 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 160.9692,
+ "StatusCode": 200
+ },
+ "LookupId": "3efc3424-0db4-5bde-af78-70829133a6d3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in XML Input via POST Request issue.
Fix the Weak Cryptography in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "WeakCryptographyinXMLInputviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/upload.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "576",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cross-site Scripting in XML Input via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/admin/dashboard?name=546"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 05:44 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?name=546 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 425.5174,
+ "StatusCode": 200
+ },
+ "LookupId": "42a0247a-8fd3-54d7-b9bd-c99992f2ffb7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in XML Input via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in XML Input via PUT Request issue.
Fix the Cross-site Scripting in XML Input via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginXMLInputviaPUTRequest",
+ "Url": "http://api.testsparker.com/admin/dashboard?name=546"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "326",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/files/list?id=679"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 06:55 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?id=679 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 475.7031,
+ "StatusCode": 200
+ },
+ "LookupId": "b8e45dd3-93ad-5d4e-8bfe-e6bab6046960",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in JSON Payload via PUT Request issue.
Fix the DNS Zone Transfer in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "DNSZoneTransferinJSONPayloadviaPUTRequest",
+ "Url": "http://api.testsparker.com/files/list?id=679"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "96",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/auth/reset.php"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 09:52 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 10.5881,
+ "StatusCode": 200
+ },
+ "LookupId": "6d2bcd17-66cc-53f3-8ba5-fce37f37242e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in File Name issue.
Fix the Cookie Not Marked as Secure in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinFileName",
+ "Url": "https://docs.testsparker.com/auth/reset.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "230",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "15"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Deserialization in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v2/search?name=524"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 03:22 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?name=524 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 331.1287,
+ "StatusCode": 200
+ },
+ "LookupId": "c01c4156-6ad1-59ed-a24d-5041552a31b1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in File Name via POST Request issue.
Fix the Insecure Deserialization in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InsecureDeserializationinFileNameviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/api/v2/search?name=524"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "39",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Path Disclosure in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/admin/users?action=840"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 01:58 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users?action=840 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 387.7417,
+ "StatusCode": 200
+ },
+ "LookupId": "5d1d73a7-baac-5b5a-b362-d19263d09ccf",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in Multipart Data issue.
Fix the Path Disclosure in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "PathDisclosureinMultipartData",
+ "Url": "https://docs.testsparker.com/admin/users?action=840"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "582",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Cryptography in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/config?type=384"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 04:41 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/config?type=384 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 103.4849,
+ "StatusCode": 200
+ },
+ "LookupId": "ca860b3b-ab67-506b-aae9-b1e1c230e0ab",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in JSON Payload via POST Request issue.
Fix the Weak Cryptography in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "WeakCryptographyinJSONPayloadviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/admin/config?type=384"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "124",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "12"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Broken Authentication in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/reports/view?token=925"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 04:08 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?token=925 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 30.9112,
+ "StatusCode": 200
+ },
+ "LookupId": "ec229255-b8f5-5f1c-a142-8c5ebe146ed4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in XML Input issue.
Fix the Broken Authentication in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinXMLInput",
+ "Url": "https://portal.testsparker.com/reports/view?token=925"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "399",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XPath Injection in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 12:39 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 40.9864,
+ "StatusCode": 200
+ },
+ "LookupId": "30781ad3-0fd0-598d-b7dd-cfbf080f7033",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in Form Field issue.
Fix the XPath Injection in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "XPathInjectioninFormField",
+ "Url": "http://blog.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "184",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/download.php?name=274"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 06:46 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?name=274 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 97.6728,
+ "StatusCode": 200
+ },
+ "LookupId": "7bbb615c-2769-58c9-b149-fb69e2e37abe",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in Header issue.
Fix the File Upload Vulnerability in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinHeader",
+ "Url": "https://app2.testsparker.com/download.php?name=274"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "613",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/files/list?page=103"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 07:55 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?page=103 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 453.4445,
+ "StatusCode": 200
+ },
+ "LookupId": "3b1dff23-1b86-52e1-9436-fb7bdf28060c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in Header via PUT Request issue.
Fix the CORS Misconfiguration in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinHeaderviaPUTRequest",
+ "Url": "https://app2.testsparker.com/files/list?page=103"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "163",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v2/export"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 04:38 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 24.4821,
+ "StatusCode": 200
+ },
+ "LookupId": "6fe8efc8-9dc8-5188-8fc2-3416878465cf",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in Multipart Data via POST Request issue.
Fix the Cookie Not Marked as Secure in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinMultipartDataviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/api/v2/export"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "518",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Open Redirect in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/blog/post.php"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 12:07 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 427.8684,
+ "StatusCode": 200
+ },
+ "LookupId": "5add1673-50c5-505d-9de6-f565f9134147",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in Cookie issue.
Fix the Open Redirect in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "OpenRedirectinCookie",
+ "Url": "https://shop.testsparker.com/blog/post.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "131",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/settings.php?name=929"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 07:18 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?name=929 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 288.5825,
+ "StatusCode": 200
+ },
+ "LookupId": "3e67259c-e98b-5686-87fa-7a26d8b72536",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in Header via POST Request issue.
Fix the Unvalidated Redirect in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinHeaderviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/settings.php?name=929"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "183",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a NoSQL Injection in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v1/products?action=391"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 04:10 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products?action=391 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 200.3664,
+ "StatusCode": 200
+ },
+ "LookupId": "66b2b839-e419-5ee1-9835-ef9be487c80b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in Header via POST Request issue.
Fix the NoSQL Injection in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "NoSQLInjectioninHeaderviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/api/v1/products?action=391"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "215",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XML External Entity in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/search?action=620"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 02:59 AM",
+ "HttpRequest": {
+ "Content": "GET /search?action=620 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 403.6434,
+ "StatusCode": 200
+ },
+ "LookupId": "24836f56-c878-5f7e-8738-321bc4816dcc",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in Cookie via PUT Request issue.
Fix the XML External Entity in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "XMLExternalEntityinCookieviaPUTRequest",
+ "Url": "http://blog.testsparker.com/search?action=620"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "218",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XPath Injection in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/files/download?filter=67"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 05:29 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?filter=67 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 28.7583,
+ "StatusCode": 200
+ },
+ "LookupId": "640db0f3-f608-5a69-89bf-ec9e43d6b357",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in File Name via POST Request issue.
Fix the XPath Injection in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "XPathInjectioninFileNameviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/files/download?filter=67"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "606",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CSRF in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/auth/reset.php?sort=877"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 10:27 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php?sort=877 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 46.4362,
+ "StatusCode": 200
+ },
+ "LookupId": "790587f7-43d8-5a08-bd6e-9dedce762a67",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in Form Field via POST Request issue.
Fix the CSRF in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CSRFinFormFieldviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/auth/reset.php?sort=877"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "410",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Password Policy in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/reports/view"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 02:22 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 24.7086,
+ "StatusCode": 200
+ },
+ "LookupId": "5f358cd9-087c-5ddb-a9fb-e63db5108a05",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in JSON Payload via POST Request issue.
Fix the Weak Password Policy in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinJSONPayloadviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/reports/view"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "663",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v2/search?name=385"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 03:59 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?name=385 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 377.211,
+ "StatusCode": 200
+ },
+ "LookupId": "2f72c0dc-eca9-5737-a9be-9550e5796862",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in POST Body via PUT Request issue.
Fix the Insecure Direct Object Reference in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinPOSTBodyviaPUTRequest",
+ "Url": "https://app2.testsparker.com/api/v2/search?name=385"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "476",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Clickjacking in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v2/webhook?id=213"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 11:04 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?id=213 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 106.2487,
+ "StatusCode": 200
+ },
+ "LookupId": "dd67737e-a0b5-57ce-a043-22eaad2802ff",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in Header via PUT Request issue.
Fix the Clickjacking in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "ClickjackinginHeaderviaPUTRequest",
+ "Url": "https://app2.testsparker.com/api/v2/webhook?id=213"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "656",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Clickjacking in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/account/billing?id=462"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 06:29 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing?id=462 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 455.6021,
+ "StatusCode": 200
+ },
+ "LookupId": "4c679f8a-a977-54c0-9dc8-5eb3227a6a33",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in Cookie issue.
Fix the Clickjacking in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "ClickjackinginCookie",
+ "Url": "https://docs.testsparker.com/account/billing?id=462"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "379",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "3"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Directory Traversal in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/cart.php"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 06:24 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 240.1404,
+ "StatusCode": 200
+ },
+ "LookupId": "1cbb9780-bf0e-55bb-88ea-f5b9854b9869",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in File Name issue.
Fix the Directory Traversal in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "DirectoryTraversalinFileName",
+ "Url": "http://app1.testsparker.com/cart.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "292",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Remote Code Execution in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/blog/post.php?name=433"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 04:54 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php?name=433 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 43.5473,
+ "StatusCode": 200
+ },
+ "LookupId": "0a079618-9a47-506c-bb3f-36b30f2a9e9c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in Multipart Data issue.
Fix the Remote Code Execution in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninMultipartData",
+ "Url": "http://blog.testsparker.com/blog/post.php?name=433"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "11",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "27"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Remote Code Execution in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/search"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 08:04 AM",
+ "HttpRequest": {
+ "Content": "GET /search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 496.7221,
+ "StatusCode": 200
+ },
+ "LookupId": "948a03d4-dcb6-5172-bbcc-b907b62f76a3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in Cookie via PUT Request issue.
Fix the Remote Code Execution in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninCookieviaPUTRequest",
+ "Url": "https://portal.testsparker.com/search"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "89",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a SQL Injection in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/admin/dashboard"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 07:01 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 67.0648,
+ "StatusCode": 200
+ },
+ "LookupId": "cdafda61-2114-5d64-908a-de4caa72fced",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in URL Path via POST Request issue.
Fix the SQL Injection in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "SQLInjectioninURLPathviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/admin/dashboard"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "505",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Directory Traversal in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/cart.php"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 12:02 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 264.4762,
+ "StatusCode": 200
+ },
+ "LookupId": "0e581a87-9bce-5433-88b6-dbbf63a8e15c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in POST Body issue.
Fix the Directory Traversal in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "DirectoryTraversalinPOSTBody",
+ "Url": "https://shop.testsparker.com/cart.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "249",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/admin/logs?action=201"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 11:59 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?action=201 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 292.2489,
+ "StatusCode": 200
+ },
+ "LookupId": "deac6ee7-8901-52f6-92a6-95785d6dbc32",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in Multipart Data issue.
Fix the DNS Zone Transfer in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "DNSZoneTransferinMultipartData",
+ "Url": "https://docs.testsparker.com/admin/logs?action=201"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "41",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Race Condition in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/account/security?ref=100"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 02:21 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?ref=100 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 488.6498,
+ "StatusCode": 200
+ },
+ "LookupId": "6710090f-c9f5-5e80-ba0a-0fe419861f19",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in URL Path issue.
Fix the Race Condition in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "RaceConditioninURLPath",
+ "Url": "https://portal.testsparker.com/account/security?ref=100"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "382",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "27"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/contact"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 02:13 AM",
+ "HttpRequest": {
+ "Content": "GET /contact HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 85.7319,
+ "StatusCode": 200
+ },
+ "LookupId": "ad3d7cac-2cd7-5c35-96a8-2dc7b3c86420",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in Cookie via POST Request issue.
Fix the Insecure HTTP Method in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinCookieviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/contact"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "621",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "33"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Open Redirect in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/files/list?ref=712"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 02:42 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?ref=712 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 411.684,
+ "StatusCode": 200
+ },
+ "LookupId": "4d855c4d-f54c-5400-ba7b-a7c4d1637d87",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in Form Field via POST Request issue.
Fix the Open Redirect in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "OpenRedirectinFormFieldviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/files/list?ref=712"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "510",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Open Redirect in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/auth/login.php"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 08:15 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 116.2682,
+ "StatusCode": 200
+ },
+ "LookupId": "0042dcf6-12db-585b-99a0-27768f1ae348",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in Query Parameter issue.
Fix the Open Redirect in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "OpenRedirectinQueryParameter",
+ "Url": "https://portal.testsparker.com/auth/login.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "657",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "17"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Information Disclosure in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/auth/reset.php"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 10:26 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 312.8731,
+ "StatusCode": 200
+ },
+ "LookupId": "494b6ff4-b669-5cf4-bb10-3b7948db4709",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in Header issue.
Fix the Information Disclosure in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "InformationDisclosureinHeader",
+ "Url": "https://shop.testsparker.com/auth/reset.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "260",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Password Policy in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/files/upload?type=495"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 12:25 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload?type=495 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 370.5334,
+ "StatusCode": 200
+ },
+ "LookupId": "6bf442c6-ebcc-562e-bdf9-96930a441fbc",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in File Name issue.
Fix the Weak Password Policy in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinFileName",
+ "Url": "https://portal.testsparker.com/files/upload?type=495"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "655",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/account/billing"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 06:48 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 89.159,
+ "StatusCode": 200
+ },
+ "LookupId": "03394987-d60c-5dbd-ae80-f3d9a1fc574c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly issue.
Fix the Cookie Not Marked as HttpOnly vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnly",
+ "Url": "http://admin.testsparker.com/account/billing"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "322",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure HTTP Method vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/admin/dashboard?page=992"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 09:10 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?page=992 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 37.871,
+ "StatusCode": 200
+ },
+ "LookupId": "09f5b113-e853-5ac9-88fb-2b72eeb28beb",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method issue.
Fix the Insecure HTTP Method vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "InsecureHTTPMethod",
+ "Url": "https://docs.testsparker.com/admin/dashboard?page=992"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "379",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "44"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cleartext Transmission in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/admin/dashboard?sort=242"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 01:30 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?sort=242 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 75.2704,
+ "StatusCode": 200
+ },
+ "LookupId": "088fca3b-3fee-516b-b1de-30d28fdcf14f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in Header via POST Request issue.
Fix the Cleartext Transmission in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CleartextTransmissioninHeaderviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/admin/dashboard?sort=242"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "125",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Path Disclosure in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/products.php?q=950"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 03:19 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php?q=950 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 279.9111,
+ "StatusCode": 200
+ },
+ "LookupId": "99098323-a8e3-5388-bbd6-242c73e681b6",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in POST Body issue.
Fix the Path Disclosure in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "PathDisclosureinPOSTBody",
+ "Url": "http://app1.testsparker.com/products.php?q=950"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "368",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v2/webhook?type=256"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 10:32 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?type=256 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 167.5862,
+ "StatusCode": 200
+ },
+ "LookupId": "75d8dea7-c91e-5191-8d09-94f908d568c7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in JSON Payload issue.
Fix the Insecure Direct Object Reference in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinJSONPayload",
+ "Url": "http://blog.testsparker.com/api/v2/webhook?type=256"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "180",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "33"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Cryptography in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 02:32 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 154.1834,
+ "StatusCode": 200
+ },
+ "LookupId": "ec469c4e-8fdb-5d83-aa26-19d837a095b0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in File Name issue.
Fix the Weak Cryptography in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "WeakCryptographyinFileName",
+ "Url": "https://portal.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "72",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/search"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 11:26 AM",
+ "HttpRequest": {
+ "Content": "GET /search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 434.8607,
+ "StatusCode": 200
+ },
+ "LookupId": "c4f40d88-0969-5358-bf1d-273117c955d7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in Header via PUT Request issue.
Fix the Missing X-Frame-Options in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinHeaderviaPUTRequest",
+ "Url": "https://app2.testsparker.com/search"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "85",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/reports/export"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 05:29 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 304.1909,
+ "StatusCode": 200
+ },
+ "LookupId": "81709e9a-a886-53b9-8276-45c38c982c37",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in Cookie via POST Request issue.
Fix the DNS Zone Transfer in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "DNSZoneTransferinCookieviaPOSTRequest",
+ "Url": "http://api.testsparker.com/reports/export"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "39",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Mass Assignment in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/files/upload"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 10:30 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 481.2515,
+ "StatusCode": 200
+ },
+ "LookupId": "fec05033-3591-5115-9e50-7b9bbb6e70e8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in Query Parameter issue.
Fix the Mass Assignment in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "MassAssignmentinQueryParameter",
+ "Url": "http://admin.testsparker.com/files/upload"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "115",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Clickjacking vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/payment.php?ref=565"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 01:53 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php?ref=565 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 190.9158,
+ "StatusCode": 200
+ },
+ "LookupId": "e2f5d918-be04-51d2-a20a-6025e870b6d7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking issue.
Fix the Clickjacking vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "Clickjacking",
+ "Url": "http://api.testsparker.com/payment.php?ref=565"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "443",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/profile.php?ref=449"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 02:14 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php?ref=449 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 481.3364,
+ "StatusCode": 200
+ },
+ "LookupId": "e9906b1e-50b5-5a54-a1b6-c5f7e01e11ac",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in POST Body issue.
Fix the Insecure HTTP Method in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinPOSTBody",
+ "Url": "http://blog.testsparker.com/profile.php?ref=449"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "425",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Unvalidated Redirect vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/admin/dashboard?page=487"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 12:24 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?page=487 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 252.2448,
+ "StatusCode": 200
+ },
+ "LookupId": "5ef6fe4b-41f1-55c6-babc-6898773079d7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect issue.
Fix the Unvalidated Redirect vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "UnvalidatedRedirect",
+ "Url": "https://portal.testsparker.com/admin/dashboard?page=487"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "211",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/contact?sort=144"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 06:00 AM",
+ "HttpRequest": {
+ "Content": "GET /contact?sort=144 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 322.0107,
+ "StatusCode": 200
+ },
+ "LookupId": "d4263e94-6bdc-50dd-baff-74635c7f6d05",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in URL Path via PUT Request issue.
Fix the DNS Zone Transfer in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "DNSZoneTransferinURLPathviaPUTRequest",
+ "Url": "https://portal.testsparker.com/contact?sort=144"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "201",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Cryptography in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v2/webhook"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 05:14 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 108.5844,
+ "StatusCode": 200
+ },
+ "LookupId": "9e2b2daa-9f7d-5a0e-ad3b-fe3450c075fe",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in Query Parameter via PUT Request issue.
Fix the Weak Cryptography in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "WeakCryptographyinQueryParameterviaPUTRequest",
+ "Url": "http://blog.testsparker.com/api/v2/webhook"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "244",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Cryptography in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/api/v2/search"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 11:03 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 463.9776,
+ "StatusCode": 200
+ },
+ "LookupId": "dbf336cc-a4a9-56dc-81f8-a2c90695f37e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in Form Field issue.
Fix the Weak Cryptography in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "WeakCryptographyinFormField",
+ "Url": "https://docs.testsparker.com/api/v2/search"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "520",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "2"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a SQL Injection in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/payment.php"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 10:13 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 454.0888,
+ "StatusCode": 200
+ },
+ "LookupId": "aaf8f272-8635-5b81-aff7-094306cd6762",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in File Name issue.
Fix the SQL Injection in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "SQLInjectioninFileName",
+ "Url": "https://portal.testsparker.com/payment.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "235",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CSRF in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v2/search?sort=857"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 01:17 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?sort=857 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 367.5183,
+ "StatusCode": 200
+ },
+ "LookupId": "e5a9fa12-c7bb-5b9e-803d-5a2117ccf48e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in URL Path via PUT Request issue.
Fix the CSRF in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CSRFinURLPathviaPUTRequest",
+ "Url": "http://blog.testsparker.com/api/v2/search?sort=857"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "90",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a SQL Injection in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/blog/post.php?token=650"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 07:06 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php?token=650 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 253.2384,
+ "StatusCode": 200
+ },
+ "LookupId": "83fff447-a533-5439-b499-a3c034607bb8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in Multipart Data via POST Request issue.
Fix the SQL Injection in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "SQLInjectioninMultipartDataviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/blog/post.php?token=650"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "549",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "12"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/profile.php?page=124"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 12:30 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php?page=124 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 145.4848,
+ "StatusCode": 200
+ },
+ "LookupId": "a7b084df-1046-5406-9a63-8149d54d271a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in POST Body issue.
Fix the Cookie Not Marked as Secure in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinPOSTBody",
+ "Url": "https://docs.testsparker.com/profile.php?page=124"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "602",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a NoSQL Injection in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/files/upload?token=782"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 03:21 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload?token=782 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 288.4135,
+ "StatusCode": 200
+ },
+ "LookupId": "cd5c4ac2-6e34-5e1d-a84e-21232988c0e2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in JSON Payload via POST Request issue.
Fix the NoSQL Injection in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "NoSQLInjectioninJSONPayloadviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/files/upload?token=782"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "213",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CSRF in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/dashboard?q=96"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 01:26 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?q=96 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 46.0522,
+ "StatusCode": 200
+ },
+ "LookupId": "e744a124-460a-5723-91c2-125cfc0412be",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in Multipart Data via POST Request issue.
Fix the CSRF in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CSRFinMultipartDataviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/admin/dashboard?q=96"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "132",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XML External Entity in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/admin/users?ref=820"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 09:16 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users?ref=820 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 427.2106,
+ "StatusCode": 200
+ },
+ "LookupId": "e107252f-79d2-5ec8-a9f0-19792ac02fef",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in Form Field via POST Request issue.
Fix the XML External Entity in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "XMLExternalEntityinFormFieldviaPOSTRequest",
+ "Url": "http://api.testsparker.com/admin/users?ref=820"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "482",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Race Condition in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/help"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 10:26 AM",
+ "HttpRequest": {
+ "Content": "GET /help HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 34.934,
+ "StatusCode": 200
+ },
+ "LookupId": "da96d36e-b2a3-5826-b6db-7878c6d8815b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in JSON Payload via PUT Request issue.
Fix the Race Condition in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "RaceConditioninJSONPayloadviaPUTRequest",
+ "Url": "http://blog.testsparker.com/help"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "514",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Password Policy in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/files/upload"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 03:28 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 31.8091,
+ "StatusCode": 200
+ },
+ "LookupId": "f381b59e-d606-55c1-878a-e42b4a1ba5af",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in Cookie via PUT Request issue.
Fix the Weak Password Policy in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinCookieviaPUTRequest",
+ "Url": "http://blog.testsparker.com/files/upload"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "195",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "29"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Broken Authentication vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v2/search?filter=820"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 03:17 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?filter=820 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 236.6878,
+ "StatusCode": 200
+ },
+ "LookupId": "29e1b5d6-0bdc-5267-809c-4a1157ffec95",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication issue.
Fix the Broken Authentication vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "BrokenAuthentication",
+ "Url": "http://app1.testsparker.com/api/v2/search?filter=820"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "115",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CSRF vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v2/export"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 01:46 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 439.1679,
+ "StatusCode": 200
+ },
+ "LookupId": "d0c079db-e07b-529d-a53b-50a4212b7977",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF",
+ "ProofOfConcept": "",
+ "RemedialActions": "",
+ "RemedialProcedure": "Fix the CSRF vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CSRF",
+ "Url": "http://app1.testsparker.com/api/v2/export"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "433",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "38"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Clickjacking in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 08:01 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 196.184,
+ "StatusCode": 200
+ },
+ "LookupId": "fe64cac9-5e3a-5bf0-828d-4a1466495d07",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in Multipart Data via POST Request issue.
Fix the Clickjacking in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "ClickjackinginMultipartDataviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "238",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/admin/logs?type=200"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 06:05 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?type=200 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 303.044,
+ "StatusCode": 200
+ },
+ "LookupId": "e117f590-36ce-5443-b247-b9cbb93927d6",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in Cookie via PUT Request issue.
Fix the Cookie Not Marked as Secure in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinCookieviaPUTRequest",
+ "Url": "http://app1.testsparker.com/admin/logs?type=200"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "649",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a NoSQL Injection in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/settings.php"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 12:19 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 452.6778,
+ "StatusCode": 200
+ },
+ "LookupId": "3c94e426-5273-56fb-8466-9b125a9f3454",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in POST Body issue.
Fix the NoSQL Injection in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "NoSQLInjectioninPOSTBody",
+ "Url": "https://portal.testsparker.com/settings.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "510",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a NoSQL Injection in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/account/security"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 08:07 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 246.2626,
+ "StatusCode": 200
+ },
+ "LookupId": "14ecd8ae-96a6-597f-8e91-3864615b8d69",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in XML Input via POST Request issue.
Fix the NoSQL Injection in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "NoSQLInjectioninXMLInputviaPOSTRequest",
+ "Url": "http://api.testsparker.com/account/security"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "463",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/reports/view"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 08:07 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 375.0306,
+ "StatusCode": 200
+ },
+ "LookupId": "e1005ae0-0a57-50cf-b4cf-72b87d7d81b0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in URL Path via PUT Request issue.
Fix the Insecure HTTP Method in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinURLPathviaPUTRequest",
+ "Url": "https://docs.testsparker.com/reports/view"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "119",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Clickjacking in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/files/upload"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 02:22 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 351.5146,
+ "StatusCode": 200
+ },
+ "LookupId": "20d8dd9f-6011-5a36-8530-9c049a82b33a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in POST Body via PUT Request issue.
Fix the Clickjacking in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "ClickjackinginPOSTBodyviaPUTRequest",
+ "Url": "http://admin.testsparker.com/files/upload"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "14",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/files/upload"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 03:03 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 338.4245,
+ "StatusCode": 200
+ },
+ "LookupId": "afae7ffe-723b-5680-a101-3ebc8cb2e969",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in Form Field issue.
Fix the Insecure HTTP Method in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinFormField",
+ "Url": "https://docs.testsparker.com/files/upload"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "575",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/reports/export?token=682"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 09:55 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export?token=682 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 463.3691,
+ "StatusCode": 200
+ },
+ "LookupId": "d3ea04a3-8bed-58d3-bb12-e9e3d484c78e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in URL Path via PUT Request issue.
Fix the HTTP Response Splitting in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginURLPathviaPUTRequest",
+ "Url": "https://portal.testsparker.com/reports/export?token=682"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "341",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Deserialization in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/config?name=615"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 11:30 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/config?name=615 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 43.0816,
+ "StatusCode": 200
+ },
+ "LookupId": "b0c0aa5c-a837-5a1b-a72e-ee0c574c7dc1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in XML Input via POST Request issue.
Fix the Insecure Deserialization in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureDeserializationinXMLInputviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/admin/config?name=615"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "45",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a SQL Injection in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/files/list?type=259"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 12:04 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?type=259 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 60.2814,
+ "StatusCode": 200
+ },
+ "LookupId": "475a70af-1f70-58ff-8fda-0f083bf6c52b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in Form Field issue.
Fix the SQL Injection in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "SQLInjectioninFormField",
+ "Url": "http://blog.testsparker.com/files/list?type=259"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "171",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in XML Input via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/payment.php?sort=533"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 05:16 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php?sort=533 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 229.9762,
+ "StatusCode": 200
+ },
+ "LookupId": "a1c2f6f8-7392-5ad9-9758-aa7624c3e636",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in XML Input via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in XML Input via PUT Request issue.
Fix the Server-Side Request Forgery in XML Input via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinXMLInputviaPUTRequest",
+ "Url": "https://shop.testsparker.com/payment.php?sort=533"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "143",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a LDAP Injection in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v2/search?name=763"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 06:00 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?name=763 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 222.8468,
+ "StatusCode": 200
+ },
+ "LookupId": "c844a1ca-a507-53b6-a141-4f213aa2453f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in Multipart Data via POST Request issue.
Fix the LDAP Injection in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "LDAPInjectioninMultipartDataviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/api/v2/search?name=763"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "510",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Information Disclosure in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v2/search?q=605"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 06:29 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?q=605 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 465.0172,
+ "StatusCode": 200
+ },
+ "LookupId": "01bde66c-d8be-5cb5-9c83-d1cb9b1db096",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in JSON Payload via PUT Request issue.
Fix the Information Disclosure in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InformationDisclosureinJSONPayloadviaPUTRequest",
+ "Url": "http://admin.testsparker.com/api/v2/search?q=605"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "383",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "3"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Mass Assignment in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/api/v2/export?type=746"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 04:46 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export?type=746 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 341.1179,
+ "StatusCode": 200
+ },
+ "LookupId": "32724940-f3b7-5450-acbf-355362a3699f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in Multipart Data via POST Request issue.
Fix the Mass Assignment in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "MassAssignmentinMultipartDataviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/api/v2/export?type=746"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "46",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Clickjacking in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v2/search"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 06:24 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 460.911,
+ "StatusCode": 200
+ },
+ "LookupId": "dcb5e0bf-060c-52e3-8da9-c3c87be02ef5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in JSON Payload issue.
Fix the Clickjacking in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "ClickjackinginJSONPayload",
+ "Url": "http://admin.testsparker.com/api/v2/search"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "384",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/payment.php?q=410"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 05:59 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php?q=410 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 288.4128,
+ "StatusCode": 200
+ },
+ "LookupId": "e3fc0f37-5bb4-5150-b90b-280f2edb5320",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in Form Field via POST Request issue.
Fix the Cookie Not Marked as HttpOnly in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinFormFieldviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/payment.php?q=410"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "145",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "34"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Broken Authentication in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/cart.php"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 04:26 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 250.3484,
+ "StatusCode": 200
+ },
+ "LookupId": "6458a0dd-b1d1-5d6e-b959-20cabcb0feb2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in URL Path via PUT Request issue.
Fix the Broken Authentication in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinURLPathviaPUTRequest",
+ "Url": "http://api.testsparker.com/cart.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "651",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "22"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Directory Traversal in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/cart.php?sort=746"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 09:00 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php?sort=746 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 178.0459,
+ "StatusCode": 200
+ },
+ "LookupId": "3dcee37d-e3db-5489-8a45-88b9aac87e67",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in Header via PUT Request issue.
Fix the Directory Traversal in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "DirectoryTraversalinHeaderviaPUTRequest",
+ "Url": "https://shop.testsparker.com/cart.php?sort=746"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "275",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Mass Assignment in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/account/billing?type=266"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 01:34 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing?type=266 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 126.7262,
+ "StatusCode": 200
+ },
+ "LookupId": "1b07b0f5-1cbc-579e-bdb7-eef77a4fab37",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in Form Field via POST Request issue.
Fix the Mass Assignment in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "MassAssignmentinFormFieldviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/account/billing?type=266"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "375",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "22"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Broken Authentication in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/search"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 08:48 AM",
+ "HttpRequest": {
+ "Content": "GET /search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 385.589,
+ "StatusCode": 200
+ },
+ "LookupId": "f58052a7-a8d5-5a1c-ac47-93554ca680c9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in POST Body via POST Request issue.
Fix the Broken Authentication in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinPOSTBodyviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/search"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "646",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Remote Code Execution in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/files/list?sort=266"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 02:41 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?sort=266 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 28.8659,
+ "StatusCode": 200
+ },
+ "LookupId": "50c63388-4baa-5e85-bfc7-ad9272d9d531",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in POST Body via PUT Request issue.
Fix the Remote Code Execution in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninPOSTBodyviaPUTRequest",
+ "Url": "https://app2.testsparker.com/files/list?sort=266"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "307",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "24"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 02:48 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 219.3887,
+ "StatusCode": 200
+ },
+ "LookupId": "eda77a72-3ce9-576d-a53c-bff3423387a0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in Query Parameter issue.
Fix the Cookie Not Marked as Secure in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinQueryParameter",
+ "Url": "http://api.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "121",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Path Disclosure in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/files/upload?filter=586"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 05:31 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload?filter=586 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 23.7091,
+ "StatusCode": 200
+ },
+ "LookupId": "4a00c8d5-8a4a-5653-adb4-b9e58a1b30d4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in URL Path via POST Request issue.
Fix the Path Disclosure in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "PathDisclosureinURLPathviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/files/upload?filter=586"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "150",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Cryptography in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/contact"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 03:48 AM",
+ "HttpRequest": {
+ "Content": "GET /contact HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 381.9847,
+ "StatusCode": 200
+ },
+ "LookupId": "172e3960-6661-5fad-8c79-1840d7467655",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in Cookie issue.
Fix the Weak Cryptography in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "WeakCryptographyinCookie",
+ "Url": "https://shop.testsparker.com/contact"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "181",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/profile.php?name=816"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 11:23 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php?name=816 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 149.6816,
+ "StatusCode": 200
+ },
+ "LookupId": "5cbe87c2-8e66-5eb5-b9b5-d10b593728c2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in POST Body via POST Request issue.
Fix the DNS Zone Transfer in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "DNSZoneTransferinPOSTBodyviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/profile.php?name=816"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "688",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "12"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Remote Code Execution in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/download.php?token=258"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 12:33 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?token=258 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 432.7278,
+ "StatusCode": 200
+ },
+ "LookupId": "46f92492-0e5c-556b-b249-6257e9a6b58f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in Header via POST Request issue.
Fix the Remote Code Execution in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninHeaderviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/download.php?token=258"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "566",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Directory Traversal in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/help"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 01:19 AM",
+ "HttpRequest": {
+ "Content": "GET /help HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 460.2308,
+ "StatusCode": 200
+ },
+ "LookupId": "66db96c5-66b7-5d98-85db-e24a17b64067",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in URL Path issue.
Fix the Directory Traversal in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "DirectoryTraversalinURLPath",
+ "Url": "http://blog.testsparker.com/help"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "658",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Deserialization in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/auth/register.php"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 02:52 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 111.5547,
+ "StatusCode": 200
+ },
+ "LookupId": "e1b0332d-e2f5-54a8-8fb4-9a74b03b253c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in Header issue.
Fix the Insecure Deserialization in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InsecureDeserializationinHeader",
+ "Url": "https://app2.testsparker.com/auth/register.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "274",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Remote Code Execution in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/profile.php?page=20"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 04:14 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php?page=20 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 18.8557,
+ "StatusCode": 200
+ },
+ "LookupId": "a93713eb-111e-5e71-991a-4a46fba07342",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in Header via PUT Request issue.
Fix the Remote Code Execution in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninHeaderviaPUTRequest",
+ "Url": "http://admin.testsparker.com/profile.php?page=20"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "334",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/profile.php?name=816"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 04:57 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php?name=816 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 475.532,
+ "StatusCode": 200
+ },
+ "LookupId": "33b8d44f-0211-5a03-8232-385709e5ffac",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in POST Body via POST Request issue.
Fix the DNS Zone Transfer in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "DNSZoneTransferinPOSTBodyviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/profile.php?name=816"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "671",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/reports/export?name=793"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 03:23 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export?name=793 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 101.336,
+ "StatusCode": 200
+ },
+ "LookupId": "fc11e5b5-3b01-5a41-ae07-7218806dc84b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in XML Input via POST Request issue.
Fix the Sensitive Data Exposure in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinXMLInputviaPOSTRequest",
+ "Url": "http://api.testsparker.com/reports/export?name=793"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "355",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Cryptography in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v1/products?token=741"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 10:03 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products?token=741 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 202.7305,
+ "StatusCode": 200
+ },
+ "LookupId": "757bb65a-1ca5-568f-9a15-5c4ff0b3bb51",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in Multipart Data via POST Request issue.
Fix the Weak Cryptography in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "WeakCryptographyinMultipartDataviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/api/v1/products?token=741"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "539",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "12"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Clickjacking in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/upload.php?action=564"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 09:10 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php?action=564 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 213.8063,
+ "StatusCode": 200
+ },
+ "LookupId": "9e8089c6-209f-5899-9385-6434edd25dbf",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in Form Field issue.
Fix the Clickjacking in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "ClickjackinginFormField",
+ "Url": "http://app1.testsparker.com/upload.php?action=564"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "225",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Information Disclosure in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/upload.php?q=108"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 04:29 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php?q=108 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 315.7208,
+ "StatusCode": 200
+ },
+ "LookupId": "27df62e0-8b0e-5d71-8ecd-942f7039b431",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in JSON Payload via POST Request issue.
Fix the Information Disclosure in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InformationDisclosureinJSONPayloadviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/upload.php?q=108"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "76",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/files/download"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 06:03 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 136.5369,
+ "StatusCode": 200
+ },
+ "LookupId": "8cd76f26-a24a-5ea6-973e-201233bc0e76",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in POST Body via POST Request issue.
Fix the Cookie Not Marked as Secure in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinPOSTBodyviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/files/download"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "246",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a HSTS Missing in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/products.php?type=194"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 08:40 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php?type=194 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 301.0256,
+ "StatusCode": 200
+ },
+ "LookupId": "59601f92-46fa-5ffa-9c21-4db86effb3a5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in JSON Payload issue.
Fix the HSTS Missing in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "HSTSMissinginJSONPayload",
+ "Url": "http://admin.testsparker.com/products.php?type=194"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "378",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Email Header Injection in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/settings.php?sort=758"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 09:48 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?sort=758 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 400.027,
+ "StatusCode": 200
+ },
+ "LookupId": "76c0dcc6-6e47-529b-833e-281d3b4c5139",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in JSON Payload issue.
Fix the Email Header Injection in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninJSONPayload",
+ "Url": "https://portal.testsparker.com/settings.php?sort=758"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "552",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a SQL Injection in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/account/billing?action=448"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 02:47 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing?action=448 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 47.0208,
+ "StatusCode": 200
+ },
+ "LookupId": "a2ac59ad-ccaa-5e6f-85d3-31bcdcd74336",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in URL Path via PUT Request issue.
Fix the SQL Injection in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "SQLInjectioninURLPathviaPUTRequest",
+ "Url": "http://app1.testsparker.com/account/billing?action=448"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "555",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/contact?name=123"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 06:31 AM",
+ "HttpRequest": {
+ "Content": "GET /contact?name=123 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 450.0794,
+ "StatusCode": 200
+ },
+ "LookupId": "a8f261ae-344c-5f81-a547-f390095efaae",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in File Name issue.
Fix the CORS Misconfiguration in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinFileName",
+ "Url": "https://portal.testsparker.com/contact?name=123"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "688",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "33"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a NoSQL Injection in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/search"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 03:53 AM",
+ "HttpRequest": {
+ "Content": "GET /search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 332.2312,
+ "StatusCode": 200
+ },
+ "LookupId": "c11447ac-31ab-5611-95fc-3cb16a40d9fd",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in XML Input issue.
Fix the NoSQL Injection in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "NoSQLInjectioninXMLInput",
+ "Url": "https://portal.testsparker.com/search"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "481",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "33"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a SQL Injection in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/upload.php"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 12:21 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 216.2979,
+ "StatusCode": 200
+ },
+ "LookupId": "fe940c61-35b6-57d4-b0b4-ec5a6664160e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in POST Body via POST Request issue.
Fix the SQL Injection in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "SQLInjectioninPOSTBodyviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/upload.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "417",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/admin/logs?action=774"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 03:21 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?action=774 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 258.5736,
+ "StatusCode": 200
+ },
+ "LookupId": "9aad480a-5e98-55c4-80e7-88cd2e41b5fd",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in Header via PUT Request issue.
Fix the DNS Zone Transfer in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "DNSZoneTransferinHeaderviaPUTRequest",
+ "Url": "https://docs.testsparker.com/admin/logs?action=774"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "661",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/profile.php"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 11:11 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 292.2591,
+ "StatusCode": 200
+ },
+ "LookupId": "3b152eb7-4642-5cbb-adc6-2ccf7226080b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in Query Parameter via PUT Request issue.
Fix the File Upload Vulnerability in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinQueryParameterviaPUTRequest",
+ "Url": "http://api.testsparker.com/profile.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "116",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cross-site Scripting in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/files/list?id=684"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 09:00 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?id=684 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 158.6386,
+ "StatusCode": 200
+ },
+ "LookupId": "4656fdf6-6314-5771-ad74-885aacb144b3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in Multipart Data via POST Request issue.
Fix the Cross-site Scripting in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginMultipartDataviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/files/list?id=684"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "516",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Cryptography in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/contact"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 09:49 AM",
+ "HttpRequest": {
+ "Content": "GET /contact HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 113.2538,
+ "StatusCode": 200
+ },
+ "LookupId": "617140cd-93a1-5b31-9ac8-97964c3fa40f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in Cookie via PUT Request issue.
Fix the Weak Cryptography in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "WeakCryptographyinCookieviaPUTRequest",
+ "Url": "http://blog.testsparker.com/contact"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "659",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "33"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CSRF in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/blog/post.php?type=914"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 08:55 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php?type=914 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 91.0479,
+ "StatusCode": 200
+ },
+ "LookupId": "af319bbb-3090-5b00-976a-76d4828bd194",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in Form Field issue.
Fix the CSRF in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CSRFinFormField",
+ "Url": "https://shop.testsparker.com/blog/post.php?type=914"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "487",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "22"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XPath Injection in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/blog/post.php?token=66"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 05:05 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php?token=66 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 93.9976,
+ "StatusCode": 200
+ },
+ "LookupId": "df74174b-e5aa-51b9-85fd-89c46a8cb5ac",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in JSON Payload via POST Request issue.
Fix the XPath Injection in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "XPathInjectioninJSONPayloadviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/blog/post.php?token=66"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "646",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "44"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a NoSQL Injection in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/files/upload?token=782"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 02:38 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload?token=782 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 73.4198,
+ "StatusCode": 200
+ },
+ "LookupId": "8d763c9b-c5d9-545b-b24d-563ef883cff8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in JSON Payload via POST Request issue.
Fix the NoSQL Injection in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "NoSQLInjectioninJSONPayloadviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/files/upload?token=782"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "53",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Mass Assignment in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v1/orders"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 10:02 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 189.1299,
+ "StatusCode": 200
+ },
+ "LookupId": "a104cdcc-8cdf-52b7-8342-5b6febec3135",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in POST Body via POST Request issue.
Fix the Mass Assignment in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "MassAssignmentinPOSTBodyviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/api/v1/orders"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "412",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Information Disclosure in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/api/v1/users"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 12:20 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 455.5231,
+ "StatusCode": 200
+ },
+ "LookupId": "a0c185e8-a7d8-53ea-8b8d-7334b5fc27e5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in URL Path via POST Request issue.
Fix the Information Disclosure in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InformationDisclosureinURLPathviaPOSTRequest",
+ "Url": "http://api.testsparker.com/api/v1/users"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "253",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XPath Injection in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v1/users?sort=373"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 01:03 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users?sort=373 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 333.6111,
+ "StatusCode": 200
+ },
+ "LookupId": "9b4018ce-6be9-5167-b463-442df50f1f6e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in Form Field via POST Request issue.
Fix the XPath Injection in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "XPathInjectioninFormFieldviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/api/v1/users?sort=373"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "9",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Directory Traversal in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/auth/register.php?sort=7"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 05:54 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?sort=7 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 119.2161,
+ "StatusCode": 200
+ },
+ "LookupId": "5a9a11e2-8f5b-540a-9a5c-2fefdf46fed3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in URL Path via PUT Request issue.
Fix the Directory Traversal in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "DirectoryTraversalinURLPathviaPUTRequest",
+ "Url": "http://blog.testsparker.com/auth/register.php?sort=7"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "41",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Remote Code Execution in XML Input via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v2/export"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 08:10 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 385.8977,
+ "StatusCode": 200
+ },
+ "LookupId": "da5e05e7-f089-56cb-9f1f-d600cc4dcfbf",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in XML Input via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in XML Input via PUT Request issue.
Fix the Remote Code Execution in XML Input via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninXMLInputviaPUTRequest",
+ "Url": "https://portal.testsparker.com/api/v2/export"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "340",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/auth/reset.php?id=684"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 03:10 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php?id=684 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 339.3243,
+ "StatusCode": 200
+ },
+ "LookupId": "14e427a7-8db9-55c7-b994-f00c6b781dd9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in Query Parameter issue.
Fix the Cookie Not Marked as HttpOnly in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinQueryParameter",
+ "Url": "https://shop.testsparker.com/auth/reset.php?id=684"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "388",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "34"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Buffer Overflow in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/files/download?action=399"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 11:12 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?action=399 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 430.3006,
+ "StatusCode": 200
+ },
+ "LookupId": "798c5c26-2fab-51df-983e-049786e68bf5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in File Name via POST Request issue.
Fix the Buffer Overflow in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "BufferOverflowinFileNameviaPOSTRequest",
+ "Url": "http://api.testsparker.com/files/download?action=399"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "130",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Cryptography in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 06:53 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 156.2367,
+ "StatusCode": 200
+ },
+ "LookupId": "c2bdae20-3d5e-522f-b25f-88baaf5f7fc0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in File Name issue.
Fix the Weak Cryptography in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "WeakCryptographyinFileName",
+ "Url": "https://portal.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "104",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/auth/register.php?q=622"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 12:35 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?q=622 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 363.7987,
+ "StatusCode": 200
+ },
+ "LookupId": "6efa5018-bbae-5865-8653-2c7e0851ba45",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in XML Input issue.
Fix the Cookie Not Marked as Secure in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinXMLInput",
+ "Url": "https://docs.testsparker.com/auth/register.php?q=622"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "15",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/blog/edit.php"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 04:54 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 23.1395,
+ "StatusCode": 200
+ },
+ "LookupId": "13074927-d1b0-5b11-a9f6-b4ae3f7a2fb8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in Header via POST Request issue.
Fix the Insecure Direct Object Reference in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinHeaderviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/blog/edit.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "367",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Broken Authentication in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/blog/edit.php?q=829"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 06:23 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php?q=829 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 81.0694,
+ "StatusCode": 200
+ },
+ "LookupId": "b1487364-390f-520d-976f-cc2a1472c9e5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in Multipart Data via POST Request issue.
Fix the Broken Authentication in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinMultipartDataviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/blog/edit.php?q=829"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "548",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Clickjacking in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/payment.php?filter=70"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 10:03 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php?filter=70 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 277.5114,
+ "StatusCode": 200
+ },
+ "LookupId": "6d27ca61-bb77-57e3-9264-1ce68e23f387",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in Query Parameter via PUT Request issue.
Fix the Clickjacking in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "ClickjackinginQueryParameterviaPUTRequest",
+ "Url": "http://admin.testsparker.com/payment.php?filter=70"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "671",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "34"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a LDAP Injection in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/blog/post.php?filter=935"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 09:12 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php?filter=935 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 492.7565,
+ "StatusCode": 200
+ },
+ "LookupId": "3aff534b-34b7-59a3-85c3-aec0f11cdf1e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in POST Body via PUT Request issue.
Fix the LDAP Injection in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "LDAPInjectioninPOSTBodyviaPUTRequest",
+ "Url": "http://app1.testsparker.com/blog/post.php?filter=935"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "476",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/payment.php"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 12:48 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 462.005,
+ "StatusCode": 200
+ },
+ "LookupId": "7298603c-fd54-50c8-a5cb-621f7a6e54bd",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in POST Body via POST Request issue.
Fix the Server-Side Request Forgery in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinPOSTBodyviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/payment.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "180",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "22"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Broken Authentication in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/auth/login.php?filter=350"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 08:58 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php?filter=350 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 242.5052,
+ "StatusCode": 200
+ },
+ "LookupId": "203faf1a-5fff-5651-9e5f-c433c662cabd",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in Query Parameter issue.
Fix the Broken Authentication in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinQueryParameter",
+ "Url": "https://shop.testsparker.com/auth/login.php?filter=350"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "333",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a SQL Injection in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/download.php?type=271"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 06:14 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?type=271 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 367.9336,
+ "StatusCode": 200
+ },
+ "LookupId": "edc60ff7-055d-5fa4-9121-3145a1685b77",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in File Name via POST Request issue.
Fix the SQL Injection in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "SQLInjectioninFileNameviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/download.php?type=271"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "345",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "44"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a SQL Injection in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/cart.php?sort=447"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 03:53 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php?sort=447 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 239.0212,
+ "StatusCode": 200
+ },
+ "LookupId": "2d95e8a0-0823-5584-b010-8896f3643c0c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in POST Body issue.
Fix the SQL Injection in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "SQLInjectioninPOSTBody",
+ "Url": "http://blog.testsparker.com/cart.php?sort=447"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "426",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "12"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Race Condition in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v1/orders?ref=356"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 07:58 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders?ref=356 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 332.9492,
+ "StatusCode": 200
+ },
+ "LookupId": "dcfbf893-f7e7-5a35-bce6-00e06868af6e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in JSON Payload via POST Request issue.
Fix the Race Condition in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "RaceConditioninJSONPayloadviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/api/v1/orders?ref=356"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "187",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Remote Code Execution in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 09:49 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 349.3672,
+ "StatusCode": 200
+ },
+ "LookupId": "252a55bf-72bd-535e-b2dc-5f7caf93495c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in URL Path via PUT Request issue.
Fix the Remote Code Execution in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninURLPathviaPUTRequest",
+ "Url": "https://docs.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "152",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cross-site Scripting in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 03:38 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 227.6282,
+ "StatusCode": 200
+ },
+ "LookupId": "184bf69b-1685-5cb1-9586-837da24cef83",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in URL Path issue.
Fix the Cross-site Scripting in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginURLPath",
+ "Url": "http://app1.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "400",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Broken Authentication in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/admin/logs"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 09:18 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 114.7299,
+ "StatusCode": 200
+ },
+ "LookupId": "cb548ac0-aed8-56eb-8752-ca648b28916a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in URL Path via POST Request issue.
Fix the Broken Authentication in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinURLPathviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/admin/logs"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "42",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/files/download"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 02:43 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 203.4122,
+ "StatusCode": 200
+ },
+ "LookupId": "7f142e08-93ab-5e4a-a988-d64275efd9a4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in XML Input issue.
Fix the Server-Side Request Forgery in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinXMLInput",
+ "Url": "http://api.testsparker.com/files/download"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "442",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Mass Assignment in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/checkout.php?type=97"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 10:15 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php?type=97 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 460.1998,
+ "StatusCode": 200
+ },
+ "LookupId": "29ea0b8a-8ee2-5ad4-a2f7-36a7b31cbbe0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in Cookie via PUT Request issue.
Fix the Mass Assignment in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "MassAssignmentinCookieviaPUTRequest",
+ "Url": "http://blog.testsparker.com/checkout.php?type=97"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "374",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a SQL Injection in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/help?token=504"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 12:58 AM",
+ "HttpRequest": {
+ "Content": "GET /help?token=504 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 87.7893,
+ "StatusCode": 200
+ },
+ "LookupId": "fe0465d0-43a7-51b7-8fe3-41942cb7ad8c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in Query Parameter issue.
Fix the SQL Injection in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "SQLInjectioninQueryParameter",
+ "Url": "https://docs.testsparker.com/help?token=504"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "481",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Race Condition in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/admin/logs"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 10:53 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 189.9235,
+ "StatusCode": 200
+ },
+ "LookupId": "41ef9447-9271-5701-87f9-f18cd71b5286",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in XML Input issue.
Fix the Race Condition in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "RaceConditioninXMLInput",
+ "Url": "http://app1.testsparker.com/admin/logs"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "696",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Session Fixation in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/reports/view"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 10:05 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 29.8106,
+ "StatusCode": 200
+ },
+ "LookupId": "ea771b7d-bb81-5aea-a9db-4a20f8e1e30e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in XML Input issue.
Fix the Session Fixation in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "SessionFixationinXMLInput",
+ "Url": "https://app2.testsparker.com/reports/view"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "444",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Information Disclosure in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/blog/edit.php?action=320"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 06:39 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php?action=320 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 62.704,
+ "StatusCode": 200
+ },
+ "LookupId": "945e917f-fcf1-51d4-b782-78aaa446f4f9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in Multipart Data via POST Request issue.
Fix the Information Disclosure in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "InformationDisclosureinMultipartDataviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/blog/edit.php?action=320"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "340",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cleartext Transmission in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/blog/edit.php?action=698"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 08:58 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php?action=698 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 141.6063,
+ "StatusCode": 200
+ },
+ "LookupId": "97c3a6f7-b99b-5299-8361-55abf768fcc0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in XML Input issue.
Fix the Cleartext Transmission in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CleartextTransmissioninXMLInput",
+ "Url": "http://admin.testsparker.com/blog/edit.php?action=698"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "636",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Email Header Injection in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/account/billing?q=225"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 02:17 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing?q=225 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 217.3161,
+ "StatusCode": 200
+ },
+ "LookupId": "dbd182c8-21f2-55b2-a648-686240c22bda",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in Multipart Data via POST Request issue.
Fix the Email Header Injection in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninMultipartDataviaPOSTRequest",
+ "Url": "http://api.testsparker.com/account/billing?q=225"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "205",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "40"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Directory Traversal in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/cart.php"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 03:30 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 338.0348,
+ "StatusCode": 200
+ },
+ "LookupId": "734f0901-0ea5-540a-8f96-25cc698783a3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in POST Body issue.
Fix the Directory Traversal in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "DirectoryTraversalinPOSTBody",
+ "Url": "https://shop.testsparker.com/cart.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "519",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Deserialization in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v1/orders"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 05:52 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 178.9319,
+ "StatusCode": 200
+ },
+ "LookupId": "0e2381ca-f657-5a7e-8eed-fa9af528a959",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in JSON Payload via POST Request issue.
Fix the Insecure Deserialization in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "InsecureDeserializationinJSONPayloadviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/api/v1/orders"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "520",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XPath Injection vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/help?filter=639"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 07:44 AM",
+ "HttpRequest": {
+ "Content": "GET /help?filter=639 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 154.871,
+ "StatusCode": 200
+ },
+ "LookupId": "dacdbe6e-42c1-5137-8d94-e04ec3ac4cb2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection issue.
Fix the XPath Injection vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "XPathInjection",
+ "Url": "https://portal.testsparker.com/help?filter=639"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "362",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a HSTS Missing in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/admin/logs?sort=704"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 08:17 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?sort=704 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 224.3509,
+ "StatusCode": 200
+ },
+ "LookupId": "00dc999b-6988-5866-a649-4a9440702c24",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in Form Field issue.
Fix the HSTS Missing in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "HSTSMissinginFormField",
+ "Url": "https://portal.testsparker.com/admin/logs?sort=704"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "437",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Command Injection in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/contact"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 10:49 AM",
+ "HttpRequest": {
+ "Content": "GET /contact HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 207.6015,
+ "StatusCode": 200
+ },
+ "LookupId": "2604c919-395b-58a0-9d2d-f3b6a43a467d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in Cookie via PUT Request issue.
Fix the Command Injection in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CommandInjectioninCookieviaPUTRequest",
+ "Url": "https://portal.testsparker.com/contact"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "194",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/files/download?page=656"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 12:21 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?page=656 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 427.4843,
+ "StatusCode": 200
+ },
+ "LookupId": "2bbff4cf-bb51-5c22-b7a5-4f4932250d08",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in JSON Payload via POST Request issue.
Fix the Missing X-Frame-Options in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinJSONPayloadviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/files/download?page=656"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "599",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Open Redirect in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v2/export?token=333"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 01:37 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export?token=333 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 393.9029,
+ "StatusCode": 200
+ },
+ "LookupId": "e40dddcc-e6c5-5bd6-951d-6d586eea53dc",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in Multipart Data issue.
Fix the Open Redirect in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "OpenRedirectinMultipartData",
+ "Url": "https://portal.testsparker.com/api/v2/export?token=333"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "383",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "24"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Information Disclosure in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/blog/post.php?token=981"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 12:40 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php?token=981 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 179.926,
+ "StatusCode": 200
+ },
+ "LookupId": "cf684a6e-1439-5ef2-b615-c21c2930810c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in Header via PUT Request issue.
Fix the Information Disclosure in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InformationDisclosureinHeaderviaPUTRequest",
+ "Url": "https://docs.testsparker.com/blog/post.php?token=981"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "277",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XML External Entity vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/cart.php"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 02:32 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 385.3399,
+ "StatusCode": 200
+ },
+ "LookupId": "1d14db83-de77-5cb1-85e1-e4f72852c539",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity issue.
Fix the XML External Entity vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "XMLExternalEntity",
+ "Url": "http://app1.testsparker.com/cart.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "182",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Path Disclosure in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/admin/logs"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 12:32 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 68.4834,
+ "StatusCode": 200
+ },
+ "LookupId": "88ec074f-24e5-504c-bb18-9d4c29973056",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in Form Field issue.
Fix the Path Disclosure in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "PathDisclosureinFormField",
+ "Url": "https://shop.testsparker.com/admin/logs"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "236",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Buffer Overflow in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/profile.php?id=933"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 04:39 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php?id=933 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 132.8071,
+ "StatusCode": 200
+ },
+ "LookupId": "675d3736-0f05-53ce-b4f6-9b685a65c2a7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in POST Body issue.
Fix the Buffer Overflow in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "BufferOverflowinPOSTBody",
+ "Url": "http://blog.testsparker.com/profile.php?id=933"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "639",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/api/v2/webhook?q=309"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 01:09 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?q=309 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 305.8574,
+ "StatusCode": 200
+ },
+ "LookupId": "ee6dc224-1827-5d62-893e-2ceed6f68fe9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in Query Parameter via PUT Request issue.
Fix the Cookie Not Marked as HttpOnly in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinQueryParameterviaPUTRequest",
+ "Url": "https://docs.testsparker.com/api/v2/webhook?q=309"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "652",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a LDAP Injection in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/auth/login.php"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 11:24 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 426.0129,
+ "StatusCode": 200
+ },
+ "LookupId": "f7186394-9a1c-56e3-83c9-ca3cf22abaad",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in JSON Payload issue.
Fix the LDAP Injection in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "LDAPInjectioninJSONPayload",
+ "Url": "http://api.testsparker.com/auth/login.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "623",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/reports/generate?token=848"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 03:43 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?token=848 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 233.2581,
+ "StatusCode": 200
+ },
+ "LookupId": "81698020-52ad-5e30-9a04-b42a44a07e80",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in File Name via POST Request issue.
Fix the Insecure HTTP Method in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinFileNameviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/reports/generate?token=848"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "472",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "29"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/blog/edit.php?filter=214"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 08:23 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php?filter=214 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 175.5227,
+ "StatusCode": 200
+ },
+ "LookupId": "923bea30-938f-543d-abf6-854fef0e25d4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in JSON Payload via PUT Request issue.
Fix the Unvalidated Redirect in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinJSONPayloadviaPUTRequest",
+ "Url": "https://portal.testsparker.com/blog/edit.php?filter=214"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "136",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a SQL Injection in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/upload.php"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 03:06 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 266.1625,
+ "StatusCode": 200
+ },
+ "LookupId": "21eee048-2582-5e80-833c-d29227e4ac27",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in Cookie issue.
Fix the SQL Injection in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "SQLInjectioninCookie",
+ "Url": "https://docs.testsparker.com/upload.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "571",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Remote Code Execution in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/files/download?id=623"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 11:11 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?id=623 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 295.2391,
+ "StatusCode": 200
+ },
+ "LookupId": "4cf51728-3a19-5c17-8350-f8bd2a891fcf",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in Query Parameter issue.
Fix the Remote Code Execution in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninQueryParameter",
+ "Url": "https://portal.testsparker.com/files/download?id=623"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "366",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cross-site Scripting in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 02:31 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 206.2743,
+ "StatusCode": 200
+ },
+ "LookupId": "dbf97d50-0dfe-5cf4-b82d-b7b476205b97",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in Cookie via POST Request issue.
Fix the Cross-site Scripting in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginCookieviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "17",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Integer Overflow in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/checkout.php?type=164"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 03:52 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php?type=164 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 390.2732,
+ "StatusCode": 200
+ },
+ "LookupId": "7453ba70-e376-5c25-8492-644bcf4642ad",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in URL Path issue.
Fix the Integer Overflow in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "IntegerOverflowinURLPath",
+ "Url": "http://api.testsparker.com/checkout.php?type=164"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "68",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XML External Entity vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/cart.php"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 11:31 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 203.8596,
+ "StatusCode": 200
+ },
+ "LookupId": "21776d5b-e982-554c-94f1-f20dc895feeb",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity issue.
Fix the XML External Entity vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "XMLExternalEntity",
+ "Url": "http://app1.testsparker.com/cart.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "132",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/account/security?q=24"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 01:28 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?q=24 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 191.3042,
+ "StatusCode": 200
+ },
+ "LookupId": "0f21dcdd-a769-5daf-add9-f172838accea",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in URL Path via POST Request issue.
Fix the File Upload Vulnerability in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinURLPathviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/account/security?q=24"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "688",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Cryptography vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/payment.php?filter=245"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 02:00 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php?filter=245 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 234.5599,
+ "StatusCode": 200
+ },
+ "LookupId": "396b3e55-d45d-516b-b248-f77fea7d5056",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography issue.
Fix the Weak Cryptography vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "WeakCryptography",
+ "Url": "https://shop.testsparker.com/payment.php?filter=245"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "609",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "12"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Version Disclosure in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v2/export"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 09:22 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 178.682,
+ "StatusCode": 200
+ },
+ "LookupId": "17501dc0-9b09-54b7-beec-53c6c46113ac",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in XML Input issue.
Fix the Version Disclosure in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "VersionDisclosureinXMLInput",
+ "Url": "http://blog.testsparker.com/api/v2/export"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "223",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Broken Authentication in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/files/list?page=644"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 02:37 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?page=644 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 367.7045,
+ "StatusCode": 200
+ },
+ "LookupId": "e2742ec9-1b58-54b4-b199-44d43f5567b9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in JSON Payload issue.
Fix the Broken Authentication in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinJSONPayload",
+ "Url": "http://api.testsparker.com/files/list?page=644"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "558",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Remote Code Execution in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 05:12 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 484.4214,
+ "StatusCode": 200
+ },
+ "LookupId": "9f20cc97-065e-584f-8548-0606cf2fe784",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in Cookie issue.
Fix the Remote Code Execution in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninCookie",
+ "Url": "https://docs.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "69",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "36"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/account/security"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 03:02 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 214.8981,
+ "StatusCode": 200
+ },
+ "LookupId": "027e39cd-3d43-5bb2-a04e-2953a767bbf5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in POST Body via PUT Request issue.
Fix the Sensitive Data Exposure in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinPOSTBodyviaPUTRequest",
+ "Url": "https://app2.testsparker.com/account/security"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "444",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XML External Entity in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/help?filter=13"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 03:27 AM",
+ "HttpRequest": {
+ "Content": "GET /help?filter=13 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 96.3071,
+ "StatusCode": 200
+ },
+ "LookupId": "8f41f2f1-cb10-53cd-9b44-5989ceff87a4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in POST Body issue.
Fix the XML External Entity in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "XMLExternalEntityinPOSTBody",
+ "Url": "http://blog.testsparker.com/help?filter=13"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "167",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Deserialization in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v2/export?q=519"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 10:22 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export?q=519 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 377.3445,
+ "StatusCode": 200
+ },
+ "LookupId": "bd98f763-a2dd-5e6b-92ef-c7f2e3b4e709",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in URL Path via PUT Request issue.
Fix the Insecure Deserialization in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InsecureDeserializationinURLPathviaPUTRequest",
+ "Url": "http://blog.testsparker.com/api/v2/export?q=519"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "209",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "34"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a NoSQL Injection in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/upload.php?id=340"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 08:39 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php?id=340 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 367.6626,
+ "StatusCode": 200
+ },
+ "LookupId": "7d0bb7c3-d2c2-5ba4-90e1-f4d377ae29be",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in Multipart Data issue.
Fix the NoSQL Injection in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "NoSQLInjectioninMultipartData",
+ "Url": "https://app2.testsparker.com/upload.php?id=340"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "226",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Mass Assignment in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/api/v2/export?type=746"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 01:15 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export?type=746 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 293.0163,
+ "StatusCode": 200
+ },
+ "LookupId": "e801d640-b0c4-56bf-892a-ff54c67db140",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in Multipart Data via POST Request issue.
Fix the Mass Assignment in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "MassAssignmentinMultipartDataviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/api/v2/export?type=746"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "270",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "46"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/admin/users?name=204"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 06:25 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users?name=204 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 75.1858,
+ "StatusCode": 200
+ },
+ "LookupId": "4e6b90de-7e04-5cbb-a8b1-d4c163fe7583",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in URL Path via PUT Request issue.
Fix the Insecure Direct Object Reference in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinURLPathviaPUTRequest",
+ "Url": "http://admin.testsparker.com/admin/users?name=204"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "287",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "3"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a NoSQL Injection in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v2/search?page=430"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 09:26 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?page=430 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 353.415,
+ "StatusCode": 200
+ },
+ "LookupId": "ba3e2e8c-59b2-53b5-8198-925dc61a2fed",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in JSON Payload issue.
Fix the NoSQL Injection in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "NoSQLInjectioninJSONPayload",
+ "Url": "http://admin.testsparker.com/api/v2/search?page=430"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "483",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "11"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a SQL Injection in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/reports/export?name=562"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 01:38 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export?name=562 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 59.2524,
+ "StatusCode": 200
+ },
+ "LookupId": "6c509669-604f-5367-ab43-46eef1a040a3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in XML Input via POST Request issue.
Fix the SQL Injection in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "SQLInjectioninXMLInputviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/reports/export?name=562"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "97",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Buffer Overflow in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/upload.php?q=32"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 01:03 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php?q=32 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 416.8824,
+ "StatusCode": 200
+ },
+ "LookupId": "b3797895-7295-53e0-a03f-0cb04364d8e0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in JSON Payload issue.
Fix the Buffer Overflow in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "BufferOverflowinJSONPayload",
+ "Url": "http://app1.testsparker.com/upload.php?q=32"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "22",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Command Injection in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/reports/export"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 06:28 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 123.7305,
+ "StatusCode": 200
+ },
+ "LookupId": "0686d2fd-0b23-505f-8e33-38aead43103e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in URL Path via POST Request issue.
Fix the Command Injection in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CommandInjectioninURLPathviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/reports/export"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "467",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Directory Traversal in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/help"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 03:37 AM",
+ "HttpRequest": {
+ "Content": "GET /help HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 72.9825,
+ "StatusCode": 200
+ },
+ "LookupId": "5b0061e1-10af-5c5e-84f5-251fd697315c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in XML Input via POST Request issue.
Fix the Directory Traversal in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "DirectoryTraversalinXMLInputviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/help"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "55",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XML External Entity in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v1/orders?token=12"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 12:44 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders?token=12 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 18.8465,
+ "StatusCode": 200
+ },
+ "LookupId": "47ab2dec-dc06-551e-8f36-8c1da9acfce1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in Multipart Data via POST Request issue.
Fix the XML External Entity in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "XMLExternalEntityinMultipartDataviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/api/v1/orders?token=12"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "590",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/reports/generate?page=853"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 05:48 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?page=853 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 201.0935,
+ "StatusCode": 200
+ },
+ "LookupId": "014db7f1-3e01-52ce-9edc-e4da66877561",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference issue.
Fix the Insecure Direct Object Reference vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReference",
+ "Url": "https://shop.testsparker.com/reports/generate?page=853"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "210",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/download.php?sort=52"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 03:00 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?sort=52 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 65.1675,
+ "StatusCode": 200
+ },
+ "LookupId": "0a696f2f-40a9-5d71-9442-8c50329e18f4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in Form Field issue.
Fix the Cookie Not Marked as HttpOnly in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinFormField",
+ "Url": "https://docs.testsparker.com/download.php?sort=52"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "281",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "44"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Directory Traversal in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v1/users"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 06:33 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 381.9206,
+ "StatusCode": 200
+ },
+ "LookupId": "f438885b-8090-5d08-9d12-fe7cf2e97a57",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in JSON Payload via POST Request issue.
Fix the Directory Traversal in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "DirectoryTraversalinJSONPayloadviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/api/v1/users"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "332",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "2"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Email Header Injection in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/search?name=404"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 12:42 AM",
+ "HttpRequest": {
+ "Content": "GET /search?name=404 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 245.129,
+ "StatusCode": 200
+ },
+ "LookupId": "d5823909-01dc-5f68-b1b4-dd3df99e1da3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in Header via POST Request issue.
Fix the Email Header Injection in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninHeaderviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/search?name=404"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "287",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/admin/config"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 05:27 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/config HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 294.0224,
+ "StatusCode": 200
+ },
+ "LookupId": "fd55d41a-7dad-53a2-8df9-7f7d7dbbe163",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in File Name issue.
Fix the Insecure HTTP Method in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinFileName",
+ "Url": "https://portal.testsparker.com/admin/config"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "448",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "15"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Session Fixation in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/settings.php?q=280"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 01:26 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?q=280 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 36.0959,
+ "StatusCode": 200
+ },
+ "LookupId": "c84ed0b3-704d-5f25-90af-4b354a6a17e1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in Cookie issue.
Fix the Session Fixation in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "SessionFixationinCookie",
+ "Url": "https://app2.testsparker.com/settings.php?q=280"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "384",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cleartext Transmission in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v1/products?sort=118"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 06:06 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products?sort=118 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 352.3756,
+ "StatusCode": 200
+ },
+ "LookupId": "bed958df-32d8-53d8-a411-5973c3aaf245",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in Query Parameter via PUT Request issue.
Fix the Cleartext Transmission in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CleartextTransmissioninQueryParameterviaPUTRequest",
+ "Url": "http://blog.testsparker.com/api/v1/products?sort=118"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "677",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Command Injection in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/reports/export"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 10:46 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 422.4982,
+ "StatusCode": 200
+ },
+ "LookupId": "c66fdce7-cea4-58c1-a062-f45e255a4283",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in POST Body via POST Request issue.
Fix the Command Injection in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CommandInjectioninPOSTBodyviaPOSTRequest",
+ "Url": "http://api.testsparker.com/reports/export"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "89",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "34"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/admin/config"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 04:37 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/config HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 242.0096,
+ "StatusCode": 200
+ },
+ "LookupId": "36fb53d6-b803-5f2f-be6d-5cc27cecc5c5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in POST Body via POST Request issue.
Fix the HTTP Response Splitting in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginPOSTBodyviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/admin/config"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "180",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CSRF in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/checkout.php"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 05:55 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 298.8457,
+ "StatusCode": 200
+ },
+ "LookupId": "5b76814a-bf60-5b04-92b8-aa4ea0438641",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in Header via POST Request issue.
Fix the CSRF in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CSRFinHeaderviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/checkout.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "47",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cleartext Transmission in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v2/webhook"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 09:18 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 46.0306,
+ "StatusCode": 200
+ },
+ "LookupId": "e692e9fc-43a3-50c9-8680-afad597d8173",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in Header issue.
Fix the Cleartext Transmission in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CleartextTransmissioninHeader",
+ "Url": "http://blog.testsparker.com/api/v2/webhook"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "29",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XML External Entity in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v1/products"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 12:48 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 471.9466,
+ "StatusCode": 200
+ },
+ "LookupId": "565dfe5c-cc0c-5309-a63a-6df355cbf625",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in JSON Payload via PUT Request issue.
Fix the XML External Entity in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "XMLExternalEntityinJSONPayloadviaPUTRequest",
+ "Url": "https://shop.testsparker.com/api/v1/products"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "676",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Buffer Overflow in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/download.php"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 05:38 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 297.196,
+ "StatusCode": 200
+ },
+ "LookupId": "5e625320-6c2c-5972-be43-b824cb7f853b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in Header via PUT Request issue.
Fix the Buffer Overflow in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "BufferOverflowinHeaderviaPUTRequest",
+ "Url": "http://api.testsparker.com/download.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "69",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/files/download?q=855"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 06:54 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?q=855 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 145.3384,
+ "StatusCode": 200
+ },
+ "LookupId": "85fbc5cc-e3da-530f-aa8a-8b593b41ca10",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in XML Input issue.
Fix the File Upload Vulnerability in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinXMLInput",
+ "Url": "https://app2.testsparker.com/files/download?q=855"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "401",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/account/security?page=107"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 08:11 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?page=107 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 411.9328,
+ "StatusCode": 200
+ },
+ "LookupId": "fa160072-1c0a-5eaf-a7fe-3367a1ede3d6",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in Query Parameter via PUT Request issue.
Fix the Cookie Not Marked as Secure in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinQueryParameterviaPUTRequest",
+ "Url": "https://app2.testsparker.com/account/security?page=107"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "483",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/reports/view?sort=281"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 03:30 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?sort=281 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 377.4686,
+ "StatusCode": 200
+ },
+ "LookupId": "67f059c6-92be-5418-841d-fe3e3d4b44ac",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in Cookie via PUT Request issue.
Fix the Missing Content-Security-Policy in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinCookieviaPUTRequest",
+ "Url": "http://admin.testsparker.com/reports/view?sort=281"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "369",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Buffer Overflow in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/files/download?q=487"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 11:08 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?q=487 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 75.7959,
+ "StatusCode": 200
+ },
+ "LookupId": "b7e991f8-d70c-5a39-bcc1-82566a2befe7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in Query Parameter issue.
Fix the Buffer Overflow in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "BufferOverflowinQueryParameter",
+ "Url": "http://blog.testsparker.com/files/download?q=487"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "517",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "27"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Mass Assignment in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/reports/export?type=125"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 05:13 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export?type=125 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 257.9716,
+ "StatusCode": 200
+ },
+ "LookupId": "29e34db2-b4b8-522d-b968-afef3eb20ad4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in JSON Payload via POST Request issue.
Fix the Mass Assignment in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "MassAssignmentinJSONPayloadviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/reports/export?type=125"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "77",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Directory Traversal in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/download.php?page=63"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 01:01 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?page=63 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 490.8144,
+ "StatusCode": 200
+ },
+ "LookupId": "a5a0ec29-e5ca-52b3-a76a-c36f59444155",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in POST Body via PUT Request issue.
Fix the Directory Traversal in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "DirectoryTraversalinPOSTBodyviaPUTRequest",
+ "Url": "https://docs.testsparker.com/download.php?page=63"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "188",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Directory Traversal in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v1/orders"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 01:17 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 162.6294,
+ "StatusCode": 200
+ },
+ "LookupId": "530dd8cc-7f9a-5831-824d-e6c723d72c46",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in Form Field via POST Request issue.
Fix the Directory Traversal in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "DirectoryTraversalinFormFieldviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/api/v1/orders"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "647",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Open Redirect in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v2/webhook?action=753"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 11:53 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?action=753 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 361.1164,
+ "StatusCode": 200
+ },
+ "LookupId": "5352d4fe-e01e-51bb-b163-ca6acafb35f0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in Header via POST Request issue.
Fix the Open Redirect in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "OpenRedirectinHeaderviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/api/v2/webhook?action=753"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "381",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/admin/config?action=454"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 12:20 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/config?action=454 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 308.1226,
+ "StatusCode": 200
+ },
+ "LookupId": "708bc4f9-a37b-5589-aa86-bb28f8a872dc",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in Multipart Data issue.
Fix the Insecure HTTP Method in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinMultipartData",
+ "Url": "https://shop.testsparker.com/admin/config?action=454"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "467",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/admin/dashboard?ref=354"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 07:14 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?ref=354 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 429.4464,
+ "StatusCode": 200
+ },
+ "LookupId": "e6e8230d-59e5-5952-b6f1-75136309c794",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in POST Body issue.
Fix the CORS Misconfiguration in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinPOSTBody",
+ "Url": "https://docs.testsparker.com/admin/dashboard?ref=354"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "506",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Password Policy in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/admin/users?action=287"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 06:24 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users?action=287 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 166.1034,
+ "StatusCode": 200
+ },
+ "LookupId": "7a986b96-9ac8-5ba3-bbee-d0b1ac943747",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in POST Body via PUT Request issue.
Fix the Weak Password Policy in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinPOSTBodyviaPUTRequest",
+ "Url": "https://docs.testsparker.com/admin/users?action=287"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "597",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "40"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Session Fixation in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/upload.php"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 03:54 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 154.1505,
+ "StatusCode": 200
+ },
+ "LookupId": "5e020af9-0a90-5494-86e5-9ffb5dff00fb",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in Query Parameter issue.
Fix the Session Fixation in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "SessionFixationinQueryParameter",
+ "Url": "http://admin.testsparker.com/upload.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "5",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Cryptography in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/auth/reset.php"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 07:52 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 121.9022,
+ "StatusCode": 200
+ },
+ "LookupId": "48a40167-03aa-56fa-90ae-e73a0051cf08",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in JSON Payload via PUT Request issue.
Fix the Weak Cryptography in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "WeakCryptographyinJSONPayloadviaPUTRequest",
+ "Url": "http://app1.testsparker.com/auth/reset.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "47",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "12"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/download.php?action=559"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 02:17 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?action=559 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 79.206,
+ "StatusCode": 200
+ },
+ "LookupId": "667e0293-46cb-5cbe-8196-bd3d54dc1ac3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in POST Body via POST Request issue.
Fix the Sensitive Data Exposure in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinPOSTBodyviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/download.php?action=559"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "391",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Open Redirect in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v2/search"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 10:50 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 333.2648,
+ "StatusCode": 200
+ },
+ "LookupId": "547293b8-dc60-5324-93ee-349b53b989c0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in JSON Payload via POST Request issue.
Fix the Open Redirect in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "OpenRedirectinJSONPayloadviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/api/v2/search"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "656",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Password Policy in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/files/upload?filter=359"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 02:19 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload?filter=359 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 157.1392,
+ "StatusCode": 200
+ },
+ "LookupId": "8fa28966-c553-5217-b6be-bae401b70dad",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in Query Parameter issue.
Fix the Weak Password Policy in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinQueryParameter",
+ "Url": "https://portal.testsparker.com/files/upload?filter=359"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "585",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a NoSQL Injection in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/account/billing?type=484"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 04:49 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing?type=484 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 204.1576,
+ "StatusCode": 200
+ },
+ "LookupId": "5e979b20-1eef-5b5b-829e-3dca19ffbc3d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in Header via PUT Request issue.
Fix the NoSQL Injection in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "NoSQLInjectioninHeaderviaPUTRequest",
+ "Url": "http://admin.testsparker.com/account/billing?type=484"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "31",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/account/security?q=222"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 12:44 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?q=222 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 470.5256,
+ "StatusCode": 200
+ },
+ "LookupId": "c6ed3694-be38-5562-bc74-bace3f31b4da",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in Multipart Data via POST Request issue.
Fix the Missing Content-Security-Policy in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinMultipartDataviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/account/security?q=222"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "576",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "17"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Deserialization in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/auth/register.php"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 08:13 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 498.2189,
+ "StatusCode": 200
+ },
+ "LookupId": "2c5513e8-6eb0-59a2-9367-3fc417fed742",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in Header issue.
Fix the Insecure Deserialization in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InsecureDeserializationinHeader",
+ "Url": "https://app2.testsparker.com/auth/register.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "128",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Email Header Injection in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/account/security?action=483"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 02:56 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?action=483 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 489.7066,
+ "StatusCode": 200
+ },
+ "LookupId": "90e3ed57-0ca8-501f-ab24-a75afd7bbdf6",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in URL Path via PUT Request issue.
Fix the Email Header Injection in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninURLPathviaPUTRequest",
+ "Url": "http://admin.testsparker.com/account/security?action=483"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "165",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "15"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Broken Authentication in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/cart.php"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 01:49 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 124.8663,
+ "StatusCode": 200
+ },
+ "LookupId": "f7dc137f-57ea-5c7c-a6a1-7fc1da81f343",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in URL Path via PUT Request issue.
Fix the Broken Authentication in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinURLPathviaPUTRequest",
+ "Url": "http://api.testsparker.com/cart.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "489",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "11"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cleartext Transmission in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/upload.php?id=266"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 03:37 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php?id=266 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 427.7791,
+ "StatusCode": 200
+ },
+ "LookupId": "2b9a0aee-f4b0-51ac-8aa7-f74ae9e207cb",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in Header via PUT Request issue.
Fix the Cleartext Transmission in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CleartextTransmissioninHeaderviaPUTRequest",
+ "Url": "https://portal.testsparker.com/upload.php?id=266"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "229",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "22"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/account/billing?ref=974"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 11:23 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing?ref=974 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 360.7976,
+ "StatusCode": 200
+ },
+ "LookupId": "a3b203dc-0b15-522f-aad7-8c7d15d4e81a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in Form Field issue.
Fix the Missing Content-Security-Policy in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinFormField",
+ "Url": "http://admin.testsparker.com/account/billing?ref=974"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "477",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/cart.php"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 09:29 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 13.9049,
+ "StatusCode": 200
+ },
+ "LookupId": "2518ed02-f9fd-53e6-908b-cc30ce72ead9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in JSON Payload issue.
Fix the DNS Zone Transfer in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "DNSZoneTransferinJSONPayload",
+ "Url": "http://api.testsparker.com/cart.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "121",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "24"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Session Fixation in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/auth/reset.php"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 07:45 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 374.7118,
+ "StatusCode": 200
+ },
+ "LookupId": "57c9c143-bae8-5e04-b817-5f57619a1ad3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in URL Path via PUT Request issue.
Fix the Session Fixation in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "SessionFixationinURLPathviaPUTRequest",
+ "Url": "http://blog.testsparker.com/auth/reset.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "294",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "12"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Remote Code Execution in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v1/users"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 11:46 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 326.4816,
+ "StatusCode": 200
+ },
+ "LookupId": "3f16002d-a0c4-50aa-a35f-f071def0a3c9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in URL Path issue.
Fix the Remote Code Execution in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninURLPath",
+ "Url": "https://app2.testsparker.com/api/v1/users"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "339",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Deserialization in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/products.php"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 09:43 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 297.5675,
+ "StatusCode": 200
+ },
+ "LookupId": "b0a6ac41-546e-5065-b6aa-748d7af79122",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in JSON Payload via PUT Request issue.
Fix the Insecure Deserialization in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureDeserializationinJSONPayloadviaPUTRequest",
+ "Url": "http://blog.testsparker.com/products.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "121",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Broken Authentication in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/account/billing?id=319"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 08:05 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing?id=319 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 66.9682,
+ "StatusCode": 200
+ },
+ "LookupId": "2bf27637-ce44-570a-ba3f-074b36878052",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in Cookie via PUT Request issue.
Fix the Broken Authentication in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinCookieviaPUTRequest",
+ "Url": "https://portal.testsparker.com/account/billing?id=319"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "103",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a NoSQL Injection in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/blog/edit.php?q=586"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 07:54 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php?q=586 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 196.6329,
+ "StatusCode": 200
+ },
+ "LookupId": "ce44cf47-527e-5139-8e86-abf9dd28159b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in File Name issue.
Fix the NoSQL Injection in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "NoSQLInjectioninFileName",
+ "Url": "https://shop.testsparker.com/blog/edit.php?q=586"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "141",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a LDAP Injection in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/help?page=350"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 02:32 AM",
+ "HttpRequest": {
+ "Content": "GET /help?page=350 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 387.7286,
+ "StatusCode": 200
+ },
+ "LookupId": "beb4b4a2-d66b-5a3c-917a-38c6db0aa236",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in Cookie issue.
Fix the LDAP Injection in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "LDAPInjectioninCookie",
+ "Url": "http://app1.testsparker.com/help?page=350"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "544",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Path Disclosure in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/search"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 06:02 AM",
+ "HttpRequest": {
+ "Content": "GET /search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 489.4731,
+ "StatusCode": 200
+ },
+ "LookupId": "999aee48-fb72-5cbf-a9ea-3322faa44fde",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in Header via POST Request issue.
Fix the Path Disclosure in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "PathDisclosureinHeaderviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/search"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "641",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Email Header Injection in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/upload.php?type=255"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 01:20 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php?type=255 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 447.7499,
+ "StatusCode": 200
+ },
+ "LookupId": "cc7be462-a404-5235-9b62-44ed7c7fb6a7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in Header via PUT Request issue.
Fix the Email Header Injection in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninHeaderviaPUTRequest",
+ "Url": "http://admin.testsparker.com/upload.php?type=255"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "332",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "29"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a SQL Injection in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v2/search"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 09:09 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 337.0855,
+ "StatusCode": 200
+ },
+ "LookupId": "eecc3ca6-2705-5f67-8a71-b4737191c64d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in JSON Payload via PUT Request issue.
Fix the SQL Injection in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "SQLInjectioninJSONPayloadviaPUTRequest",
+ "Url": "http://blog.testsparker.com/api/v2/search"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "10",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v2/webhook?name=275"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 12:05 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?name=275 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 109.1376,
+ "StatusCode": 200
+ },
+ "LookupId": "aca209a7-83da-5abf-a217-f0ea76c53d6c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in File Name via POST Request issue.
Fix the Server-Side Request Forgery in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinFileNameviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/api/v2/webhook?name=275"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "549",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Session Fixation in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/dashboard?ref=478"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 08:16 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?ref=478 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 427.7163,
+ "StatusCode": 200
+ },
+ "LookupId": "647ebedd-d2b7-5ac4-8fe1-d758c31002c0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in JSON Payload issue.
Fix the Session Fixation in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "SessionFixationinJSONPayload",
+ "Url": "https://app2.testsparker.com/admin/dashboard?ref=478"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "479",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/upload.php"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 10:48 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 162.95,
+ "StatusCode": 200
+ },
+ "LookupId": "b4914316-7079-5629-89f6-b935a00ed8ff",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in Query Parameter issue.
Fix the Sensitive Data Exposure in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinQueryParameter",
+ "Url": "http://app1.testsparker.com/upload.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "251",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v1/products?type=272"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 09:45 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products?type=272 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 158.2334,
+ "StatusCode": 200
+ },
+ "LookupId": "9bf8ba3e-e701-55d8-b291-a46dfff7e7dc",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure issue.
Fix the Sensitive Data Exposure vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "SensitiveDataExposure",
+ "Url": "https://app2.testsparker.com/api/v1/products?type=272"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "141",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "27"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Race Condition in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/auth/register.php?ref=674"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 12:38 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?ref=674 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 465.8524,
+ "StatusCode": 200
+ },
+ "LookupId": "ec363dbe-79e9-5e0c-ba20-c82e75879abe",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in Query Parameter issue.
Fix the Race Condition in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "RaceConditioninQueryParameter",
+ "Url": "https://app2.testsparker.com/auth/register.php?ref=674"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "172",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "29"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Information Disclosure in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/api/v1/orders"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 10:47 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 222.3809,
+ "StatusCode": 200
+ },
+ "LookupId": "c8172aa4-03b1-52a7-a447-661d1a07734f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in XML Input via POST Request issue.
Fix the Information Disclosure in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InformationDisclosureinXMLInputviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/api/v1/orders"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "164",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/auth/reset.php?action=253"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 02:04 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php?action=253 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 476.9457,
+ "StatusCode": 200
+ },
+ "LookupId": "6275d897-6179-515e-8ed8-bfca4de1b360",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in JSON Payload via PUT Request issue.
Fix the Sensitive Data Exposure in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinJSONPayloadviaPUTRequest",
+ "Url": "http://blog.testsparker.com/auth/reset.php?action=253"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "466",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "38"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Remote Code Execution in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/files/download?id=623"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 08:02 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?id=623 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 149.398,
+ "StatusCode": 200
+ },
+ "LookupId": "d21d29eb-0659-5948-9e32-c77d60a8c74e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in Query Parameter issue.
Fix the Remote Code Execution in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninQueryParameter",
+ "Url": "https://portal.testsparker.com/files/download?id=623"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "296",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "33"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Buffer Overflow in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/reports/view?q=519"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 06:58 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?q=519 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 127.3132,
+ "StatusCode": 200
+ },
+ "LookupId": "bf761daa-e7a6-5d28-a361-f5cab0a22215",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in Cookie via POST Request issue.
Fix the Buffer Overflow in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "BufferOverflowinCookieviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/reports/view?q=519"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "453",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v1/users?filter=268"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 05:31 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users?filter=268 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 366.8116,
+ "StatusCode": 200
+ },
+ "LookupId": "876d88b4-3572-5079-9efd-b1f998020079",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in POST Body via PUT Request issue.
Fix the DNS Zone Transfer in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "DNSZoneTransferinPOSTBodyviaPUTRequest",
+ "Url": "http://blog.testsparker.com/api/v1/users?filter=268"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "220",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "24"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Path Disclosure in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/download.php"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 05:00 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 459.9197,
+ "StatusCode": 200
+ },
+ "LookupId": "e3d08965-66d0-5554-acc6-364cef87a720",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in Cookie via PUT Request issue.
Fix the Path Disclosure in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "PathDisclosureinCookieviaPUTRequest",
+ "Url": "http://app1.testsparker.com/download.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "479",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/reports/generate?name=530"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 07:42 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?name=530 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 298.3115,
+ "StatusCode": 200
+ },
+ "LookupId": "83dfa283-7b2b-53c1-b8b0-532ce2046324",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in Cookie via PUT Request issue.
Fix the Sensitive Data Exposure in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinCookieviaPUTRequest",
+ "Url": "https://portal.testsparker.com/reports/generate?name=530"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "527",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "27"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/users"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 06:07 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 238.2918,
+ "StatusCode": 200
+ },
+ "LookupId": "02e1eb0d-b0b5-5df9-8f01-eff937dbec4c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in Cookie via POST Request issue.
Fix the CORS Misconfiguration in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinCookieviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/admin/users"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "102",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/admin/config"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 03:07 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/config HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 425.8116,
+ "StatusCode": 200
+ },
+ "LookupId": "7407f52a-1238-5bdc-b94d-53a5c233d3c2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in URL Path via POST Request issue.
Fix the Cookie Not Marked as HttpOnly in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinURLPathviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/admin/config"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "77",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Race Condition in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v2/webhook?token=382"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 08:51 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?token=382 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 73.1079,
+ "StatusCode": 200
+ },
+ "LookupId": "1d4b0437-0888-5f22-a6b7-4817f362665f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in JSON Payload issue.
Fix the Race Condition in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "RaceConditioninJSONPayload",
+ "Url": "https://portal.testsparker.com/api/v2/webhook?token=382"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "200",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/admin/logs?type=870"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 06:25 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?type=870 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 82.4935,
+ "StatusCode": 200
+ },
+ "LookupId": "cd90f028-f9c3-5e27-9011-2f2aea920e5f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in Cookie via POST Request issue.
Fix the Cookie Not Marked as HttpOnly in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinCookieviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/admin/logs?type=870"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "12",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Information Disclosure in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/files/download?sort=469"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 11:57 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?sort=469 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 332.0238,
+ "StatusCode": 200
+ },
+ "LookupId": "6faa68d7-4cb3-5e76-b7ce-cb280baa47a7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in Query Parameter via PUT Request issue.
Fix the Information Disclosure in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "InformationDisclosureinQueryParameterviaPUTRequest",
+ "Url": "http://blog.testsparker.com/files/download?sort=469"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "22",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v2/webhook?filter=572"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 03:16 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?filter=572 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 450.3449,
+ "StatusCode": 200
+ },
+ "LookupId": "f8f107ba-340b-58c3-b534-64ac83459d3d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in Multipart Data issue.
Fix the Cookie Not Marked as HttpOnly in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinMultipartData",
+ "Url": "https://app2.testsparker.com/api/v2/webhook?filter=572"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "588",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "34"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XML External Entity in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 06:41 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 146.558,
+ "StatusCode": 200
+ },
+ "LookupId": "81eaa8c0-ec22-5154-a047-2909dbe81640",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in Header issue.
Fix the XML External Entity in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "XMLExternalEntityinHeader",
+ "Url": "http://api.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "400",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/auth/login.php"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 04:43 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 439.9384,
+ "StatusCode": 200
+ },
+ "LookupId": "51e19224-3d9e-5993-b81b-9f2050a4ad02",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in Query Parameter issue.
Fix the HTTP Response Splitting in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginQueryParameter",
+ "Url": "http://api.testsparker.com/auth/login.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "30",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/reports/export"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 02:20 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 432.0805,
+ "StatusCode": 200
+ },
+ "LookupId": "bb13d408-f7f8-5718-b590-482bc34074ea",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in Multipart Data via POST Request issue.
Fix the Sensitive Data Exposure in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinMultipartDataviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/reports/export"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "582",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v1/orders?sort=425"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 07:18 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders?sort=425 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 281.3948,
+ "StatusCode": 200
+ },
+ "LookupId": "263b0f1c-a830-52b9-b870-45961b3b75c5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in Cookie via POST Request issue.
Fix the Missing X-Frame-Options in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinCookieviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/api/v1/orders?sort=425"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "427",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Version Disclosure in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/reports/view"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 08:16 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 483.8646,
+ "StatusCode": 200
+ },
+ "LookupId": "05cf3741-c433-5fec-81c6-6c27f2e3cfa4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in Header issue.
Fix the Version Disclosure in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "VersionDisclosureinHeader",
+ "Url": "http://admin.testsparker.com/reports/view"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "699",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CORS Misconfiguration vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/files/download?sort=374"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 09:56 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?sort=374 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 438.6092,
+ "StatusCode": 200
+ },
+ "LookupId": "7537b7a0-ef71-5238-8f3c-c81a9d674e52",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration issue.
Fix the CORS Misconfiguration vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CORSMisconfiguration",
+ "Url": "http://api.testsparker.com/files/download?sort=374"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "526",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "34"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Remote Code Execution in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/files/list?sort=266"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 04:46 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?sort=266 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 63.3929,
+ "StatusCode": 200
+ },
+ "LookupId": "721f93dd-8ff4-5f3b-a2de-73108aafd268",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in POST Body via PUT Request issue.
Fix the Remote Code Execution in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninPOSTBodyviaPUTRequest",
+ "Url": "https://app2.testsparker.com/files/list?sort=266"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "35",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "24"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Race Condition in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/api/v2/search"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 05:20 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 376.2656,
+ "StatusCode": 200
+ },
+ "LookupId": "fef6fb87-812d-5a45-ad65-6ca792ff4a09",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in POST Body issue.
Fix the Race Condition in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "RaceConditioninPOSTBody",
+ "Url": "http://api.testsparker.com/api/v2/search"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "123",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Clickjacking in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/settings.php?sort=877"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 08:12 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?sort=877 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 72.2864,
+ "StatusCode": 200
+ },
+ "LookupId": "11e35b47-58cc-5664-be22-480a8debb469",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in JSON Payload via PUT Request issue.
Fix the Clickjacking in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "ClickjackinginJSONPayloadviaPUTRequest",
+ "Url": "http://blog.testsparker.com/settings.php?sort=877"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "184",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "22"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a DNS Zone Transfer vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/checkout.php"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 11:55 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 370.1782,
+ "StatusCode": 200
+ },
+ "LookupId": "e6866ea8-5fb4-5cd8-ae13-bd57697b71a2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer issue.
Fix the DNS Zone Transfer vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "DNSZoneTransfer",
+ "Url": "http://api.testsparker.com/checkout.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "603",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Race Condition in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 04:18 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 129.1856,
+ "StatusCode": 200
+ },
+ "LookupId": "9c3d7f89-4244-572e-b91c-1f8d809a5cf8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in URL Path via PUT Request issue.
Fix the Race Condition in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "RaceConditioninURLPathviaPUTRequest",
+ "Url": "https://shop.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "59",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "29"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XPath Injection in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/auth/login.php"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 01:20 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 181.3371,
+ "StatusCode": 200
+ },
+ "LookupId": "400e144b-e5b8-50e1-8104-9eb2a97af791",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in Query Parameter via PUT Request issue.
Fix the XPath Injection in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "XPathInjectioninQueryParameterviaPUTRequest",
+ "Url": "http://app1.testsparker.com/auth/login.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "313",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/auth/reset.php?action=404"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 07:57 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php?action=404 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 326.5064,
+ "StatusCode": 200
+ },
+ "LookupId": "62ad5386-8990-5d26-b6bd-df18c64e2f27",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in Form Field issue.
Fix the Unvalidated Redirect in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinFormField",
+ "Url": "https://app2.testsparker.com/auth/reset.php?action=404"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "460",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Race Condition in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/files/upload?q=437"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 03:37 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload?q=437 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 275.2634,
+ "StatusCode": 200
+ },
+ "LookupId": "0dfe55c6-278c-5001-a0b0-19ad0960adf4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in Multipart Data issue.
Fix the Race Condition in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "RaceConditioninMultipartData",
+ "Url": "https://portal.testsparker.com/files/upload?q=437"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "384",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v2/export?q=814"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 04:58 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export?q=814 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 32.6356,
+ "StatusCode": 200
+ },
+ "LookupId": "37dcea73-5fb1-5353-acdb-63ada3b78b7e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in JSON Payload via POST Request issue.
Fix the Insecure HTTP Method in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinJSONPayloadviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/api/v2/export?q=814"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "577",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/help?ref=457"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 07:51 AM",
+ "HttpRequest": {
+ "Content": "GET /help?ref=457 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 190.4357,
+ "StatusCode": 200
+ },
+ "LookupId": "c596276f-175f-5988-969c-bd6d337b9461",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in Header via POST Request issue.
Fix the HTTP Response Splitting in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginHeaderviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/help?ref=457"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "535",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "34"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Open Redirect in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/blog/edit.php?token=724"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 04:10 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php?token=724 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 473.2901,
+ "StatusCode": 200
+ },
+ "LookupId": "13870d32-f918-5abe-b125-f8094bac60d8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in Cookie via PUT Request issue.
Fix the Open Redirect in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "OpenRedirectinCookieviaPUTRequest",
+ "Url": "https://portal.testsparker.com/blog/edit.php?token=724"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "21",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XPath Injection in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v2/export"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 11:39 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 199.5159,
+ "StatusCode": 200
+ },
+ "LookupId": "1d8171f7-ac56-57c4-90b7-8e890a47d545",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in JSON Payload via PUT Request issue.
Fix the XPath Injection in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "XPathInjectioninJSONPayloadviaPUTRequest",
+ "Url": "http://blog.testsparker.com/api/v2/export"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "260",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Deserialization in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/download.php?id=763"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 06:56 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?id=763 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 35.5229,
+ "StatusCode": 200
+ },
+ "LookupId": "16a8bd57-1d32-5661-905e-b2b71ccc5a98",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in Multipart Data issue.
Fix the Insecure Deserialization in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InsecureDeserializationinMultipartData",
+ "Url": "http://admin.testsparker.com/download.php?id=763"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "32",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v1/users?type=841"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 06:45 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users?type=841 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 197.5669,
+ "StatusCode": 200
+ },
+ "LookupId": "bf8825c5-185a-5dbe-8b01-d9d09330a9e0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in Query Parameter issue.
Fix the Unvalidated Redirect in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinQueryParameter",
+ "Url": "https://shop.testsparker.com/api/v1/users?type=841"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "426",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Buffer Overflow in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/contact"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 05:21 AM",
+ "HttpRequest": {
+ "Content": "GET /contact HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 233.113,
+ "StatusCode": 200
+ },
+ "LookupId": "e23242ab-e114-5325-a13d-eba940330707",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in URL Path issue.
Fix the Buffer Overflow in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "BufferOverflowinURLPath",
+ "Url": "http://api.testsparker.com/contact"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "562",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Remote Code Execution in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/contact"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 04:00 AM",
+ "HttpRequest": {
+ "Content": "GET /contact HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 16.2472,
+ "StatusCode": 200
+ },
+ "LookupId": "c5354baf-7bb0-58e9-9d4f-af8215e04425",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in Form Field issue.
Fix the Remote Code Execution in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninFormField",
+ "Url": "https://portal.testsparker.com/contact"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "27",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "24"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HSTS Missing in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/auth/reset.php"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 05:19 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 472.948,
+ "StatusCode": 200
+ },
+ "LookupId": "1041f6d9-be76-59da-a8e8-730b2757c278",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in Header via PUT Request issue.
Fix the HSTS Missing in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "HSTSMissinginHeaderviaPUTRequest",
+ "Url": "http://admin.testsparker.com/auth/reset.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "293",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cross-site Scripting in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/account/billing?type=485"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 02:51 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing?type=485 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 190.3294,
+ "StatusCode": 200
+ },
+ "LookupId": "2dc2f6fb-768a-5c54-a67b-f6f915040ec3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in Header issue.
Fix the Cross-site Scripting in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginHeader",
+ "Url": "http://admin.testsparker.com/account/billing?type=485"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "43",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/auth/register.php?q=622"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 09:17 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?q=622 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 72.4368,
+ "StatusCode": 200
+ },
+ "LookupId": "10c7dbca-f237-53f5-9ffe-7bee7d89e783",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in XML Input issue.
Fix the Cookie Not Marked as Secure in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinXMLInput",
+ "Url": "https://docs.testsparker.com/auth/register.php?q=622"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "221",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/config"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 04:22 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/config HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 204.1598,
+ "StatusCode": 200
+ },
+ "LookupId": "42ee13b2-8289-5c68-a625-27c8587d6c8b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in JSON Payload issue.
Fix the Unvalidated Redirect in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinJSONPayload",
+ "Url": "https://app2.testsparker.com/admin/config"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "371",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/auth/register.php"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 07:37 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 206.2204,
+ "StatusCode": 200
+ },
+ "LookupId": "b100958f-f2ef-5e52-a6a0-98e356caa0a8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in Cookie issue.
Fix the Insecure HTTP Method in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinCookie",
+ "Url": "http://blog.testsparker.com/auth/register.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "225",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "29"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/reports/view?token=654"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 04:19 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?token=654 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 218.2612,
+ "StatusCode": 200
+ },
+ "LookupId": "1e6ba622-99fb-55d0-900d-8979e722cd74",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in JSON Payload via POST Request issue.
Fix the Sensitive Data Exposure in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinJSONPayloadviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/reports/view?token=654"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "488",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "24"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Email Header Injection in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/files/list?token=298"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 11:31 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?token=298 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 339.3268,
+ "StatusCode": 200
+ },
+ "LookupId": "5e45b12e-305d-5fa0-b3d7-ff685f6f0d73",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in Cookie via POST Request issue.
Fix the Email Header Injection in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninCookieviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/files/list?token=298"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "399",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CSRF in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/admin/dashboard"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 07:32 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 109.0087,
+ "StatusCode": 200
+ },
+ "LookupId": "d0bee6d8-4dcd-53e9-837a-0b1cbd0cfac1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in Cookie via PUT Request issue.
Fix the CSRF in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CSRFinCookieviaPUTRequest",
+ "Url": "http://admin.testsparker.com/admin/dashboard"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "622",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "11"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/checkout.php"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 02:23 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 421.3104,
+ "StatusCode": 200
+ },
+ "LookupId": "5e3d1373-240b-538a-a1b2-255781ee4a5b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in Form Field via POST Request issue.
Fix the Insecure HTTP Method in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinFormFieldviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/checkout.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "154",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a SQL Injection in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/blog/post.php?token=650"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 02:50 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php?token=650 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 457.9869,
+ "StatusCode": 200
+ },
+ "LookupId": "c796ed97-99c7-58f6-af89-89201db6b8c9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in Multipart Data via POST Request issue.
Fix the SQL Injection in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "SQLInjectioninMultipartDataviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/blog/post.php?token=650"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "92",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Deserialization in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v1/orders"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 06:37 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 198.2084,
+ "StatusCode": 200
+ },
+ "LookupId": "d2cabcd9-d80b-5eee-9d20-e49c9a92cf43",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in JSON Payload via POST Request issue.
Fix the Insecure Deserialization in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "InsecureDeserializationinJSONPayloadviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/api/v1/orders"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "437",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "44"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a NoSQL Injection vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/auth/reset.php?token=354"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 04:51 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php?token=354 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 268.9673,
+ "StatusCode": 200
+ },
+ "LookupId": "3fe59477-4421-5053-879d-5c451cfedb17",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection issue.
Fix the NoSQL Injection vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "NoSQLInjection",
+ "Url": "http://admin.testsparker.com/auth/reset.php?token=354"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "617",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/admin/dashboard?ref=967"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 02:49 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?ref=967 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 55.2298,
+ "StatusCode": 200
+ },
+ "LookupId": "4cf4ec7c-af11-53e3-aa0e-243b030497fa",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in XML Input via POST Request issue.
Fix the Insecure HTTP Method in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinXMLInputviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/admin/dashboard?ref=967"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "210",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Buffer Overflow in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/files/list?q=591"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 11:27 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?q=591 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 85.4254,
+ "StatusCode": 200
+ },
+ "LookupId": "417268cd-0744-5e75-be17-606478360f64",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in XML Input issue.
Fix the Buffer Overflow in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "BufferOverflowinXMLInput",
+ "Url": "http://app1.testsparker.com/files/list?q=591"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "508",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/auth/reset.php?ref=723"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 02:55 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php?ref=723 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 424.0693,
+ "StatusCode": 200
+ },
+ "LookupId": "675df159-052f-5f77-85f6-1756f1102358",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in POST Body issue.
Fix the DNS Zone Transfer in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "DNSZoneTransferinPOSTBody",
+ "Url": "http://blog.testsparker.com/auth/reset.php?ref=723"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "311",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/upload.php?page=251"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 04:17 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php?page=251 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 432.5885,
+ "StatusCode": 200
+ },
+ "LookupId": "64c19a30-6240-5394-80cd-a4384a63962c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in XML Input via POST Request issue.
Fix the Missing X-Frame-Options in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinXMLInputviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/upload.php?page=251"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "292",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Race Condition in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v2/search?filter=283"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 02:20 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?filter=283 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 488.8176,
+ "StatusCode": 200
+ },
+ "LookupId": "049100ee-1254-55ef-a7ce-5bcb254dfc52",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in Header via PUT Request issue.
Fix the Race Condition in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "RaceConditioninHeaderviaPUTRequest",
+ "Url": "http://app1.testsparker.com/api/v2/search?filter=283"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "621",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Password Policy in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/reports/export?action=263"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 11:31 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export?action=263 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 464.9178,
+ "StatusCode": 200
+ },
+ "LookupId": "b5e8605c-1e9e-5a90-b4fb-0ddd224690d1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in Multipart Data issue.
Fix the Weak Password Policy in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinMultipartData",
+ "Url": "http://blog.testsparker.com/reports/export?action=263"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "286",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Mass Assignment in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/admin/logs?token=399"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 09:11 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?token=399 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 189.2386,
+ "StatusCode": 200
+ },
+ "LookupId": "1272d4ae-150d-54b1-917b-f1f3207d8b04",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in URL Path issue.
Fix the Mass Assignment in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "MassAssignmentinURLPath",
+ "Url": "http://app1.testsparker.com/admin/logs?token=399"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "319",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v1/products"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 08:27 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 405.9489,
+ "StatusCode": 200
+ },
+ "LookupId": "42deb882-6327-5625-91bb-aa0fd8e15eaa",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in JSON Payload via POST Request issue.
Fix the Server-Side Request Forgery in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinJSONPayloadviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/api/v1/products"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "252",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Mass Assignment in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/blog/edit.php?page=155"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 10:59 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php?page=155 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 384.0624,
+ "StatusCode": 200
+ },
+ "LookupId": "c5034c61-80aa-5912-a0ea-118853425ea1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in JSON Payload via PUT Request issue.
Fix the Mass Assignment in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "MassAssignmentinJSONPayloadviaPUTRequest",
+ "Url": "http://api.testsparker.com/blog/edit.php?page=155"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "697",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v2/webhook"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 09:40 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 298.0151,
+ "StatusCode": 200
+ },
+ "LookupId": "f26b3a2b-a50b-5214-a961-8e9f16461e16",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in Header issue.
Fix the Cookie Not Marked as Secure in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinHeader",
+ "Url": "https://app2.testsparker.com/api/v2/webhook"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "650",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Version Disclosure in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/files/download?name=891"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 09:02 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?name=891 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 166.4651,
+ "StatusCode": 200
+ },
+ "LookupId": "6de1ac8c-13cd-50c3-a3d0-0720bada6934",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in Multipart Data issue.
Fix the Version Disclosure in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "VersionDisclosureinMultipartData",
+ "Url": "https://shop.testsparker.com/files/download?name=891"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "364",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v2/search"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 02:02 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 449.4698,
+ "StatusCode": 200
+ },
+ "LookupId": "a6edd992-3d10-5ab7-bfe1-884cea609ca3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in Form Field issue.
Fix the Missing X-Frame-Options in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinFormField",
+ "Url": "https://app2.testsparker.com/api/v2/search"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "125",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "38"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CSRF in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/search?sort=580"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 04:33 AM",
+ "HttpRequest": {
+ "Content": "GET /search?sort=580 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 80.6344,
+ "StatusCode": 200
+ },
+ "LookupId": "1445e03f-6ee3-5a34-954a-0843a35950c2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in Query Parameter via PUT Request issue.
Fix the CSRF in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CSRFinQueryParameterviaPUTRequest",
+ "Url": "https://app2.testsparker.com/search?sort=580"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "432",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Directory Traversal in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/help"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 04:43 AM",
+ "HttpRequest": {
+ "Content": "GET /help HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 337.7852,
+ "StatusCode": 200
+ },
+ "LookupId": "c1de5148-ab2e-545e-a71a-ff9dd373a8e3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in XML Input via POST Request issue.
Fix the Directory Traversal in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "DirectoryTraversalinXMLInputviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/help"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "213",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "27"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Remote Code Execution in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 06:50 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 499.3831,
+ "StatusCode": 200
+ },
+ "LookupId": "bbac129d-ee57-508c-9f8f-354b0fe03ac7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in URL Path via PUT Request issue.
Fix the Remote Code Execution in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninURLPathviaPUTRequest",
+ "Url": "https://docs.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "505",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v1/orders?sort=425"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 02:06 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders?sort=425 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 286.9279,
+ "StatusCode": 200
+ },
+ "LookupId": "ec46d2b7-a1f7-53c4-b293-97e7b6803f07",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in Cookie via POST Request issue.
Fix the Missing X-Frame-Options in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinCookieviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/api/v1/orders?sort=425"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "440",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/admin/dashboard?id=786"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 08:18 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?id=786 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 148.2895,
+ "StatusCode": 200
+ },
+ "LookupId": "13cad724-a008-510d-b97d-b638072f55d7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in Form Field via POST Request issue.
Fix the DNS Zone Transfer in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "DNSZoneTransferinFormFieldviaPOSTRequest",
+ "Url": "http://api.testsparker.com/admin/dashboard?id=786"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "259",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/help"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 08:33 AM",
+ "HttpRequest": {
+ "Content": "GET /help HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 11.6517,
+ "StatusCode": 200
+ },
+ "LookupId": "a3cd0853-1221-5b26-be83-7ba4a380e1f1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in JSON Payload issue.
Fix the Insecure HTTP Method in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinJSONPayload",
+ "Url": "http://app1.testsparker.com/help"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "64",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/reports/view?page=328"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 01:13 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?page=328 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 435.3301,
+ "StatusCode": 200
+ },
+ "LookupId": "2f3b845a-4591-5d17-88ea-d6fc23388e32",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in File Name via POST Request issue.
Fix the HTTP Response Splitting in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginFileNameviaPOSTRequest",
+ "Url": "http://api.testsparker.com/reports/view?page=328"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "632",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Path Disclosure in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/download.php"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 09:34 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 250.0249,
+ "StatusCode": 200
+ },
+ "LookupId": "c97f3977-0b12-5d0b-acec-b1974e7a5466",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in Header issue.
Fix the Path Disclosure in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "PathDisclosureinHeader",
+ "Url": "http://api.testsparker.com/download.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "92",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/auth/register.php"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 03:03 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 206.5071,
+ "StatusCode": 200
+ },
+ "LookupId": "0afb90e7-b130-5297-b3be-baae42226061",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in Header via POST Request issue.
Fix the File Upload Vulnerability in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinHeaderviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/auth/register.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "475",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "29"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Command Injection in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/reports/generate?sort=628"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 09:07 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?sort=628 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 98.088,
+ "StatusCode": 200
+ },
+ "LookupId": "bf4252b1-2410-503d-b44e-e41304f5347f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in Query Parameter issue.
Fix the Command Injection in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CommandInjectioninQueryParameter",
+ "Url": "http://admin.testsparker.com/reports/generate?sort=628"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "510",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Race Condition in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v2/webhook"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 12:55 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 168.554,
+ "StatusCode": 200
+ },
+ "LookupId": "44cc66b9-b926-525e-af3e-04d9877b8223",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in Cookie via POST Request issue.
Fix the Race Condition in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "RaceConditioninCookieviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/api/v2/webhook"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "113",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Open Redirect in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/blog/post.php"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 02:39 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 173.5251,
+ "StatusCode": 200
+ },
+ "LookupId": "dcf2c2b7-1764-5ea1-8b23-159d23af964b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in File Name via POST Request issue.
Fix the Open Redirect in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "OpenRedirectinFileNameviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/blog/post.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "423",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "36"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/files/list?ref=764"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 02:50 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?ref=764 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 306.0596,
+ "StatusCode": 200
+ },
+ "LookupId": "94435ef0-1c90-593b-9b18-82a0f8c951a7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in Form Field issue.
Fix the Cookie Not Marked as Secure in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinFormField",
+ "Url": "https://docs.testsparker.com/files/list?ref=764"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "146",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Broken Authentication in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v2/export"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 02:21 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 324.5974,
+ "StatusCode": 200
+ },
+ "LookupId": "2b3250e2-5dc0-5907-9f99-5b8c313c48e1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in Header via PUT Request issue.
Fix the Broken Authentication in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinHeaderviaPUTRequest",
+ "Url": "http://admin.testsparker.com/api/v2/export"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "698",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/users"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 11:20 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 83.9691,
+ "StatusCode": 200
+ },
+ "LookupId": "c001eac8-ccaa-5949-b186-e512193b7887",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in Cookie issue.
Fix the Sensitive Data Exposure in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinCookie",
+ "Url": "https://app2.testsparker.com/admin/users"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "226",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Deserialization in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/reports/view?action=275"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 10:01 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?action=275 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 477.6919,
+ "StatusCode": 200
+ },
+ "LookupId": "1cca7232-ecf8-581f-98a9-a137eb49ac9c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in POST Body issue.
Fix the Insecure Deserialization in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureDeserializationinPOSTBody",
+ "Url": "http://admin.testsparker.com/reports/view?action=275"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "686",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "34"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Open Redirect in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/auth/login.php"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 11:46 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 131.8027,
+ "StatusCode": 200
+ },
+ "LookupId": "b26a17fa-39e8-5043-83fa-d8967d64fa6f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in Form Field issue.
Fix the Open Redirect in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "OpenRedirectinFormField",
+ "Url": "https://shop.testsparker.com/auth/login.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "10",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Session Fixation in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/blog/edit.php"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 05:29 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 494.6587,
+ "StatusCode": 200
+ },
+ "LookupId": "e34fba01-e126-5aa4-9b46-296ead280d24",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in Header issue.
Fix the Session Fixation in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "SessionFixationinHeader",
+ "Url": "http://app1.testsparker.com/blog/edit.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "32",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "29"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cross-site Scripting in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v1/users"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 04:19 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 285.2132,
+ "StatusCode": 200
+ },
+ "LookupId": "2ce4fec6-3bb2-5182-928b-3432478fccd9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in XML Input issue.
Fix the Cross-site Scripting in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginXMLInput",
+ "Url": "http://admin.testsparker.com/api/v1/users"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "615",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/settings.php?filter=606"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 04:34 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?filter=606 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 334.0314,
+ "StatusCode": 200
+ },
+ "LookupId": "0b814ecd-e50e-5b71-bedd-653d12b8d32e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in POST Body via PUT Request issue.
Fix the Missing X-Frame-Options in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinPOSTBodyviaPUTRequest",
+ "Url": "https://portal.testsparker.com/settings.php?filter=606"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "499",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Email Header Injection in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/account/security"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 09:05 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 474.6238,
+ "StatusCode": 200
+ },
+ "LookupId": "b5834150-bcb2-5e52-9426-540677ec27b3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in Form Field issue.
Fix the Email Header Injection in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninFormField",
+ "Url": "http://app1.testsparker.com/account/security"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "625",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cross-site Scripting in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v2/export?type=867"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 11:27 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export?type=867 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 410.7003,
+ "StatusCode": 200
+ },
+ "LookupId": "a26628de-09ca-551a-908b-9e413aeb5b30",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in URL Path via PUT Request issue.
Fix the Cross-site Scripting in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginURLPathviaPUTRequest",
+ "Url": "https://app2.testsparker.com/api/v2/export?type=867"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "335",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Path Disclosure in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/cart.php"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 08:31 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 121.7878,
+ "StatusCode": 200
+ },
+ "LookupId": "b45fc8c6-e22d-505e-b10f-1f77d3d50cb7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in URL Path issue.
Fix the Path Disclosure in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "PathDisclosureinURLPath",
+ "Url": "http://blog.testsparker.com/cart.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "86",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/reports/view?name=235"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 10:23 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?name=235 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 224.6732,
+ "StatusCode": 200
+ },
+ "LookupId": "3a26a0e6-627f-548c-abf6-d2fe16ce4394",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in JSON Payload via PUT Request issue.
Fix the CORS Misconfiguration in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinJSONPayloadviaPUTRequest",
+ "Url": "http://app1.testsparker.com/reports/view?name=235"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "204",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a HSTS Missing in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/payment.php?filter=175"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 03:59 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php?filter=175 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 163.9581,
+ "StatusCode": 200
+ },
+ "LookupId": "8e41b94f-8971-5738-a419-bcaf03a1c4a8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in Header via POST Request issue.
Fix the HSTS Missing in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "HSTSMissinginHeaderviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/payment.php?filter=175"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "98",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/api/v1/users?sort=744"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 03:37 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users?sort=744 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 120.8335,
+ "StatusCode": 200
+ },
+ "LookupId": "1c8e7f8f-fb18-5455-80bf-7510560f5c18",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in JSON Payload issue.
Fix the Missing X-Frame-Options in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinJSONPayload",
+ "Url": "http://api.testsparker.com/api/v1/users?sort=744"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "205",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Clickjacking in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/contact?action=276"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 05:13 AM",
+ "HttpRequest": {
+ "Content": "GET /contact?action=276 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 122.3117,
+ "StatusCode": 200
+ },
+ "LookupId": "1bea5bd2-d7c8-5ff5-9207-92e705dabe93",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in File Name issue.
Fix the Clickjacking in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "ClickjackinginFileName",
+ "Url": "https://shop.testsparker.com/contact?action=276"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "56",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "40"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a LDAP Injection in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/admin/logs"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 05:00 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 178.203,
+ "StatusCode": 200
+ },
+ "LookupId": "81137323-f9d8-513c-ad58-77904af96ae4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in Multipart Data issue.
Fix the LDAP Injection in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "LDAPInjectioninMultipartData",
+ "Url": "https://portal.testsparker.com/admin/logs"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "63",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cross-site Scripting in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/settings.php?action=768"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 01:42 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?action=768 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 495.2788,
+ "StatusCode": 200
+ },
+ "LookupId": "08d63469-9da1-51a8-8663-a2d41f230893",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in POST Body via POST Request issue.
Fix the Cross-site Scripting in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginPOSTBodyviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/settings.php?action=768"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "190",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/products.php?sort=931"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 05:07 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php?sort=931 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 57.4747,
+ "StatusCode": 200
+ },
+ "LookupId": "e8947516-0b7a-51b5-8547-9821bbff7ec5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in Form Field via POST Request issue.
Fix the HTTP Response Splitting in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginFormFieldviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/products.php?sort=931"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "487",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Clickjacking in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/files/upload?sort=580"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 03:32 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload?sort=580 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 321.8655,
+ "StatusCode": 200
+ },
+ "LookupId": "f9d571de-32aa-5028-a082-e387b83ec540",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in URL Path via POST Request issue.
Fix the Clickjacking in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "ClickjackinginURLPathviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/files/upload?sort=580"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "150",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cleartext Transmission in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/profile.php"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 09:02 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 185.7544,
+ "StatusCode": 200
+ },
+ "LookupId": "9d3877cd-c793-550f-845e-a3e167df70e2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in Form Field issue.
Fix the Cleartext Transmission in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CleartextTransmissioninFormField",
+ "Url": "https://portal.testsparker.com/profile.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "642",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Integer Overflow vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/files/list?page=861"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 12:18 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?page=861 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 124.9019,
+ "StatusCode": 200
+ },
+ "LookupId": "5e7b231a-659f-50ba-8554-b1b7e012cf65",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow issue.
Fix the Integer Overflow vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "IntegerOverflow",
+ "Url": "https://docs.testsparker.com/files/list?page=861"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "501",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Remote Code Execution in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/auth/login.php?page=290"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 11:53 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php?page=290 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 10.3144,
+ "StatusCode": 200
+ },
+ "LookupId": "506c5ee0-480f-5bae-b783-5347dc80926f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in Query Parameter via PUT Request issue.
Fix the Remote Code Execution in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninQueryParameterviaPUTRequest",
+ "Url": "http://admin.testsparker.com/auth/login.php?page=290"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "281",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Integer Overflow in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/blog/edit.php"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 02:44 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 366.0035,
+ "StatusCode": 200
+ },
+ "LookupId": "2cc477d5-13ad-52d3-90c8-5ad5ed0abee3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in JSON Payload via POST Request issue.
Fix the Integer Overflow in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "IntegerOverflowinJSONPayloadviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/blog/edit.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "10",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Remote Code Execution in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/download.php"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 07:35 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 257.6646,
+ "StatusCode": 200
+ },
+ "LookupId": "1714cf6f-d68c-5b53-8c04-e7b778ed7522",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in JSON Payload issue.
Fix the Remote Code Execution in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninJSONPayload",
+ "Url": "http://api.testsparker.com/download.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "270",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Information Disclosure in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/admin/users?token=379"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 05:36 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users?token=379 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 40.2033,
+ "StatusCode": 200
+ },
+ "LookupId": "3684c718-c28b-537b-b136-9a7d41430506",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in XML Input issue.
Fix the Information Disclosure in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "InformationDisclosureinXMLInput",
+ "Url": "http://blog.testsparker.com/admin/users?token=379"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "633",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XML External Entity in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v1/orders?token=12"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 07:01 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders?token=12 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 373.7464,
+ "StatusCode": 200
+ },
+ "LookupId": "f76407e3-2b7d-5288-b0dc-a3809b923eae",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in Multipart Data via POST Request issue.
Fix the XML External Entity in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "XMLExternalEntityinMultipartDataviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/api/v1/orders?token=12"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "75",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "36"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Cryptography in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/blog/edit.php"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 06:59 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 125.0723,
+ "StatusCode": 200
+ },
+ "LookupId": "c805d082-11ba-55bc-a6e4-c355c7892ee8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in Header via POST Request issue.
Fix the Weak Cryptography in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "WeakCryptographyinHeaderviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/blog/edit.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "460",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cross-site Scripting in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v1/users"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 06:44 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 166.7757,
+ "StatusCode": 200
+ },
+ "LookupId": "5fdec971-6d4e-53e7-b3ea-e4b4bbf42e3d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in XML Input issue.
Fix the Cross-site Scripting in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginXMLInput",
+ "Url": "http://admin.testsparker.com/api/v1/users"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "52",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/account/billing?page=221"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 09:00 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing?page=221 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 425.1145,
+ "StatusCode": 200
+ },
+ "LookupId": "fd212f9e-fd58-5fca-925f-1b3674630651",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in Header issue.
Fix the Insecure HTTP Method in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinHeader",
+ "Url": "http://blog.testsparker.com/account/billing?page=221"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "318",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Remote Code Execution in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/search"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 01:52 AM",
+ "HttpRequest": {
+ "Content": "GET /search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 201.1902,
+ "StatusCode": 200
+ },
+ "LookupId": "08c1ed5e-0ef9-5bd6-a806-d78b71fe5806",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in Cookie via PUT Request issue.
Fix the Remote Code Execution in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninCookieviaPUTRequest",
+ "Url": "https://portal.testsparker.com/search"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "238",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Integer Overflow in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v2/export?ref=52"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 12:44 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export?ref=52 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 201.4478,
+ "StatusCode": 200
+ },
+ "LookupId": "0dbcd8d5-26bc-5d04-850a-29c53c0e1b6f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in JSON Payload issue.
Fix the Integer Overflow in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "IntegerOverflowinJSONPayload",
+ "Url": "https://shop.testsparker.com/api/v2/export?ref=52"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "192",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/auth/reset.php"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 04:14 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 152.6417,
+ "StatusCode": 200
+ },
+ "LookupId": "05c7f507-dbc4-541b-8d04-3050d74db750",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in JSON Payload via POST Request issue.
Fix the HTTP Response Splitting in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginJSONPayloadviaPOSTRequest",
+ "Url": "http://api.testsparker.com/auth/reset.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "650",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/files/download"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 06:49 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 242.0382,
+ "StatusCode": 200
+ },
+ "LookupId": "0dc123df-f98a-5f3a-97e5-953f8584597d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in Cookie via PUT Request issue.
Fix the Unvalidated Redirect in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinCookieviaPUTRequest",
+ "Url": "http://blog.testsparker.com/files/download"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "259",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Remote Code Execution in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/download.php?filter=346"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 09:03 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?filter=346 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 499.9548,
+ "StatusCode": 200
+ },
+ "LookupId": "79e4f6dc-63ff-55a1-9990-1588544a3158",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in POST Body issue.
Fix the Remote Code Execution in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninPOSTBody",
+ "Url": "http://blog.testsparker.com/download.php?filter=346"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "322",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "29"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Mass Assignment in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/account/security"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 06:29 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 121.5643,
+ "StatusCode": 200
+ },
+ "LookupId": "197746ae-cd72-5456-8307-1765d9cf06c3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in Header via PUT Request issue.
Fix the Mass Assignment in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "MassAssignmentinHeaderviaPUTRequest",
+ "Url": "http://admin.testsparker.com/account/security"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "312",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "11"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/files/download?id=852"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 04:22 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?id=852 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 474.2667,
+ "StatusCode": 200
+ },
+ "LookupId": "00d8cc78-bf87-51ba-9adb-ef1b2d45f468",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in Header issue.
Fix the Missing Content-Security-Policy in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinHeader",
+ "Url": "http://api.testsparker.com/files/download?id=852"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "84",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/payment.php"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 05:41 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 352.2552,
+ "StatusCode": 200
+ },
+ "LookupId": "12ced02e-8146-5495-a37a-73517a117226",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in Cookie issue.
Fix the DNS Zone Transfer in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "DNSZoneTransferinCookie",
+ "Url": "http://admin.testsparker.com/payment.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "538",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/settings.php?name=712"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 01:06 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?name=712 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 289.9699,
+ "StatusCode": 200
+ },
+ "LookupId": "55e7a5ad-2072-573f-8e6c-d8f97066c756",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in Query Parameter issue.
Fix the Missing Content-Security-Policy in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinQueryParameter",
+ "Url": "https://app2.testsparker.com/settings.php?name=712"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "231",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Open Redirect in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/download.php"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 08:10 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 462.7162,
+ "StatusCode": 200
+ },
+ "LookupId": "761bfbe1-1b76-59b4-a9a8-40591d29281c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in Header via PUT Request issue.
Fix the Open Redirect in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "OpenRedirectinHeaderviaPUTRequest",
+ "Url": "http://admin.testsparker.com/download.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "89",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Directory Traversal in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v2/webhook?sort=805"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 04:27 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?sort=805 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 296.7602,
+ "StatusCode": 200
+ },
+ "LookupId": "019e8301-eb5c-5685-bd97-56174f68c455",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in Query Parameter via PUT Request issue.
Fix the Directory Traversal in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "DirectoryTraversalinQueryParameterviaPUTRequest",
+ "Url": "http://admin.testsparker.com/api/v2/webhook?sort=805"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "336",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Race Condition in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/checkout.php"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 10:02 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 283.1879,
+ "StatusCode": 200
+ },
+ "LookupId": "69fe87c5-a3bf-5001-9da1-0e1b7c54def5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in File Name issue.
Fix the Race Condition in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "RaceConditioninFileName",
+ "Url": "http://api.testsparker.com/checkout.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "107",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "33"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v1/users"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 11:30 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 119.88,
+ "StatusCode": 200
+ },
+ "LookupId": "e04647a3-2462-5de0-96df-1e10cb17ca1f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in Cookie issue.
Fix the Cookie Not Marked as Secure in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinCookie",
+ "Url": "http://blog.testsparker.com/api/v1/users"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "645",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cleartext Transmission in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/settings.php"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 12:05 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 394.486,
+ "StatusCode": 200
+ },
+ "LookupId": "f141ce5e-f8fb-50d0-8eb2-0482cc7f488d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in JSON Payload via POST Request issue.
Fix the Cleartext Transmission in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CleartextTransmissioninJSONPayloadviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/settings.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "632",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a HSTS Missing in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/reports/view?type=715"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 07:44 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?type=715 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 271.8192,
+ "StatusCode": 200
+ },
+ "LookupId": "18a65a6c-1517-5365-8017-024b7664012d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in Form Field via POST Request issue.
Fix the HSTS Missing in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "HSTSMissinginFormFieldviaPOSTRequest",
+ "Url": "http://api.testsparker.com/reports/view?type=715"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "197",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "17"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a SQL Injection in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/auth/register.php?sort=739"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 09:34 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?sort=739 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 428.5794,
+ "StatusCode": 200
+ },
+ "LookupId": "a0c5a893-aa01-56f4-b48e-f456de20e425",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in Header via PUT Request issue.
Fix the SQL Injection in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "SQLInjectioninHeaderviaPUTRequest",
+ "Url": "http://blog.testsparker.com/auth/register.php?sort=739"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "47",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/admin/logs"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 08:33 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 233.9244,
+ "StatusCode": 200
+ },
+ "LookupId": "05224179-7c21-5631-9185-97eab9da10d0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in Header issue.
Fix the Sensitive Data Exposure in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinHeader",
+ "Url": "http://api.testsparker.com/admin/logs"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "317",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Race Condition in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/admin/dashboard"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 12:36 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 244.3585,
+ "StatusCode": 200
+ },
+ "LookupId": "dae4cc6c-3d19-51c8-be9f-e96f2b91a124",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in XML Input via POST Request issue.
Fix the Race Condition in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "RaceConditioninXMLInputviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/admin/dashboard"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "304",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Integer Overflow in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/blog/post.php"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 10:34 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 291.8624,
+ "StatusCode": 200
+ },
+ "LookupId": "5fcd0628-67f8-559c-a97f-0f3ee74b0cda",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in POST Body via POST Request issue.
Fix the Integer Overflow in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "IntegerOverflowinPOSTBodyviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/blog/post.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "424",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/admin/users?sort=723"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 08:53 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users?sort=723 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 475.8561,
+ "StatusCode": 200
+ },
+ "LookupId": "3742a205-ef3e-5de2-b14c-89b38a6aa20f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in Query Parameter issue.
Fix the Insecure HTTP Method in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinQueryParameter",
+ "Url": "http://blog.testsparker.com/admin/users?sort=723"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "150",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/users?action=489"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 02:30 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users?action=489 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 261.5584,
+ "StatusCode": 200
+ },
+ "LookupId": "49fe25d2-84de-50f3-a771-4618c515c288",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in Multipart Data via POST Request issue.
Fix the Unvalidated Redirect in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinMultipartDataviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/admin/users?action=489"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "38",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a SQL Injection in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/reports/view"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 04:56 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 30.5339,
+ "StatusCode": 200
+ },
+ "LookupId": "aaaf5930-6381-5182-8ea4-5f0c961fa998",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in Header issue.
Fix the SQL Injection in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "SQLInjectioninHeader",
+ "Url": "https://docs.testsparker.com/reports/view"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "261",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cross-site Scripting in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 02:02 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 217.6117,
+ "StatusCode": 200
+ },
+ "LookupId": "21ae4e6f-cca1-5611-948d-b8dfe2bb8e06",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in URL Path issue.
Fix the Cross-site Scripting in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginURLPath",
+ "Url": "http://app1.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "281",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/admin/logs"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 02:23 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 335.6093,
+ "StatusCode": 200
+ },
+ "LookupId": "c0582d6d-87b4-538a-8d53-abc249fd5b93",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in JSON Payload issue.
Fix the Missing Content-Security-Policy in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinJSONPayload",
+ "Url": "http://blog.testsparker.com/admin/logs"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "400",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "3"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Mass Assignment in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v1/products"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 05:47 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 17.9587,
+ "StatusCode": 200
+ },
+ "LookupId": "800b893e-efe1-5115-a4f5-25d550b13c9b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in Cookie issue.
Fix the Mass Assignment in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "MassAssignmentinCookie",
+ "Url": "https://shop.testsparker.com/api/v1/products"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "528",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Buffer Overflow in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/settings.php?page=180"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 02:11 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?page=180 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 491.0257,
+ "StatusCode": 200
+ },
+ "LookupId": "7d371884-27bf-5ada-a92d-0c7cf4b25f10",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in Header issue.
Fix the Buffer Overflow in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "BufferOverflowinHeader",
+ "Url": "https://shop.testsparker.com/settings.php?page=180"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "116",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "11"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/api/v2/webhook"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 05:45 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 101.2375,
+ "StatusCode": 200
+ },
+ "LookupId": "a5a40f6b-6289-59d0-8f0b-b97a391ea5c1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in Header issue.
Fix the Unvalidated Redirect in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinHeader",
+ "Url": "https://docs.testsparker.com/api/v2/webhook"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "22",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Open Redirect in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/files/list?page=516"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 04:47 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?page=516 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 219.964,
+ "StatusCode": 200
+ },
+ "LookupId": "d70f63cc-4192-5a48-9297-6cc231afe0ad",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in XML Input via POST Request issue.
Fix the Open Redirect in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "OpenRedirectinXMLInputviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/files/list?page=516"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "501",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CSRF in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/account/security"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 08:41 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 358.8028,
+ "StatusCode": 200
+ },
+ "LookupId": "6cf729c4-f6b0-5412-9e0b-63e6259760ea",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in POST Body issue.
Fix the CSRF in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CSRFinPOSTBody",
+ "Url": "http://app1.testsparker.com/account/security"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "538",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "29"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/users"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 03:54 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 223.5879,
+ "StatusCode": 200
+ },
+ "LookupId": "5c43380c-dcdc-5e3d-a774-2084d21b2f93",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in Cookie issue.
Fix the Sensitive Data Exposure in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinCookie",
+ "Url": "https://app2.testsparker.com/admin/users"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "583",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cleartext Transmission in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/auth/register.php?q=555"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 06:47 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?q=555 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 407.373,
+ "StatusCode": 200
+ },
+ "LookupId": "4962b9b7-9418-5924-8511-831ffca9c040",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in File Name via POST Request issue.
Fix the Cleartext Transmission in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CleartextTransmissioninFileNameviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/auth/register.php?q=555"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "247",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "27"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Integer Overflow in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/account/billing?q=299"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 11:05 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing?q=299 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 266.5074,
+ "StatusCode": 200
+ },
+ "LookupId": "dd814418-ff34-5046-91f7-db0af397b7c1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in Cookie issue.
Fix the Integer Overflow in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "IntegerOverflowinCookie",
+ "Url": "http://app1.testsparker.com/account/billing?q=299"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "388",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "11"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CSRF in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/upload.php"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 09:11 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 345.3754,
+ "StatusCode": 200
+ },
+ "LookupId": "fad85972-7136-501c-bb43-0cd81889d6d7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in Header issue.
Fix the CSRF in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CSRFinHeader",
+ "Url": "http://admin.testsparker.com/upload.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "439",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "22"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CSRF in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v1/orders"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 07:09 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 447.6276,
+ "StatusCode": 200
+ },
+ "LookupId": "8901441f-2d00-5698-9b86-c119eac6812d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in File Name via POST Request issue.
Fix the CSRF in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CSRFinFileNameviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/api/v1/orders"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "502",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "15"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XPath Injection in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/admin/dashboard"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 02:47 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 35.8977,
+ "StatusCode": 200
+ },
+ "LookupId": "bf6be0f0-f280-5686-856c-d9adb1fe1157",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in Cookie via POST Request issue.
Fix the XPath Injection in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "XPathInjectioninCookieviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/admin/dashboard"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "67",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Deserialization in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v1/orders"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 05:39 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 316.8308,
+ "StatusCode": 200
+ },
+ "LookupId": "a638346f-7b02-5493-b9f4-e26a1fccb82b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in JSON Payload via POST Request issue.
Fix the Insecure Deserialization in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "InsecureDeserializationinJSONPayloadviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/api/v1/orders"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "437",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "3"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Race Condition in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/account/security?ref=100"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 01:33 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?ref=100 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 443.6193,
+ "StatusCode": 200
+ },
+ "LookupId": "b332f7b0-fbd5-5b78-b974-a11c6a05cb4e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in URL Path issue.
Fix the Race Condition in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "RaceConditioninURLPath",
+ "Url": "https://portal.testsparker.com/account/security?ref=100"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "149",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Command Injection in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/search"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 03:07 AM",
+ "HttpRequest": {
+ "Content": "GET /search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 333.9182,
+ "StatusCode": 200
+ },
+ "LookupId": "4eb841d5-5c68-5f81-b3bb-c607613fb363",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in Cookie issue.
Fix the Command Injection in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CommandInjectioninCookie",
+ "Url": "https://portal.testsparker.com/search"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "519",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Broken Authentication in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/cart.php?q=103"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 11:53 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php?q=103 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 374.949,
+ "StatusCode": 200
+ },
+ "LookupId": "447ee15d-839e-521e-baed-f1d4b2e44910",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in File Name issue.
Fix the Broken Authentication in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinFileName",
+ "Url": "https://app2.testsparker.com/cart.php?q=103"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "500",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cleartext Transmission in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/search"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 06:48 AM",
+ "HttpRequest": {
+ "Content": "GET /search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 264.3457,
+ "StatusCode": 200
+ },
+ "LookupId": "ad3a18be-b382-5dc3-b901-6cdb4b420345",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in URL Path via PUT Request issue.
Fix the Cleartext Transmission in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CleartextTransmissioninURLPathviaPUTRequest",
+ "Url": "https://shop.testsparker.com/search"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "632",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 03:59 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 376.338,
+ "StatusCode": 200
+ },
+ "LookupId": "c07e7fb6-b6da-51cc-b937-0dd8ba2c1344",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in Cookie via PUT Request issue.
Fix the Cookie Not Marked as HttpOnly in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinCookieviaPUTRequest",
+ "Url": "https://shop.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "656",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "36"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/config?page=168"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 06:53 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/config?page=168 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 386.4737,
+ "StatusCode": 200
+ },
+ "LookupId": "326f1b42-90dd-521f-9706-ef4b4234ae02",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery issue.
Fix the Server-Side Request Forgery vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "Server-SideRequestForgery",
+ "Url": "https://app2.testsparker.com/admin/config?page=168"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "651",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cross-site Scripting in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/files/upload?action=393"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 03:31 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload?action=393 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 151.529,
+ "StatusCode": 200
+ },
+ "LookupId": "3bd7a8c9-f3d1-53e6-a3e9-d9489e064844",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in JSON Payload issue.
Fix the Cross-site Scripting in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginJSONPayload",
+ "Url": "http://blog.testsparker.com/files/upload?action=393"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "196",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/admin/logs"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 12:47 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 276.1316,
+ "StatusCode": 200
+ },
+ "LookupId": "1cb763c6-e193-52d2-b906-e69ea69d671e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in JSON Payload via POST Request issue.
Fix the CORS Misconfiguration in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinJSONPayloadviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/admin/logs"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "315",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HSTS Missing in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/profile.php"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 02:29 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 347.4522,
+ "StatusCode": 200
+ },
+ "LookupId": "9dd0d55c-1cd5-58d3-98e7-e4c5c275b355",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in POST Body issue.
Fix the HSTS Missing in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "HSTSMissinginPOSTBody",
+ "Url": "http://api.testsparker.com/profile.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "474",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Integer Overflow in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/checkout.php?type=164"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 11:42 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php?type=164 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 221.7459,
+ "StatusCode": 200
+ },
+ "LookupId": "9b3ad026-5ef3-585c-95fb-deb3c377e294",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in URL Path issue.
Fix the Integer Overflow in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "IntegerOverflowinURLPath",
+ "Url": "http://api.testsparker.com/checkout.php?type=164"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "192",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Email Header Injection in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/upload.php?type=255"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 02:56 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php?type=255 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 250.8719,
+ "StatusCode": 200
+ },
+ "LookupId": "0a462fce-14a5-5048-8574-0467fda938e4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in Header via PUT Request issue.
Fix the Email Header Injection in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninHeaderviaPUTRequest",
+ "Url": "http://admin.testsparker.com/upload.php?type=255"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "466",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "38"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/api/v2/webhook?ref=586"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 10:26 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?ref=586 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 107.6031,
+ "StatusCode": 200
+ },
+ "LookupId": "476926d2-df1d-5d27-bcc7-288e59fc0546",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in Multipart Data issue.
Fix the CORS Misconfiguration in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinMultipartData",
+ "Url": "http://api.testsparker.com/api/v2/webhook?ref=586"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "218",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Remote Code Execution in XML Input via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v2/export"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 12:39 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 147.8944,
+ "StatusCode": 200
+ },
+ "LookupId": "b42315bc-430c-5823-8da9-8d35fde1fae6",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in XML Input via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in XML Input via PUT Request issue.
Fix the Remote Code Execution in XML Input via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninXMLInputviaPUTRequest",
+ "Url": "https://portal.testsparker.com/api/v2/export"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "57",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CSRF in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/auth/register.php?page=457"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 09:14 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?page=457 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 392.8288,
+ "StatusCode": 200
+ },
+ "LookupId": "7e2c933f-29a1-55d5-839a-b5f8cb964dbb",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in Cookie via POST Request issue.
Fix the CSRF in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CSRFinCookieviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/auth/register.php?page=457"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "525",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "27"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Deserialization in XML Input via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/blog/post.php?sort=714"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 06:46 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php?sort=714 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 138.1781,
+ "StatusCode": 200
+ },
+ "LookupId": "19580830-663b-54da-945b-21bfe244a574",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in XML Input via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in XML Input via PUT Request issue.
Fix the Insecure Deserialization in XML Input via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InsecureDeserializationinXMLInputviaPUTRequest",
+ "Url": "http://blog.testsparker.com/blog/post.php?sort=714"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "332",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "33"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Session Fixation in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/api/v2/search"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 05:29 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 109.3067,
+ "StatusCode": 200
+ },
+ "LookupId": "a5d07c1c-397a-55d1-b4d3-306fee60e07f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in POST Body via PUT Request issue.
Fix the Session Fixation in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "SessionFixationinPOSTBodyviaPUTRequest",
+ "Url": "http://api.testsparker.com/api/v2/search"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "352",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "24"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Mass Assignment in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/dashboard"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 02:30 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 388.0683,
+ "StatusCode": 200
+ },
+ "LookupId": "734860d6-15c9-5fce-8ad8-9507eebe294f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in POST Body issue.
Fix the Mass Assignment in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "MassAssignmentinPOSTBody",
+ "Url": "https://app2.testsparker.com/admin/dashboard"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "179",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/settings.php?token=844"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 02:50 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?token=844 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 89.5631,
+ "StatusCode": 200
+ },
+ "LookupId": "d0e26940-361b-5540-98be-bd5834d16dec",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in URL Path via PUT Request issue.
Fix the Cookie Not Marked as Secure in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinURLPathviaPUTRequest",
+ "Url": "https://portal.testsparker.com/settings.php?token=844"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "601",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a NoSQL Injection in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/cart.php?q=933"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 10:36 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php?q=933 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 286.3708,
+ "StatusCode": 200
+ },
+ "LookupId": "506074e6-6e10-560b-8e36-036cf24c644b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in POST Body via PUT Request issue.
Fix the NoSQL Injection in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "NoSQLInjectioninPOSTBodyviaPUTRequest",
+ "Url": "http://blog.testsparker.com/cart.php?q=933"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "407",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Race Condition in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/checkout.php"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 09:03 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 22.9188,
+ "StatusCode": 200
+ },
+ "LookupId": "6c924b89-b6a2-5b8c-b948-58a8fd17c25d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in File Name issue.
Fix the Race Condition in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "RaceConditioninFileName",
+ "Url": "http://api.testsparker.com/checkout.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "629",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a SQL Injection in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/profile.php"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 08:23 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 28.0301,
+ "StatusCode": 200
+ },
+ "LookupId": "ba03a63f-e046-5a48-9ed4-925c8f675b20",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in JSON Payload via POST Request issue.
Fix the SQL Injection in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "SQLInjectioninJSONPayloadviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/profile.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "121",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/reports/view?filter=311"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 12:38 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?filter=311 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 354.8466,
+ "StatusCode": 200
+ },
+ "LookupId": "598d0f39-bc6d-5510-a7d5-15d824375a55",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in URL Path issue.
Fix the Cookie Not Marked as Secure in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinURLPath",
+ "Url": "https://portal.testsparker.com/reports/view?filter=311"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "72",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/auth/login.php?sort=29"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 09:13 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php?sort=29 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 488.1294,
+ "StatusCode": 200
+ },
+ "LookupId": "3d39035b-538c-57cd-baf5-1aa5da1e7578",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in JSON Payload via PUT Request issue.
Fix the Missing Content-Security-Policy in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinJSONPayloadviaPUTRequest",
+ "Url": "http://app1.testsparker.com/auth/login.php?sort=29"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "435",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a HSTS Missing in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/account/billing"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 01:58 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 408.4319,
+ "StatusCode": 200
+ },
+ "LookupId": "f51ca1e6-2dfe-57ad-aa8b-b12baf1d7580",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in XML Input via POST Request issue.
Fix the HSTS Missing in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "HSTSMissinginXMLInputviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/account/billing"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "55",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v1/users"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 02:34 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 59.5057,
+ "StatusCode": 200
+ },
+ "LookupId": "201ef26a-e237-53de-8ee7-d34ad4961847",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in Multipart Data via POST Request issue.
Fix the HTTP Response Splitting in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginMultipartDataviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/api/v1/users"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "119",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Path Disclosure vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/upload.php"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 05:38 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 113.2085,
+ "StatusCode": 200
+ },
+ "LookupId": "3404768c-efb9-5c6a-ba7d-f380cd7c4b5d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure issue.
Fix the Path Disclosure vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "PathDisclosure",
+ "Url": "http://app1.testsparker.com/upload.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "678",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Password Policy in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v1/users?action=51"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 05:13 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users?action=51 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 379.9221,
+ "StatusCode": 200
+ },
+ "LookupId": "b493b484-d685-5a67-a11e-022cdd21bdc3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in Cookie issue.
Fix the Weak Password Policy in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinCookie",
+ "Url": "https://app2.testsparker.com/api/v1/users?action=51"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "3",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cleartext Transmission in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/profile.php"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 11:53 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 93.7607,
+ "StatusCode": 200
+ },
+ "LookupId": "e2ac3a1b-c1bd-5c4d-b9ca-f8796b166701",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in Form Field issue.
Fix the Cleartext Transmission in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CleartextTransmissioninFormField",
+ "Url": "https://portal.testsparker.com/profile.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "384",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Directory Traversal in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/checkout.php?token=34"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 03:36 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php?token=34 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 496.4863,
+ "StatusCode": 200
+ },
+ "LookupId": "9410d226-37a0-5137-a347-d26a75efd6df",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in Multipart Data via POST Request issue.
Fix the Directory Traversal in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "DirectoryTraversalinMultipartDataviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/checkout.php?token=34"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "553",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XML External Entity in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/checkout.php"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 09:18 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 124.7391,
+ "StatusCode": 200
+ },
+ "LookupId": "93e1a8e1-5ceb-579d-b1b2-598f4e715858",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in URL Path issue.
Fix the XML External Entity in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "XMLExternalEntityinURLPath",
+ "Url": "http://app1.testsparker.com/checkout.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "197",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "34"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XPath Injection in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/auth/register.php?type=45"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 05:38 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?type=45 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 217.6856,
+ "StatusCode": 200
+ },
+ "LookupId": "0cd6400c-4cdf-558c-bbfa-698e7c8f28b6",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in Multipart Data issue.
Fix the XPath Injection in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "XPathInjectioninMultipartData",
+ "Url": "http://api.testsparker.com/auth/register.php?type=45"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "671",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Email Header Injection in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/account/security"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 05:21 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 315.3971,
+ "StatusCode": 200
+ },
+ "LookupId": "1d45368a-b38b-5f07-af17-1e62af8e1433",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in POST Body issue.
Fix the Email Header Injection in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninPOSTBody",
+ "Url": "https://app2.testsparker.com/account/security"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "140",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XPath Injection in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/profile.php?q=33"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 03:48 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php?q=33 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 178.3522,
+ "StatusCode": 200
+ },
+ "LookupId": "df8dd39d-72ce-5b8c-b98c-5d4600f35d4f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in POST Body via POST Request issue.
Fix the XPath Injection in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "XPathInjectioninPOSTBodyviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/profile.php?q=33"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "257",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/blog/post.php?token=990"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 06:35 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php?token=990 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 467.8038,
+ "StatusCode": 200
+ },
+ "LookupId": "5b8c8254-e006-51f1-b5c4-7ff00707c23f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in Cookie issue.
Fix the HTTP Response Splitting in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginCookie",
+ "Url": "http://admin.testsparker.com/blog/post.php?token=990"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "281",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "46"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Session Fixation in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v1/users"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 11:45 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 135.4054,
+ "StatusCode": 200
+ },
+ "LookupId": "82256795-9d3a-5370-8198-7c8239bbd9cc",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in Header via PUT Request issue.
Fix the Session Fixation in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "SessionFixationinHeaderviaPUTRequest",
+ "Url": "http://blog.testsparker.com/api/v1/users"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "575",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v1/orders"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 10:34 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 292.6592,
+ "StatusCode": 200
+ },
+ "LookupId": "3032f3f9-bb3e-5849-91c3-3084bad517d7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in URL Path via POST Request issue.
Fix the DNS Zone Transfer in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "DNSZoneTransferinURLPathviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/api/v1/orders"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "397",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/files/list?filter=92"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 01:42 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?filter=92 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 446.1212,
+ "StatusCode": 200
+ },
+ "LookupId": "de0f2242-7d98-5c53-9ff8-f74a5513b2c3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in URL Path via POST Request issue.
Fix the CORS Misconfiguration in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinURLPathviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/files/list?filter=92"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "342",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Directory Traversal in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/api/v1/orders"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 09:13 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 297.3277,
+ "StatusCode": 200
+ },
+ "LookupId": "7206ab70-61a8-5622-ae25-0f7fb8cbee38",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in Cookie issue.
Fix the Directory Traversal in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "DirectoryTraversalinCookie",
+ "Url": "https://docs.testsparker.com/api/v1/orders"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "620",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "29"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CSRF in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/help?type=518"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 10:52 AM",
+ "HttpRequest": {
+ "Content": "GET /help?type=518 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 415.1241,
+ "StatusCode": 200
+ },
+ "LookupId": "48d276f3-b0b9-580b-a4fb-dc75ccffbcac",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in POST Body via PUT Request issue.
Fix the CSRF in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CSRFinPOSTBodyviaPUTRequest",
+ "Url": "http://blog.testsparker.com/help?type=518"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "307",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "2"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Command Injection in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/api/v2/export?page=209"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 04:48 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export?page=209 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 17.8604,
+ "StatusCode": 200
+ },
+ "LookupId": "2d9d29da-6169-5450-9b45-f9fcfd481061",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in POST Body via PUT Request issue.
Fix the Command Injection in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CommandInjectioninPOSTBodyviaPUTRequest",
+ "Url": "https://docs.testsparker.com/api/v2/export?page=209"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "253",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Email Header Injection in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/upload.php?sort=790"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 11:23 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php?sort=790 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 469.4282,
+ "StatusCode": 200
+ },
+ "LookupId": "70e96623-d3f4-559a-9b46-316f84a61c9c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in Header issue.
Fix the Email Header Injection in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninHeader",
+ "Url": "http://admin.testsparker.com/upload.php?sort=790"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "107",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a LDAP Injection in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/auth/login.php"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 02:47 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 346.1613,
+ "StatusCode": 200
+ },
+ "LookupId": "14fd2175-e881-5883-83d4-476e8e3e2843",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in Form Field issue.
Fix the LDAP Injection in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "LDAPInjectioninFormField",
+ "Url": "http://api.testsparker.com/auth/login.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "369",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Command Injection in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/payment.php?name=833"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 02:06 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php?name=833 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 427.1105,
+ "StatusCode": 200
+ },
+ "LookupId": "4142af22-03eb-5877-ae73-631b0e2b352d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in Form Field issue.
Fix the Command Injection in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CommandInjectioninFormField",
+ "Url": "http://admin.testsparker.com/payment.php?name=833"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "668",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a File Upload Vulnerability vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 04:10 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 209.1429,
+ "StatusCode": 200
+ },
+ "LookupId": "d66ef0cb-f968-5784-bcb5-17ca1e7e7829",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability issue.
Fix the File Upload Vulnerability vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "FileUploadVulnerability",
+ "Url": "https://app2.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "584",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XML External Entity in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/files/download?q=804"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 09:10 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?q=804 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 168.5903,
+ "StatusCode": 200
+ },
+ "LookupId": "474073c4-77be-5d80-8e2d-918d496999fd",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in JSON Payload issue.
Fix the XML External Entity in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "XMLExternalEntityinJSONPayload",
+ "Url": "https://shop.testsparker.com/files/download?q=804"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "86",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cross-site Scripting in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/auth/register.php"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 08:11 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 34.6395,
+ "StatusCode": 200
+ },
+ "LookupId": "b14751f2-62c3-5cfd-ba9d-eb840f244121",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in POST Body issue.
Fix the Cross-site Scripting in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginPOSTBody",
+ "Url": "http://api.testsparker.com/auth/register.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "347",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/logs?q=961"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 01:31 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?q=961 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 394.9478,
+ "StatusCode": 200
+ },
+ "LookupId": "2810c440-adea-52c1-a552-e7f2ee88879d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in XML Input via POST Request issue.
Fix the Missing Content-Security-Policy in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinXMLInputviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/admin/logs?q=961"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "529",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Directory Traversal in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/checkout.php?token=753"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 08:25 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php?token=753 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 443.3548,
+ "StatusCode": 200
+ },
+ "LookupId": "2a83e16d-74dd-50ce-849f-c879c97e981c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in Query Parameter issue.
Fix the Directory Traversal in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "DirectoryTraversalinQueryParameter",
+ "Url": "http://app1.testsparker.com/checkout.php?token=753"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "598",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "34"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/admin/users"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 02:15 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 386.4442,
+ "StatusCode": 200
+ },
+ "LookupId": "a3144973-6d40-5bdb-b1d1-af1c5d6a810f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in Header via POST Request issue.
Fix the DNS Zone Transfer in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "DNSZoneTransferinHeaderviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/admin/users"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "178",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "36"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/logs?q=961"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 09:05 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?q=961 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 218.8575,
+ "StatusCode": 200
+ },
+ "LookupId": "048376d7-3760-5e43-b9dd-52f659a14084",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in XML Input via POST Request issue.
Fix the Missing Content-Security-Policy in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinXMLInputviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/admin/logs?q=961"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "641",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "40"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Email Header Injection in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/auth/reset.php?token=227"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 10:34 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php?token=227 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 19.7608,
+ "StatusCode": 200
+ },
+ "LookupId": "f3948022-0a9f-5365-b8c5-a71d65bdd583",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in POST Body via PUT Request issue.
Fix the Email Header Injection in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninPOSTBodyviaPUTRequest",
+ "Url": "https://shop.testsparker.com/auth/reset.php?token=227"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "329",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a LDAP Injection in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/search?token=836"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 06:11 AM",
+ "HttpRequest": {
+ "Content": "GET /search?token=836 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 482.6416,
+ "StatusCode": 200
+ },
+ "LookupId": "d8d8638c-ee23-5341-91ae-3e9b25a35040",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in URL Path issue.
Fix the LDAP Injection in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "LDAPInjectioninURLPath",
+ "Url": "http://blog.testsparker.com/search?token=836"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "273",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/help?id=339"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 04:57 AM",
+ "HttpRequest": {
+ "Content": "GET /help?id=339 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 422.3543,
+ "StatusCode": 200
+ },
+ "LookupId": "8d9e4ca1-8f3c-5274-9050-78a23ff71648",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in Multipart Data issue.
Fix the Server-Side Request Forgery in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinMultipartData",
+ "Url": "https://docs.testsparker.com/help?id=339"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "280",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "2"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XML External Entity in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/files/download"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 05:42 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 279.846,
+ "StatusCode": 200
+ },
+ "LookupId": "17059425-21d9-5937-b989-0ec460f41cc7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in Header via POST Request issue.
Fix the XML External Entity in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "XMLExternalEntityinHeaderviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/files/download"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "357",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Path Disclosure in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/cart.php"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 08:10 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 92.5854,
+ "StatusCode": 200
+ },
+ "LookupId": "615d1c61-4191-580d-a9ed-0404572c377b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in URL Path issue.
Fix the Path Disclosure in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "PathDisclosureinURLPath",
+ "Url": "http://blog.testsparker.com/cart.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "615",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "34"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CSRF in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/blog/edit.php?sort=712"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 02:34 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php?sort=712 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 33.6819,
+ "StatusCode": 200
+ },
+ "LookupId": "e8873415-1c5b-51e6-abfa-3f8311d91cd0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in JSON Payload issue.
Fix the CSRF in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CSRFinJSONPayload",
+ "Url": "https://app2.testsparker.com/blog/edit.php?sort=712"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "670",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cross-site Scripting in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/admin/users?id=551"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 08:14 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users?id=551 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 168.8889,
+ "StatusCode": 200
+ },
+ "LookupId": "615cf0d6-202d-5bba-a7b8-af3769c34105",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in File Name via POST Request issue.
Fix the Cross-site Scripting in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginFileNameviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/admin/users?id=551"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "501",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/dashboard?action=446"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 07:33 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?action=446 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 331.877,
+ "StatusCode": 200
+ },
+ "LookupId": "a0768b21-fb3d-5199-99b5-604c1c0b9b20",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in File Name issue.
Fix the File Upload Vulnerability in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinFileName",
+ "Url": "https://app2.testsparker.com/admin/dashboard?action=446"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "40",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/products.php?page=318"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 01:52 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php?page=318 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 462.05,
+ "StatusCode": 200
+ },
+ "LookupId": "7ac7040d-9473-5d06-ab29-f60b8ef0ce8e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in JSON Payload via POST Request issue.
Fix the Unvalidated Redirect in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinJSONPayloadviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/products.php?page=318"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "235",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a LDAP Injection in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/account/billing"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 05:12 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 465.2582,
+ "StatusCode": 200
+ },
+ "LookupId": "9b252240-95a5-5c37-98e6-5b44afdc1d9b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in Form Field via POST Request issue.
Fix the LDAP Injection in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "LDAPInjectioninFormFieldviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/account/billing"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "657",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Password Policy in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/help"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 10:00 AM",
+ "HttpRequest": {
+ "Content": "GET /help HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 309.0564,
+ "StatusCode": 200
+ },
+ "LookupId": "b69f18b1-329c-54d1-941c-6a95f676d7b7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in JSON Payload issue.
Fix the Weak Password Policy in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinJSONPayload",
+ "Url": "https://shop.testsparker.com/help"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "696",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cleartext Transmission in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v1/users?token=175"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 05:30 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users?token=175 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 153.8371,
+ "StatusCode": 200
+ },
+ "LookupId": "2794cf0a-42ff-569e-b080-4796eafd02b0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in Form Field via POST Request issue.
Fix the Cleartext Transmission in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CleartextTransmissioninFormFieldviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/api/v1/users?token=175"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "633",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Integer Overflow in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/account/security"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 04:15 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 371.4207,
+ "StatusCode": 200
+ },
+ "LookupId": "0c69cc39-b53e-593c-84d0-40f6fb8c618c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in File Name issue.
Fix the Integer Overflow in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "IntegerOverflowinFileName",
+ "Url": "http://blog.testsparker.com/account/security"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "70",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "27"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Open Redirect in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/admin/logs?q=321"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 02:43 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?q=321 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 228.5117,
+ "StatusCode": 200
+ },
+ "LookupId": "29001b23-8995-5184-9e04-f5d729b3dd1f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in POST Body via POST Request issue.
Fix the Open Redirect in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "OpenRedirectinPOSTBodyviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/admin/logs?q=321"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "306",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Race Condition in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/files/download?sort=41"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 01:13 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?sort=41 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 124.5363,
+ "StatusCode": 200
+ },
+ "LookupId": "33b9d4d2-f01c-56ea-b76e-9ea40477c6fc",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in Cookie via PUT Request issue.
Fix the Race Condition in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "RaceConditioninCookieviaPUTRequest",
+ "Url": "https://docs.testsparker.com/files/download?sort=41"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "603",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Mass Assignment in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/account/billing"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 07:20 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 290.5439,
+ "StatusCode": 200
+ },
+ "LookupId": "10cabdcc-0939-5fdc-9aa8-b91f4ad7f470",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in Cookie via POST Request issue.
Fix the Mass Assignment in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "MassAssignmentinCookieviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/account/billing"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "507",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Buffer Overflow in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/reports/view?q=519"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 05:20 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?q=519 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 40.0977,
+ "StatusCode": 200
+ },
+ "LookupId": "dd2e2f86-0b5b-5fa5-b7ff-c4d7e6d07451",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in Cookie via POST Request issue.
Fix the Buffer Overflow in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "BufferOverflowinCookieviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/reports/view?q=519"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "696",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Buffer Overflow in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/reports/view?id=182"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 10:00 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?id=182 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 249.2706,
+ "StatusCode": 200
+ },
+ "LookupId": "eda913c6-8d71-521b-82b7-2977d2fef81d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in Multipart Data via POST Request issue.
Fix the Buffer Overflow in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "BufferOverflowinMultipartDataviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/reports/view?id=182"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "190",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Race Condition in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/auth/register.php"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 11:00 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 431.5875,
+ "StatusCode": 200
+ },
+ "LookupId": "d523aa8e-2ab2-5c8d-a8fd-3e2241c95882",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in POST Body via POST Request issue.
Fix the Race Condition in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "RaceConditioninPOSTBodyviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/auth/register.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "110",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/auth/login.php"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 06:00 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 59.6555,
+ "StatusCode": 200
+ },
+ "LookupId": "40ef99fb-d453-595a-b265-f13a00203f8d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in Form Field via POST Request issue.
Fix the Sensitive Data Exposure in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinFormFieldviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/auth/login.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "354",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "22"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Password Policy in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/blog/edit.php?sort=322"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 12:33 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php?sort=322 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 144.7889,
+ "StatusCode": 200
+ },
+ "LookupId": "16d833c0-438e-5e4d-b58b-bed03dd592d4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in Header via POST Request issue.
Fix the Weak Password Policy in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinHeaderviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/blog/edit.php?sort=322"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "16",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/reports/export"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 09:45 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 465.7613,
+ "StatusCode": 200
+ },
+ "LookupId": "be72c1d8-d4b5-5798-8a16-868b1487f353",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in POST Body via PUT Request issue.
Fix the Cookie Not Marked as Secure in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinPOSTBodyviaPUTRequest",
+ "Url": "http://api.testsparker.com/reports/export"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "602",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "46"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Deserialization in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v2/search?name=524"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 12:14 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?name=524 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 405.2854,
+ "StatusCode": 200
+ },
+ "LookupId": "43133050-3774-5ecb-912e-7b61d151a7c4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in File Name via POST Request issue.
Fix the Insecure Deserialization in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InsecureDeserializationinFileNameviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/api/v2/search?name=524"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "697",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XPath Injection in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/settings.php?q=759"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 06:14 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?q=759 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 374.6629,
+ "StatusCode": 200
+ },
+ "LookupId": "763575da-b4b1-5916-81d4-653fce47b7b3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in XML Input issue.
Fix the XPath Injection in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "XPathInjectioninXMLInput",
+ "Url": "http://api.testsparker.com/settings.php?q=759"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "105",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/blog/edit.php"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 10:50 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 30.1239,
+ "StatusCode": 200
+ },
+ "LookupId": "5be3c951-180c-5ea4-b2cb-385fd88440c1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in POST Body issue.
Fix the Server-Side Request Forgery in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinPOSTBody",
+ "Url": "http://blog.testsparker.com/blog/edit.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "237",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Mass Assignment vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/download.php"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 04:04 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 213.2853,
+ "StatusCode": 200
+ },
+ "LookupId": "65e09cea-9f13-5484-bc1f-a4b9d47d792a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment issue.
Fix the Mass Assignment vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "MassAssignment",
+ "Url": "https://shop.testsparker.com/download.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "130",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "15"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/help?filter=745"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 08:25 AM",
+ "HttpRequest": {
+ "Content": "GET /help?filter=745 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 455.5732,
+ "StatusCode": 200
+ },
+ "LookupId": "66f4d021-9112-5f33-af68-36afca61d104",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in Header via PUT Request issue.
Fix the HTTP Response Splitting in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginHeaderviaPUTRequest",
+ "Url": "http://admin.testsparker.com/help?filter=745"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "460",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/payment.php"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 09:59 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 460.9922,
+ "StatusCode": 200
+ },
+ "LookupId": "3bfe66ad-f72f-5ecd-bc46-d0f99d51c608",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in URL Path issue.
Fix the HTTP Response Splitting in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginURLPath",
+ "Url": "https://portal.testsparker.com/payment.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "600",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cross-site Scripting in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 07:03 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 173.5865,
+ "StatusCode": 200
+ },
+ "LookupId": "8a2d61df-2a9e-5c4c-81f2-60d47064d060",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in URL Path via POST Request issue.
Fix the Cross-site Scripting in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginURLPathviaPOSTRequest",
+ "Url": "http://api.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "313",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "40"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Password Policy in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 12:06 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 474.3192,
+ "StatusCode": 200
+ },
+ "LookupId": "7b98f85f-16a1-58ac-bd31-abfe6476ca28",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in POST Body issue.
Fix the Weak Password Policy in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinPOSTBody",
+ "Url": "http://blog.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "81",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Path Disclosure in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/reports/view?id=298"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 11:41 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?id=298 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 79.0227,
+ "StatusCode": 200
+ },
+ "LookupId": "d9a53753-df1e-541b-b914-d3db7b3ad530",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in File Name via POST Request issue.
Fix the Path Disclosure in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "PathDisclosureinFileNameviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/reports/view?id=298"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "591",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/admin/config"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 03:45 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/config HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 388.2509,
+ "StatusCode": 200
+ },
+ "LookupId": "41745b5e-f097-5306-9ee5-9f4240419d13",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in File Name via POST Request issue.
Fix the CORS Misconfiguration in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinFileNameviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/admin/config"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "524",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "11"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XML External Entity in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/api/v2/export?ref=650"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 07:02 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export?ref=650 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 386.4476,
+ "StatusCode": 200
+ },
+ "LookupId": "00c77b34-aaf5-5011-b01a-5db63cb582e9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in Query Parameter issue.
Fix the XML External Entity in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "XMLExternalEntityinQueryParameter",
+ "Url": "http://api.testsparker.com/api/v2/export?ref=650"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "348",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "24"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Directory Traversal in XML Input via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/files/list?q=459"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 03:39 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?q=459 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 157.0512,
+ "StatusCode": 200
+ },
+ "LookupId": "fe86838f-e4fb-5161-85c4-a8876ee84dd5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in XML Input via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in XML Input via PUT Request issue.
Fix the Directory Traversal in XML Input via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "DirectoryTraversalinXMLInputviaPUTRequest",
+ "Url": "https://shop.testsparker.com/files/list?q=459"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "100",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/download.php?name=274"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 10:26 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?name=274 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 131.6524,
+ "StatusCode": 200
+ },
+ "LookupId": "b9d80510-9bb7-5cd1-895f-38a073ebb55e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in Header issue.
Fix the File Upload Vulnerability in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinHeader",
+ "Url": "https://app2.testsparker.com/download.php?name=274"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "173",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "33"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cleartext Transmission in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/blog/edit.php"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 09:12 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 453.9021,
+ "StatusCode": 200
+ },
+ "LookupId": "e16b4f7d-5da0-59dd-9813-f2f5b566e3d7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in Cookie issue.
Fix the Cleartext Transmission in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CleartextTransmissioninCookie",
+ "Url": "https://app2.testsparker.com/blog/edit.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "165",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/products.php"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 11:36 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 319.2946,
+ "StatusCode": 200
+ },
+ "LookupId": "5f1deab5-9149-5130-88cc-271c16f7cdbe",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in Multipart Data via POST Request issue.
Fix the Cookie Not Marked as HttpOnly in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinMultipartDataviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/products.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "505",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/api/v2/webhook?q=309"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 02:02 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?q=309 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 108.061,
+ "StatusCode": 200
+ },
+ "LookupId": "4642b55c-3567-57ee-b4cf-4e220f0fac6d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in Query Parameter via PUT Request issue.
Fix the Cookie Not Marked as HttpOnly in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinQueryParameterviaPUTRequest",
+ "Url": "https://docs.testsparker.com/api/v2/webhook?q=309"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "205",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Email Header Injection vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/profile.php?name=392"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 04:14 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php?name=392 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 21.5956,
+ "StatusCode": 200
+ },
+ "LookupId": "68ce1951-c094-5a42-ba9f-02fa646adbbf",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection issue.
Fix the Email Header Injection vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "EmailHeaderInjection",
+ "Url": "https://portal.testsparker.com/profile.php?name=392"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "466",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "46"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/files/upload"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 04:10 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 323.6667,
+ "StatusCode": 200
+ },
+ "LookupId": "c2f009cd-95df-5f8b-bd87-448b48ea673a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in URL Path via POST Request issue.
Fix the Cookie Not Marked as Secure in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinURLPathviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/files/upload"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "515",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "11"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v1/orders?type=282"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 11:39 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders?type=282 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 363.1101,
+ "StatusCode": 200
+ },
+ "LookupId": "40ffbfb3-f7c5-5e94-a146-36e84b110e7e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in Header issue.
Fix the Missing X-Frame-Options in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinHeader",
+ "Url": "http://admin.testsparker.com/api/v1/orders?type=282"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "263",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Open Redirect in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/search?sort=215"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 07:28 AM",
+ "HttpRequest": {
+ "Content": "GET /search?sort=215 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 368.9664,
+ "StatusCode": 200
+ },
+ "LookupId": "e927599f-a46a-5d53-9e83-07c2504d5a30",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in XML Input issue.
Fix the Open Redirect in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "OpenRedirectinXMLInput",
+ "Url": "https://app2.testsparker.com/search?sort=215"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "207",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "11"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v2/webhook?name=336"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 04:59 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?name=336 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 460.7403,
+ "StatusCode": 200
+ },
+ "LookupId": "171d4e9a-ffcd-5ec7-a90c-51254fdc35b9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in URL Path via PUT Request issue.
Fix the Server-Side Request Forgery in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinURLPathviaPUTRequest",
+ "Url": "http://app1.testsparker.com/api/v2/webhook?name=336"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "350",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "33"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/files/upload"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 05:23 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 360.4479,
+ "StatusCode": 200
+ },
+ "LookupId": "430d5425-d2be-561d-9c3d-070596d2787f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in URL Path via POST Request issue.
Fix the Cookie Not Marked as Secure in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinURLPathviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/files/upload"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "312",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "27"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Session Fixation in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/auth/register.php?action=692"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 11:32 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?action=692 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 109.6939,
+ "StatusCode": 200
+ },
+ "LookupId": "391a46b2-ee41-5987-b2f8-51ce773f864e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in URL Path via POST Request issue.
Fix the Session Fixation in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "SessionFixationinURLPathviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/auth/register.php?action=692"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "508",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "46"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/reports/export?q=19"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 05:46 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export?q=19 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 341.3181,
+ "StatusCode": 200
+ },
+ "LookupId": "276fd856-0875-524d-b489-713fabc71b74",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in Multipart Data issue.
Fix the Unvalidated Redirect in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinMultipartData",
+ "Url": "https://shop.testsparker.com/reports/export?q=19"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "533",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v2/search?name=385"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 08:55 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?name=385 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 486.239,
+ "StatusCode": 200
+ },
+ "LookupId": "ca5f5cfc-d9e0-5c12-9b8f-c2c214542992",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in POST Body via PUT Request issue.
Fix the Insecure Direct Object Reference in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinPOSTBodyviaPUTRequest",
+ "Url": "https://app2.testsparker.com/api/v2/search?name=385"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "512",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "12"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/search?sort=364"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 04:14 AM",
+ "HttpRequest": {
+ "Content": "GET /search?sort=364 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 182.0883,
+ "StatusCode": 200
+ },
+ "LookupId": "a80cff07-64c8-5249-a7c7-9f9b2f8133af",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in JSON Payload via PUT Request issue.
Fix the Cookie Not Marked as HttpOnly in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinJSONPayloadviaPUTRequest",
+ "Url": "http://api.testsparker.com/search?sort=364"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "80",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/cart.php?page=134"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 04:06 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php?page=134 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 26.0684,
+ "StatusCode": 200
+ },
+ "LookupId": "e3948bdb-77eb-5d25-a09b-f1f938b55afa",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in Cookie via POST Request issue.
Fix the Sensitive Data Exposure in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinCookieviaPOSTRequest",
+ "Url": "http://api.testsparker.com/cart.php?page=134"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "508",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "29"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/auth/register.php?id=735"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 03:03 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?id=735 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 360.0145,
+ "StatusCode": 200
+ },
+ "LookupId": "bbccefd8-91e8-5733-b24b-7fd2e04bd53d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in URL Path via POST Request issue.
Fix the Missing X-Frame-Options in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinURLPathviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/auth/register.php?id=735"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "82",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "17"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Buffer Overflow in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/api/v2/webhook"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 03:35 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 470.7107,
+ "StatusCode": 200
+ },
+ "LookupId": "e954aca7-a4d1-5405-bf10-a5bf86ab77c5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in Cookie issue.
Fix the Buffer Overflow in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "BufferOverflowinCookie",
+ "Url": "https://docs.testsparker.com/api/v2/webhook"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "482",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Broken Authentication in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/admin/dashboard"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 11:44 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 16.4726,
+ "StatusCode": 200
+ },
+ "LookupId": "9bf6bbec-33d8-5c44-aaa4-c9d98683b7c7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in File Name via POST Request issue.
Fix the Broken Authentication in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinFileNameviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/admin/dashboard"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "605",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a LDAP Injection in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/files/list?name=123"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 06:12 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?name=123 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 175.9295,
+ "StatusCode": 200
+ },
+ "LookupId": "2efb51f8-1849-5c15-b284-706f05410675",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in Cookie via POST Request issue.
Fix the LDAP Injection in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "LDAPInjectioninCookieviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/files/list?name=123"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "212",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/settings.php"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 11:12 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 214.9822,
+ "StatusCode": 200
+ },
+ "LookupId": "1011f852-82a2-5ce2-a549-212f19fdc31a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in Header via POST Request issue.
Fix the Insecure HTTP Method in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinHeaderviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/settings.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "582",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "15"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v2/export?id=735"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 05:38 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export?id=735 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 113.9658,
+ "StatusCode": 200
+ },
+ "LookupId": "0ecf6ff4-194f-518b-8ffc-607960eda246",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in Multipart Data via POST Request issue.
Fix the File Upload Vulnerability in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinMultipartDataviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/api/v2/export?id=735"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "665",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/api/v1/products?page=142"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 12:48 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products?page=142 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 120.4642,
+ "StatusCode": 200
+ },
+ "LookupId": "0137c3af-fe44-569d-be68-c7ce24be27b6",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in POST Body via POST Request issue.
Fix the Insecure Direct Object Reference in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinPOSTBodyviaPOSTRequest",
+ "Url": "http://api.testsparker.com/api/v1/products?page=142"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "197",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CSRF in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/auth/reset.php?sort=877"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 10:50 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php?sort=877 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 388.841,
+ "StatusCode": 200
+ },
+ "LookupId": "259ee7e3-b521-506a-905b-08365547d8a9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in Form Field via POST Request issue.
Fix the CSRF in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CSRFinFormFieldviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/auth/reset.php?sort=877"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "122",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Remote Code Execution in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/admin/dashboard"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 12:38 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 477.7321,
+ "StatusCode": 200
+ },
+ "LookupId": "06573c45-749b-5ccf-b624-0835940bb29a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in Form Field via POST Request issue.
Fix the Remote Code Execution in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninFormFieldviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/admin/dashboard"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "158",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "24"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/settings.php?name=51"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 02:18 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?name=51 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 413.7097,
+ "StatusCode": 200
+ },
+ "LookupId": "72ef372f-1841-55dc-8453-0f579cf1ee06",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in XML Input issue.
Fix the Missing Content-Security-Policy in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinXMLInput",
+ "Url": "http://admin.testsparker.com/settings.php?name=51"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "162",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/admin/config"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 11:25 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/config HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 208.671,
+ "StatusCode": 200
+ },
+ "LookupId": "15597154-6743-5d7f-a035-444921754b05",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in File Name issue.
Fix the Insecure HTTP Method in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinFileName",
+ "Url": "https://portal.testsparker.com/admin/config"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "161",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "27"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Broken Authentication in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/products.php?name=161"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 10:30 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php?name=161 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 152.7171,
+ "StatusCode": 200
+ },
+ "LookupId": "bdd765b7-5252-5569-829e-2a1292633013",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in POST Body issue.
Fix the Broken Authentication in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinPOSTBody",
+ "Url": "https://portal.testsparker.com/products.php?name=161"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "695",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Directory Traversal in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/download.php?page=63"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 04:22 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?page=63 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 63.4901,
+ "StatusCode": 200
+ },
+ "LookupId": "c10646c9-5981-5a9c-b72c-87b4fea1b5b7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in POST Body via PUT Request issue.
Fix the Directory Traversal in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "DirectoryTraversalinPOSTBodyviaPUTRequest",
+ "Url": "https://docs.testsparker.com/download.php?page=63"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "680",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Broken Authentication in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/contact?ref=831"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 09:41 AM",
+ "HttpRequest": {
+ "Content": "GET /contact?ref=831 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 108.4567,
+ "StatusCode": 200
+ },
+ "LookupId": "e50350ad-ab7e-566b-b2ad-95e5f853b703",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in JSON Payload via PUT Request issue.
Fix the Broken Authentication in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinJSONPayloadviaPUTRequest",
+ "Url": "http://app1.testsparker.com/contact?ref=831"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "154",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "22"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Buffer Overflow in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/help?q=435"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 09:52 AM",
+ "HttpRequest": {
+ "Content": "GET /help?q=435 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 311.1149,
+ "StatusCode": 200
+ },
+ "LookupId": "465badee-5e19-513c-aeb6-58fecdb27c47",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in Cookie via PUT Request issue.
Fix the Buffer Overflow in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "BufferOverflowinCookieviaPUTRequest",
+ "Url": "https://shop.testsparker.com/help?q=435"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "104",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Email Header Injection in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/payment.php?ref=45"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 10:36 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php?ref=45 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 21.6023,
+ "StatusCode": 200
+ },
+ "LookupId": "d72f13ec-b3a3-500a-a22f-cf5abd10dd58",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in POST Body via POST Request issue.
Fix the Email Header Injection in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninPOSTBodyviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/payment.php?ref=45"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "269",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Integer Overflow in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/upload.php?filter=960"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 12:53 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php?filter=960 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 314.55,
+ "StatusCode": 200
+ },
+ "LookupId": "e8247f03-d102-5c27-93c4-4abb597eae2f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in Query Parameter via PUT Request issue.
Fix the Integer Overflow in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "IntegerOverflowinQueryParameterviaPUTRequest",
+ "Url": "http://app1.testsparker.com/upload.php?filter=960"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "299",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XPath Injection in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/auth/register.php"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 08:08 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 320.3347,
+ "StatusCode": 200
+ },
+ "LookupId": "e1ba683e-3058-52dc-afb8-a1f6fa2ff22a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in URL Path issue.
Fix the XPath Injection in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "XPathInjectioninURLPath",
+ "Url": "http://api.testsparker.com/auth/register.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "390",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Remote Code Execution vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/search?page=981"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 05:51 AM",
+ "HttpRequest": {
+ "Content": "GET /search?page=981 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 31.2907,
+ "StatusCode": 200
+ },
+ "LookupId": "371c2774-510b-5a57-9d3e-1f911024b381",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution issue.
Fix the Remote Code Execution vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "RemoteCodeExecution",
+ "Url": "http://blog.testsparker.com/search?page=981"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "609",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CSRF in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/settings.php?id=25"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 02:05 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?id=25 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 429.656,
+ "StatusCode": 200
+ },
+ "LookupId": "6f607fea-7872-5180-a3bc-0cbd4cbe0785",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in POST Body via POST Request issue.
Fix the CSRF in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CSRFinPOSTBodyviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/settings.php?id=25"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "55",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "46"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HSTS Missing in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/upload.php"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 05:08 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 286.8696,
+ "StatusCode": 200
+ },
+ "LookupId": "5fe2441a-2332-525c-9cba-0ce6b88c5cdb",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in Cookie via PUT Request issue.
Fix the HSTS Missing in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "HSTSMissinginCookieviaPUTRequest",
+ "Url": "https://portal.testsparker.com/upload.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "379",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a HSTS Missing in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/search"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 10:56 AM",
+ "HttpRequest": {
+ "Content": "GET /search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 222.5219,
+ "StatusCode": 200
+ },
+ "LookupId": "2f749a8e-a442-5985-bc19-7bff4965c12a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in JSON Payload via POST Request issue.
Fix the HSTS Missing in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "HSTSMissinginJSONPayloadviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/search"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "505",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a File Upload Vulnerability vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 01:30 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 97.0108,
+ "StatusCode": 200
+ },
+ "LookupId": "0e276e3a-bc52-588c-810b-dfc629844a36",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability issue.
Fix the File Upload Vulnerability vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "FileUploadVulnerability",
+ "Url": "https://app2.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "253",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Version Disclosure in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/files/download?action=677"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 03:24 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?action=677 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 358.7218,
+ "StatusCode": 200
+ },
+ "LookupId": "f9f5a377-e166-594d-b4f0-dba0e13dbc9a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in URL Path issue.
Fix the Version Disclosure in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "VersionDisclosureinURLPath",
+ "Url": "http://blog.testsparker.com/files/download?action=677"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "287",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/reports/view"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 01:57 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 68.8375,
+ "StatusCode": 200
+ },
+ "LookupId": "ddd96273-0d3a-5a4f-9110-333ae4b3c01b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in POST Body via PUT Request issue.
Fix the CORS Misconfiguration in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinPOSTBodyviaPUTRequest",
+ "Url": "http://api.testsparker.com/reports/view"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "504",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "36"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a SQL Injection in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/search?token=968"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 11:54 AM",
+ "HttpRequest": {
+ "Content": "GET /search?token=968 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 469.5343,
+ "StatusCode": 200
+ },
+ "LookupId": "3697e971-33ed-583c-83d0-b7b9bde13795",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in Query Parameter via PUT Request issue.
Fix the SQL Injection in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "SQLInjectioninQueryParameterviaPUTRequest",
+ "Url": "https://shop.testsparker.com/search?token=968"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "552",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/search?page=393"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 02:37 AM",
+ "HttpRequest": {
+ "Content": "GET /search?page=393 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 360.3113,
+ "StatusCode": 200
+ },
+ "LookupId": "73cdaae4-fe1c-5b17-8947-ec2a2f91b3ad",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in File Name via POST Request issue.
Fix the Missing Content-Security-Policy in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinFileNameviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/search?page=393"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "284",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Clickjacking in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/cart.php?name=368"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 06:02 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php?name=368 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 277.5528,
+ "StatusCode": 200
+ },
+ "LookupId": "c38b1180-0cc7-5bd3-a5aa-734e7757065a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in JSON Payload via POST Request issue.
Fix the Clickjacking in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "ClickjackinginJSONPayloadviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/cart.php?name=368"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "660",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a NoSQL Injection in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v2/export?token=743"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 10:25 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export?token=743 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 493.8864,
+ "StatusCode": 200
+ },
+ "LookupId": "132a6e83-53d2-521c-96e5-2a13f4874471",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in Cookie via POST Request issue.
Fix the NoSQL Injection in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "NoSQLInjectioninCookieviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/api/v2/export?token=743"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "176",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Session Fixation in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/blog/edit.php?name=226"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 10:18 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php?name=226 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 369.6023,
+ "StatusCode": 200
+ },
+ "LookupId": "df0df1bb-02ad-5d68-b9c2-424bd7a361e1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in Multipart Data via POST Request issue.
Fix the Session Fixation in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "SessionFixationinMultipartDataviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/blog/edit.php?name=226"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "95",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a NoSQL Injection in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/contact?token=941"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 12:48 AM",
+ "HttpRequest": {
+ "Content": "GET /contact?token=941 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 445.2843,
+ "StatusCode": 200
+ },
+ "LookupId": "7f45348a-a10a-5f70-aff4-becec39ef65c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in Query Parameter via PUT Request issue.
Fix the NoSQL Injection in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "NoSQLInjectioninQueryParameterviaPUTRequest",
+ "Url": "https://shop.testsparker.com/contact?token=941"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "323",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cleartext Transmission in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/download.php?filter=283"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 09:20 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?filter=283 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 103.2954,
+ "StatusCode": 200
+ },
+ "LookupId": "3b6ba67a-bfa7-50db-a6d9-cb2fc8c78f25",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in POST Body via PUT Request issue.
Fix the Cleartext Transmission in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CleartextTransmissioninPOSTBodyviaPUTRequest",
+ "Url": "https://app2.testsparker.com/download.php?filter=283"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "315",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "38"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/download.php?id=930"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 03:55 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?id=930 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 293.6152,
+ "StatusCode": 200
+ },
+ "LookupId": "d5e4bd4a-cb64-58a4-bcf8-743f162a0b60",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in Header issue.
Fix the HTTP Response Splitting in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginHeader",
+ "Url": "http://admin.testsparker.com/download.php?id=930"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "599",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/contact?page=478"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 11:38 AM",
+ "HttpRequest": {
+ "Content": "GET /contact?page=478 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 308.4346,
+ "StatusCode": 200
+ },
+ "LookupId": "e981c061-1b47-5387-8902-c1b760d3137d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in XML Input issue.
Fix the DNS Zone Transfer in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "DNSZoneTransferinXMLInput",
+ "Url": "http://blog.testsparker.com/contact?page=478"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "573",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cleartext Transmission in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/account/security?name=942"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 05:14 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?name=942 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 307.1181,
+ "StatusCode": 200
+ },
+ "LookupId": "7cff62f0-46b9-51e1-b093-062d0f3b3b22",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in File Name issue.
Fix the Cleartext Transmission in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CleartextTransmissioninFileName",
+ "Url": "https://portal.testsparker.com/account/security?name=942"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "697",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "46"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/auth/reset.php?action=253"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 11:47 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php?action=253 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 457.7307,
+ "StatusCode": 200
+ },
+ "LookupId": "de9312ed-b7c5-5d41-879a-4398c6f1891f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in JSON Payload via PUT Request issue.
Fix the Sensitive Data Exposure in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinJSONPayloadviaPUTRequest",
+ "Url": "http://blog.testsparker.com/auth/reset.php?action=253"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "584",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "38"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cleartext Transmission vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/users?name=692"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 02:26 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users?name=692 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 332.1129,
+ "StatusCode": 200
+ },
+ "LookupId": "e09d6825-1224-50ec-9238-ef237d9b552a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission issue.
Fix the Cleartext Transmission vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CleartextTransmission",
+ "Url": "https://app2.testsparker.com/admin/users?name=692"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "119",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/admin/logs?page=175"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 11:16 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?page=175 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 54.6571,
+ "StatusCode": 200
+ },
+ "LookupId": "f48ca79d-d99c-5a0d-a236-ce8ee0586326",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in XML Input issue.
Fix the Missing X-Frame-Options in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinXMLInput",
+ "Url": "https://docs.testsparker.com/admin/logs?page=175"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "132",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Broken Authentication in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/reports/view"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 07:26 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 489.9554,
+ "StatusCode": 200
+ },
+ "LookupId": "c0ec49f8-96b8-5402-8689-9cc6a187831e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in Form Field issue.
Fix the Broken Authentication in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinFormField",
+ "Url": "http://blog.testsparker.com/reports/view"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "627",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Remote Code Execution in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/files/download?id=623"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 02:28 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?id=623 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 233.8812,
+ "StatusCode": 200
+ },
+ "LookupId": "db99e377-a59b-53af-8581-521c804d4eb9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in Query Parameter issue.
Fix the Remote Code Execution in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninQueryParameter",
+ "Url": "https://portal.testsparker.com/files/download?id=623"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "579",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "46"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/payment.php?name=8"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 05:18 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php?name=8 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 291.3029,
+ "StatusCode": 200
+ },
+ "LookupId": "3dd16bc0-0208-5ce7-b993-f1c7d23ec1ef",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in Cookie issue.
Fix the File Upload Vulnerability in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinCookie",
+ "Url": "http://api.testsparker.com/payment.php?name=8"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "630",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/contact?page=960"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 02:38 AM",
+ "HttpRequest": {
+ "Content": "GET /contact?page=960 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 26.4524,
+ "StatusCode": 200
+ },
+ "LookupId": "9af361de-ac56-57e4-b7e4-5b134981862b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in URL Path issue.
Fix the Server-Side Request Forgery in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinURLPath",
+ "Url": "https://docs.testsparker.com/contact?page=960"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "467",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "24"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Version Disclosure in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/files/download?name=270"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 10:10 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?name=270 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 190.167,
+ "StatusCode": 200
+ },
+ "LookupId": "2cc29aea-38b0-5df3-ac12-8f110c9ecab1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in JSON Payload issue.
Fix the Version Disclosure in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "VersionDisclosureinJSONPayload",
+ "Url": "https://shop.testsparker.com/files/download?name=270"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "165",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Version Disclosure in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v1/orders?sort=972"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 10:04 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders?sort=972 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 58.5618,
+ "StatusCode": 200
+ },
+ "LookupId": "22035284-6d89-52b6-a326-21833a479898",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in Cookie via POST Request issue.
Fix the Version Disclosure in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "VersionDisclosureinCookieviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/api/v1/orders?sort=972"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "229",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "36"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cross-site Scripting in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/files/list?id=684"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 04:54 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?id=684 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 240.0914,
+ "StatusCode": 200
+ },
+ "LookupId": "a50f02e4-1fbe-5b8e-bcfd-3ed08d3fddc4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in Multipart Data via POST Request issue.
Fix the Cross-site Scripting in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginMultipartDataviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/files/list?id=684"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "573",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/reports/export?name=977"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 12:09 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export?name=977 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 41.2506,
+ "StatusCode": 200
+ },
+ "LookupId": "af26eb27-a2e2-5134-a95e-1d2f1e3af35b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in JSON Payload via PUT Request issue.
Fix the Server-Side Request Forgery in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinJSONPayloadviaPUTRequest",
+ "Url": "https://docs.testsparker.com/reports/export?name=977"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "103",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/auth/reset.php?action=740"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 07:04 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php?action=740 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 65.0812,
+ "StatusCode": 200
+ },
+ "LookupId": "81f7fb69-3fc7-5f48-a884-895242d04196",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in URL Path via PUT Request issue.
Fix the Missing X-Frame-Options in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinURLPathviaPUTRequest",
+ "Url": "http://blog.testsparker.com/auth/reset.php?action=740"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "165",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Session Fixation in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/contact"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 08:00 AM",
+ "HttpRequest": {
+ "Content": "GET /contact HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 248.2083,
+ "StatusCode": 200
+ },
+ "LookupId": "bbf10799-1a79-532d-ad07-3f1b2a6f4b98",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in Cookie via PUT Request issue.
Fix the Session Fixation in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "SessionFixationinCookieviaPUTRequest",
+ "Url": "https://app2.testsparker.com/contact"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "340",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/account/billing?token=744"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 03:01 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing?token=744 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 297.716,
+ "StatusCode": 200
+ },
+ "LookupId": "d7d19e03-c512-5495-b361-c85726327d07",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in File Name via POST Request issue.
Fix the Sensitive Data Exposure in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinFileNameviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/account/billing?token=744"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "428",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cleartext Transmission in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/admin/logs"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 03:59 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 18.5159,
+ "StatusCode": 200
+ },
+ "LookupId": "f63b3293-1c92-5c32-8926-62f552109fee",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in Cookie via POST Request issue.
Fix the Cleartext Transmission in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CleartextTransmissioninCookieviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/admin/logs"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "69",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/auth/register.php?action=695"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 07:36 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?action=695 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 25.8688,
+ "StatusCode": 200
+ },
+ "LookupId": "38048a0f-7ecc-5a08-99cb-875aa225cd65",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in Header issue.
Fix the Server-Side Request Forgery in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinHeader",
+ "Url": "http://api.testsparker.com/auth/register.php?action=695"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "402",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/reports/view?page=148"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 06:29 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?page=148 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 248.8783,
+ "StatusCode": 200
+ },
+ "LookupId": "2e01a63f-04b1-557e-af39-ab6f987d28c6",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in Query Parameter issue.
Fix the DNS Zone Transfer in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "DNSZoneTransferinQueryParameter",
+ "Url": "https://docs.testsparker.com/reports/view?page=148"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "543",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "27"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Session Fixation in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/reports/view"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 03:08 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 496.2504,
+ "StatusCode": 200
+ },
+ "LookupId": "9615d6d0-9a3e-53e1-adac-2f3d3d703ab2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in XML Input issue.
Fix the Session Fixation in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "SessionFixationinXMLInput",
+ "Url": "https://app2.testsparker.com/reports/view"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "85",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/dashboard?action=446"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 02:28 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?action=446 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 393.9883,
+ "StatusCode": 200
+ },
+ "LookupId": "f7956f84-4aa2-571b-b4ff-3faf47ebf877",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in File Name issue.
Fix the File Upload Vulnerability in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinFileName",
+ "Url": "https://app2.testsparker.com/admin/dashboard?action=446"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "576",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "33"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CSRF in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/api/v2/export"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 11:07 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 436.726,
+ "StatusCode": 200
+ },
+ "LookupId": "9662c6a8-0254-5f30-a18d-f1df6937ed3c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in URL Path via POST Request issue.
Fix the CSRF in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CSRFinURLPathviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/api/v2/export"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "663",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "2"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Deserialization in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/reports/view"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 03:36 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 300.2504,
+ "StatusCode": 200
+ },
+ "LookupId": "59981ef8-7a2e-5dcf-ac8a-c0aff34bd7e4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in File Name issue.
Fix the Insecure Deserialization in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InsecureDeserializationinFileName",
+ "Url": "https://app2.testsparker.com/reports/view"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "630",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Broken Authentication in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/cart.php"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 03:46 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 333.091,
+ "StatusCode": 200
+ },
+ "LookupId": "32c67c49-a3c9-5ad7-a41d-793e26171a7c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in URL Path via PUT Request issue.
Fix the Broken Authentication in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinURLPathviaPUTRequest",
+ "Url": "http://api.testsparker.com/cart.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "475",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "15"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Session Fixation in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/files/download"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 09:40 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 327.1404,
+ "StatusCode": 200
+ },
+ "LookupId": "d6c2248f-bfc8-5d44-a891-2dcba29eb16e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in Header via POST Request issue.
Fix the Session Fixation in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "SessionFixationinHeaderviaPOSTRequest",
+ "Url": "http://api.testsparker.com/files/download"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "268",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "27"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/checkout.php?name=675"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 09:21 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php?name=675 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 369.9285,
+ "StatusCode": 200
+ },
+ "LookupId": "e306c7b4-8119-55dd-9851-2d4ee72a7e6d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in Multipart Data issue.
Fix the Missing X-Frame-Options in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinMultipartData",
+ "Url": "https://shop.testsparker.com/checkout.php?name=675"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "687",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Open Redirect in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v1/users"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 01:05 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 36.7994,
+ "StatusCode": 200
+ },
+ "LookupId": "8b77ef97-0ef3-57e4-9895-eb98e9f4a157",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in Query Parameter via PUT Request issue.
Fix the Open Redirect in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "OpenRedirectinQueryParameterviaPUTRequest",
+ "Url": "http://admin.testsparker.com/api/v1/users"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "387",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v2/webhook?page=300"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 02:20 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?page=300 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 285.014,
+ "StatusCode": 200
+ },
+ "LookupId": "237590c5-c0be-50e9-81f3-4482950345ed",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in JSON Payload via PUT Request issue.
Fix the File Upload Vulnerability in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinJSONPayloadviaPUTRequest",
+ "Url": "https://shop.testsparker.com/api/v2/webhook?page=300"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "53",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/admin/dashboard"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 02:00 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 327.8363,
+ "StatusCode": 200
+ },
+ "LookupId": "e2561d6f-4a3c-5218-843f-e94d849456ba",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in Form Field via POST Request issue.
Fix the Insecure Direct Object Reference in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinFormFieldviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/admin/dashboard"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "465",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/api/v1/products?ref=303"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 03:56 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products?ref=303 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 19.1727,
+ "StatusCode": 200
+ },
+ "LookupId": "07f55ae8-9809-55e2-a602-ed57bd50d450",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in Multipart Data issue.
Fix the Missing Content-Security-Policy in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinMultipartData",
+ "Url": "http://api.testsparker.com/api/v1/products?ref=303"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "654",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "2"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Email Header Injection in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/help?ref=528"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 01:51 AM",
+ "HttpRequest": {
+ "Content": "GET /help?ref=528 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 370.5484,
+ "StatusCode": 200
+ },
+ "LookupId": "daa553d2-b7c8-5267-b6c4-e04b226fe722",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in XML Input via POST Request issue.
Fix the Email Header Injection in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninXMLInputviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/help?ref=528"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "494",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/account/security?id=715"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 03:16 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?id=715 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 243.7992,
+ "StatusCode": 200
+ },
+ "LookupId": "0443af1a-11ea-556a-83ca-26e0c63a48a2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in File Name issue.
Fix the Missing Content-Security-Policy in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinFileName",
+ "Url": "http://blog.testsparker.com/account/security?id=715"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "53",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 02:12 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 404.2788,
+ "StatusCode": 200
+ },
+ "LookupId": "e78b3eba-19ce-5b6a-af80-7be498822c51",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in URL Path issue.
Fix the Cookie Not Marked as HttpOnly in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinURLPath",
+ "Url": "https://app2.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "577",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Remote Code Execution in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/auth/register.php"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 08:02 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 54.2261,
+ "StatusCode": 200
+ },
+ "LookupId": "39ee0bc0-3228-5880-b449-69a7ae662e6c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in XML Input issue.
Fix the Remote Code Execution in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninXMLInput",
+ "Url": "https://shop.testsparker.com/auth/register.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "560",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "44"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/download.php"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 08:12 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 479.0953,
+ "StatusCode": 200
+ },
+ "LookupId": "287d7c80-8d93-52d9-8bce-6126c2699350",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in Header issue.
Fix the DNS Zone Transfer in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "DNSZoneTransferinHeader",
+ "Url": "http://blog.testsparker.com/download.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "591",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "36"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Directory Traversal in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/cart.php"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 11:26 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 445.6789,
+ "StatusCode": 200
+ },
+ "LookupId": "5319ead3-f30b-5314-8041-d318e422742b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in URL Path via POST Request issue.
Fix the Directory Traversal in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "DirectoryTraversalinURLPathviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/cart.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "150",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "3"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Information Disclosure in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/settings.php"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 07:17 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 237.6085,
+ "StatusCode": 200
+ },
+ "LookupId": "d68679e9-ed59-5adc-904c-6bd92bb626a0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in POST Body via PUT Request issue.
Fix the Information Disclosure in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "InformationDisclosureinPOSTBodyviaPUTRequest",
+ "Url": "http://blog.testsparker.com/settings.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "364",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "12"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cross-site Scripting in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v1/users"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 06:51 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 371.6715,
+ "StatusCode": 200
+ },
+ "LookupId": "00c28ed4-2fd6-5e7e-ac6a-72c4b8253c00",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in XML Input issue.
Fix the Cross-site Scripting in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginXMLInput",
+ "Url": "http://admin.testsparker.com/api/v1/users"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "56",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "17"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a NoSQL Injection in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 04:58 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 136.7375,
+ "StatusCode": 200
+ },
+ "LookupId": "dcbda2fc-e84a-5503-9f33-13caa54dc60f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in Form Field issue.
Fix the NoSQL Injection in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "NoSQLInjectioninFormField",
+ "Url": "http://app1.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "650",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Clickjacking in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/help"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 03:43 AM",
+ "HttpRequest": {
+ "Content": "GET /help HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 145.3925,
+ "StatusCode": 200
+ },
+ "LookupId": "1a9845a2-6fae-52ed-9903-ba6c73fbfc8a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in Cookie via PUT Request issue.
Fix the Clickjacking in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "ClickjackinginCookieviaPUTRequest",
+ "Url": "http://admin.testsparker.com/help"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "173",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Password Policy in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/search?token=48"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 06:25 AM",
+ "HttpRequest": {
+ "Content": "GET /search?token=48 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 144.3295,
+ "StatusCode": 200
+ },
+ "LookupId": "11f712c2-8666-5ef6-b099-6979000b3518",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in Form Field issue.
Fix the Weak Password Policy in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinFormField",
+ "Url": "https://portal.testsparker.com/search?token=48"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "571",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a LDAP Injection in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/auth/register.php"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 02:43 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 41.9144,
+ "StatusCode": 200
+ },
+ "LookupId": "a8c51837-730a-524f-86d2-a4d024d73568",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in JSON Payload via PUT Request issue.
Fix the LDAP Injection in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "LDAPInjectioninJSONPayloadviaPUTRequest",
+ "Url": "https://docs.testsparker.com/auth/register.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "495",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/reports/view?token=96"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 01:31 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?token=96 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 366.5032,
+ "StatusCode": 200
+ },
+ "LookupId": "e27268a9-a05c-5412-9387-f452dac688a0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in POST Body via PUT Request issue.
Fix the Unvalidated Redirect in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinPOSTBodyviaPUTRequest",
+ "Url": "http://admin.testsparker.com/reports/view?token=96"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "241",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XML External Entity in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/contact?token=784"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 10:54 AM",
+ "HttpRequest": {
+ "Content": "GET /contact?token=784 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 70.5121,
+ "StatusCode": 200
+ },
+ "LookupId": "ce5685f3-dda4-5749-a4d2-052fceb836f4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in Header via PUT Request issue.
Fix the XML External Entity in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "XMLExternalEntityinHeaderviaPUTRequest",
+ "Url": "http://api.testsparker.com/contact?token=784"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "549",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Information Disclosure in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/files/upload?q=437"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 05:43 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload?q=437 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 204.7525,
+ "StatusCode": 200
+ },
+ "LookupId": "58789d7b-e34e-58bd-9333-98597e6a45a0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in File Name issue.
Fix the Information Disclosure in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InformationDisclosureinFileName",
+ "Url": "https://shop.testsparker.com/files/upload?q=437"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "599",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a HSTS Missing in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v2/webhook"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 01:54 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 369.11,
+ "StatusCode": 200
+ },
+ "LookupId": "e97e1b97-36f9-5b73-9787-fb2945151915",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in Query Parameter via PUT Request issue.
Fix the HSTS Missing in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "HSTSMissinginQueryParameterviaPUTRequest",
+ "Url": "http://admin.testsparker.com/api/v2/webhook"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "232",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Integer Overflow in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/reports/generate?type=840"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 08:54 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?type=840 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 368.1476,
+ "StatusCode": 200
+ },
+ "LookupId": "24e5c295-53fd-5ab3-8898-bdb6edb4a905",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in Query Parameter issue.
Fix the Integer Overflow in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "IntegerOverflowinQueryParameter",
+ "Url": "http://api.testsparker.com/reports/generate?type=840"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "69",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Version Disclosure in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v1/products"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 12:16 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 478.1054,
+ "StatusCode": 200
+ },
+ "LookupId": "7ec89fdd-3db5-5010-8175-b9bc0086b4ba",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in JSON Payload via PUT Request issue.
Fix the Version Disclosure in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "VersionDisclosureinJSONPayloadviaPUTRequest",
+ "Url": "https://portal.testsparker.com/api/v1/products"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "361",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Path Disclosure in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/reports/view?sort=816"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 08:02 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?sort=816 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 37.8761,
+ "StatusCode": 200
+ },
+ "LookupId": "60146309-1940-5039-8717-e0975be14eee",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in Cookie issue.
Fix the Path Disclosure in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "PathDisclosureinCookie",
+ "Url": "https://app2.testsparker.com/reports/view?sort=816"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "189",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Password Policy in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/reports/generate?filter=174"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 01:53 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?filter=174 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 424.8817,
+ "StatusCode": 200
+ },
+ "LookupId": "5f75eb13-8fea-5bb3-8150-2034dec4f88d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in URL Path issue.
Fix the Weak Password Policy in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinURLPath",
+ "Url": "https://docs.testsparker.com/reports/generate?filter=174"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "211",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "3"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Cryptography in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/account/security?filter=147"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 12:55 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?filter=147 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 265.949,
+ "StatusCode": 200
+ },
+ "LookupId": "f137613b-e570-5f8e-a8d5-bc74569f38b0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in Query Parameter issue.
Fix the Weak Cryptography in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "WeakCryptographyinQueryParameter",
+ "Url": "https://docs.testsparker.com/account/security?filter=147"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "373",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Mass Assignment in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/products.php?page=996"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 02:44 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php?page=996 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 254.574,
+ "StatusCode": 200
+ },
+ "LookupId": "2e064da8-3f19-5584-9f8a-d79a9ef627c5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in File Name via POST Request issue.
Fix the Mass Assignment in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "MassAssignmentinFileNameviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/products.php?page=996"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "121",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/admin/logs?action=774"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 04:13 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?action=774 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 303.0843,
+ "StatusCode": 200
+ },
+ "LookupId": "82122755-0c65-5da1-9201-d325286a20ba",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in Header via PUT Request issue.
Fix the DNS Zone Transfer in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "DNSZoneTransferinHeaderviaPUTRequest",
+ "Url": "https://docs.testsparker.com/admin/logs?action=774"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "498",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v2/search?filter=568"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 07:14 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?filter=568 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 128.592,
+ "StatusCode": 200
+ },
+ "LookupId": "ef692910-457a-57e5-a9ff-c1731a57b285",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in URL Path issue.
Fix the CORS Misconfiguration in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinURLPath",
+ "Url": "http://blog.testsparker.com/api/v2/search?filter=568"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "22",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "34"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Broken Authentication in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/contact?ref=831"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 09:06 AM",
+ "HttpRequest": {
+ "Content": "GET /contact?ref=831 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 215.126,
+ "StatusCode": 200
+ },
+ "LookupId": "63479134-bc9d-5a91-ab7d-09f4811906be",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in JSON Payload via PUT Request issue.
Fix the Broken Authentication in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinJSONPayloadviaPUTRequest",
+ "Url": "http://app1.testsparker.com/contact?ref=831"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "148",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "17"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a NoSQL Injection in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/blog/post.php?name=102"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 05:26 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php?name=102 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 342.5182,
+ "StatusCode": 200
+ },
+ "LookupId": "364acc80-5bfe-50f9-9be8-12cf3f5e3199",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in URL Path via POST Request issue.
Fix the NoSQL Injection in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "NoSQLInjectioninURLPathviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/blog/post.php?name=102"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "418",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "44"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v2/search?name=805"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 12:49 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?name=805 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 422.5017,
+ "StatusCode": 200
+ },
+ "LookupId": "b5f3743c-608b-5ca2-b51f-b631368236cf",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in XML Input issue.
Fix the Insecure HTTP Method in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinXMLInput",
+ "Url": "https://app2.testsparker.com/api/v2/search?name=805"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "512",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "40"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Cryptography in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/auth/login.php"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 08:38 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 110.6801,
+ "StatusCode": 200
+ },
+ "LookupId": "24b3c034-c968-57bc-8d67-b1c7383bad53",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in Form Field via POST Request issue.
Fix the Weak Cryptography in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "WeakCryptographyinFormFieldviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/auth/login.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "305",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "3"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Integer Overflow in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/profile.php?filter=428"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 12:02 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php?filter=428 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 270.3216,
+ "StatusCode": 200
+ },
+ "LookupId": "d1badb20-6d09-58d6-b5b3-9b53cc28a387",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in Cookie via PUT Request issue.
Fix the Integer Overflow in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "IntegerOverflowinCookieviaPUTRequest",
+ "Url": "http://app1.testsparker.com/profile.php?filter=428"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "151",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/upload.php?ref=690"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 11:14 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php?ref=690 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 23.7223,
+ "StatusCode": 200
+ },
+ "LookupId": "2dfea1af-ef77-56af-9141-8a1385a7716a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in Header via PUT Request issue.
Fix the Insecure HTTP Method in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinHeaderviaPUTRequest",
+ "Url": "http://api.testsparker.com/upload.php?ref=690"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "696",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "22"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a LDAP Injection vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/blog/edit.php?name=991"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 05:11 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php?name=991 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 294.489,
+ "StatusCode": 200
+ },
+ "LookupId": "40e4988b-28b8-5876-993e-4e06e70e9028",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection issue.
Fix the LDAP Injection vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "LDAPInjection",
+ "Url": "https://portal.testsparker.com/blog/edit.php?name=991"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "145",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/admin/config?sort=621"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 10:57 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/config?sort=621 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 29.4751,
+ "StatusCode": 200
+ },
+ "LookupId": "f0288d6e-3900-565a-aefd-6146efc5e1ff",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in POST Body via PUT Request issue.
Fix the File Upload Vulnerability in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinPOSTBodyviaPUTRequest",
+ "Url": "https://portal.testsparker.com/admin/config?sort=621"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "334",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a NoSQL Injection in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/settings.php"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 02:59 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 286.2867,
+ "StatusCode": 200
+ },
+ "LookupId": "809abdf8-2639-5215-a169-30338bb4b64b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in URL Path issue.
Fix the NoSQL Injection in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "NoSQLInjectioninURLPath",
+ "Url": "https://shop.testsparker.com/settings.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "443",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "40"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Race Condition in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/upload.php?name=851"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 06:40 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php?name=851 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 138.0667,
+ "StatusCode": 200
+ },
+ "LookupId": "057c3ddb-e667-5e2f-b47d-54edc27b46f5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in URL Path via POST Request issue.
Fix the Race Condition in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "RaceConditioninURLPathviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/upload.php?name=851"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "632",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/files/list?ref=764"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 01:02 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?ref=764 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 158.426,
+ "StatusCode": 200
+ },
+ "LookupId": "d2cb3a10-71b4-5ac5-8492-8dd7cd9ac5ce",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in Form Field issue.
Fix the Cookie Not Marked as Secure in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinFormField",
+ "Url": "https://docs.testsparker.com/files/list?ref=764"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "667",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "29"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HSTS Missing in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/payment.php"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 12:00 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 232.0421,
+ "StatusCode": 200
+ },
+ "LookupId": "58e7b5cd-09f8-5f88-8315-27da20482985",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in URL Path via POST Request issue.
Fix the HSTS Missing in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "HSTSMissinginURLPathviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/payment.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "317",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v1/users?token=119"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 01:45 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users?token=119 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 77.2338,
+ "StatusCode": 200
+ },
+ "LookupId": "f5e69e9c-299a-5732-afb2-dbd1e38d9904",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in JSON Payload issue.
Fix the Sensitive Data Exposure in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinJSONPayload",
+ "Url": "https://portal.testsparker.com/api/v1/users?token=119"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "24",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/products.php?page=480"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 11:31 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php?page=480 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 223.9586,
+ "StatusCode": 200
+ },
+ "LookupId": "fa4a0346-5ad9-5689-9f52-dc4aaf7764a8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in Multipart Data via POST Request issue.
Fix the DNS Zone Transfer in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "DNSZoneTransferinMultipartDataviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/products.php?page=480"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "490",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Password Policy in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/download.php"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 04:32 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 73.6057,
+ "StatusCode": 200
+ },
+ "LookupId": "2b990ddd-0ff0-5496-b319-4fa3d945dc9a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in URL Path via PUT Request issue.
Fix the Weak Password Policy in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinURLPathviaPUTRequest",
+ "Url": "http://api.testsparker.com/download.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "321",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "44"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XML External Entity in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/admin/users?token=99"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 06:27 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users?token=99 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 238.6108,
+ "StatusCode": 200
+ },
+ "LookupId": "6fa22583-4fef-5dc7-97c6-fcca5aa4784e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in Query Parameter via PUT Request issue.
Fix the XML External Entity in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "XMLExternalEntityinQueryParameterviaPUTRequest",
+ "Url": "https://docs.testsparker.com/admin/users?token=99"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "670",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Remote Code Execution in XML Input via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v2/export"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 04:50 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 492.4533,
+ "StatusCode": 200
+ },
+ "LookupId": "40e51e29-1fdf-59b7-94b5-538f06fd86f7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in XML Input via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in XML Input via PUT Request issue.
Fix the Remote Code Execution in XML Input via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninXMLInputviaPUTRequest",
+ "Url": "https://portal.testsparker.com/api/v2/export"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "172",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Directory Traversal in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/files/upload"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 04:18 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 26.0206,
+ "StatusCode": 200
+ },
+ "LookupId": "7f0c0f9b-dc5b-5f77-ae24-0cbe4a409ea5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in JSON Payload issue.
Fix the Directory Traversal in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "DirectoryTraversalinJSONPayload",
+ "Url": "https://docs.testsparker.com/files/upload"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "158",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/reports/view?sort=281"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 06:07 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?sort=281 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 160.9236,
+ "StatusCode": 200
+ },
+ "LookupId": "d840fffc-cb06-56bc-a44f-2d628c9bf23f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in Cookie via PUT Request issue.
Fix the Missing Content-Security-Policy in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinCookieviaPUTRequest",
+ "Url": "http://admin.testsparker.com/reports/view?sort=281"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "474",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "17"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/reports/export"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 12:32 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 57.0989,
+ "StatusCode": 200
+ },
+ "LookupId": "355dc89b-c257-58f6-bd9a-13f09f283992",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in URL Path via POST Request issue.
Fix the Sensitive Data Exposure in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinURLPathviaPOSTRequest",
+ "Url": "http://api.testsparker.com/reports/export"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "162",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Email Header Injection in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/payment.php?ref=45"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 04:46 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php?ref=45 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 227.9622,
+ "StatusCode": 200
+ },
+ "LookupId": "63654afb-ff81-5643-97ce-d38750096e6a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in POST Body via POST Request issue.
Fix the Email Header Injection in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninPOSTBodyviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/payment.php?ref=45"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "149",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cross-site Scripting in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/auth/register.php?page=252"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 10:30 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?page=252 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 420.5861,
+ "StatusCode": 200
+ },
+ "LookupId": "d65f91c7-e798-55f2-8019-578b98691e81",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in JSON Payload via PUT Request issue.
Fix the Cross-site Scripting in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginJSONPayloadviaPUTRequest",
+ "Url": "http://admin.testsparker.com/auth/register.php?page=252"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "416",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/reports/generate?page=308"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 11:00 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?page=308 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 354.3941,
+ "StatusCode": 200
+ },
+ "LookupId": "f1f2ba8d-2646-55ee-a42a-b2d9ead695d3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in URL Path issue.
Fix the Insecure HTTP Method in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinURLPath",
+ "Url": "http://blog.testsparker.com/reports/generate?page=308"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "354",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a SQL Injection in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/profile.php?token=284"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 12:34 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php?token=284 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 342.3711,
+ "StatusCode": 200
+ },
+ "LookupId": "66e93bf1-acdc-5ad4-ac01-3bef3a8e4c1a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in Cookie via POST Request issue.
Fix the SQL Injection in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "SQLInjectioninCookieviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/profile.php?token=284"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "409",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 01:13 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 287.7957,
+ "StatusCode": 200
+ },
+ "LookupId": "556364db-a557-52e7-baf0-d018b851758e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in URL Path via PUT Request issue.
Fix the Unvalidated Redirect in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinURLPathviaPUTRequest",
+ "Url": "https://shop.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "384",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Information Disclosure in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/upload.php?q=108"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 10:58 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php?q=108 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 244.4353,
+ "StatusCode": 200
+ },
+ "LookupId": "3aedac2a-9c91-51f1-b95e-e69a8212bae1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in JSON Payload via POST Request issue.
Fix the Information Disclosure in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InformationDisclosureinJSONPayloadviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/upload.php?q=108"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "189",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/blog/post.php"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 02:40 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 232.1874,
+ "StatusCode": 200
+ },
+ "LookupId": "0b5464b5-7790-509a-882b-f7b555844e07",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in POST Body via POST Request issue.
Fix the Cookie Not Marked as HttpOnly in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinPOSTBodyviaPOSTRequest",
+ "Url": "http://api.testsparker.com/blog/post.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "375",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Password Policy in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/reports/view"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 01:36 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 417.2233,
+ "StatusCode": 200
+ },
+ "LookupId": "55231433-debd-589f-ae80-f3e9d32f9090",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in File Name via POST Request issue.
Fix the Weak Password Policy in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinFileNameviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/reports/view"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "395",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v2/search?filter=568"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 02:46 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?filter=568 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 451.5567,
+ "StatusCode": 200
+ },
+ "LookupId": "58a54532-5f30-56f2-b1ee-a05ec6756702",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in URL Path issue.
Fix the CORS Misconfiguration in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinURLPath",
+ "Url": "http://blog.testsparker.com/api/v2/search?filter=568"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "257",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CSRF in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/admin/dashboard"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 06:11 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 22.3948,
+ "StatusCode": 200
+ },
+ "LookupId": "0e501ad3-5c26-5e2d-882d-3d6f595fbf13",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in Cookie via PUT Request issue.
Fix the CSRF in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CSRFinCookieviaPUTRequest",
+ "Url": "http://admin.testsparker.com/admin/dashboard"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "655",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Broken Authentication in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/reports/generate?sort=976"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 04:13 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?sort=976 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 485.1686,
+ "StatusCode": 200
+ },
+ "LookupId": "d1047455-29c3-538e-b8cc-eafc8999f310",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in Form Field via POST Request issue.
Fix the Broken Authentication in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinFormFieldviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/reports/generate?sort=976"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "88",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Information Disclosure in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/reports/export?id=156"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 10:50 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export?id=156 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 313.025,
+ "StatusCode": 200
+ },
+ "LookupId": "757d1a3a-3dac-584c-a6a5-8901fd703c1c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in POST Body issue.
Fix the Information Disclosure in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "InformationDisclosureinPOSTBody",
+ "Url": "http://blog.testsparker.com/reports/export?id=156"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "276",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cleartext Transmission in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/download.php?filter=283"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 02:37 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?filter=283 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 11.9646,
+ "StatusCode": 200
+ },
+ "LookupId": "6fc2518f-31d8-5619-871d-c6d508e2e264",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in POST Body via PUT Request issue.
Fix the Cleartext Transmission in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CleartextTransmissioninPOSTBodyviaPUTRequest",
+ "Url": "https://app2.testsparker.com/download.php?filter=283"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "474",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "36"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Version Disclosure in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v1/products"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 10:41 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 102.2373,
+ "StatusCode": 200
+ },
+ "LookupId": "3b29e468-9832-5e36-bf46-377216379cad",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in Cookie issue.
Fix the Version Disclosure in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "VersionDisclosureinCookie",
+ "Url": "http://admin.testsparker.com/api/v1/products"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "583",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "3"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/reports/view"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 05:25 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 210.4263,
+ "StatusCode": 200
+ },
+ "LookupId": "e7aadd9d-d12f-5428-ad99-043bf17d3a09",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in File Name via POST Request issue.
Fix the DNS Zone Transfer in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "DNSZoneTransferinFileNameviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/reports/view"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "2",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XML External Entity in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/upload.php"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 10:02 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 99.2201,
+ "StatusCode": 200
+ },
+ "LookupId": "6496c85b-bd20-5ea6-a2cb-936d648b7d10",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in XML Input issue.
Fix the XML External Entity in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "XMLExternalEntityinXMLInput",
+ "Url": "http://blog.testsparker.com/upload.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "694",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "12"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Deserialization in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v1/users"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 02:21 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 221.004,
+ "StatusCode": 200
+ },
+ "LookupId": "2bcd4529-9415-58fc-bfaf-a043a98e76cb",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in URL Path via POST Request issue.
Fix the Insecure Deserialization in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureDeserializationinURLPathviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/api/v1/users"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "298",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Session Fixation in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/files/download"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 12:37 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 469.2332,
+ "StatusCode": 200
+ },
+ "LookupId": "8f8d8282-b602-5456-9f68-c5b5d3c3bff1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in XML Input via POST Request issue.
Fix the Session Fixation in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "SessionFixationinXMLInputviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/files/download"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "576",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "29"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Integer Overflow in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/admin/dashboard"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 10:34 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 383.7657,
+ "StatusCode": 200
+ },
+ "LookupId": "af02f7f4-85b9-5f60-b8c9-13990ca404cb",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in Header via PUT Request issue.
Fix the Integer Overflow in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "IntegerOverflowinHeaderviaPUTRequest",
+ "Url": "http://blog.testsparker.com/admin/dashboard"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "291",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XPath Injection in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/auth/register.php?type=45"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 08:41 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?type=45 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 473.1365,
+ "StatusCode": 200
+ },
+ "LookupId": "d3fd0b45-bfe7-59fa-a458-60484a9adc50",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in Multipart Data issue.
Fix the XPath Injection in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "XPathInjectioninMultipartData",
+ "Url": "http://api.testsparker.com/auth/register.php?type=45"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "184",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "46"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Version Disclosure in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/auth/register.php"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 12:51 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 398.198,
+ "StatusCode": 200
+ },
+ "LookupId": "d4164883-5ebc-5c91-99f5-9fbd088ec823",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in POST Body via POST Request issue.
Fix the Version Disclosure in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "VersionDisclosureinPOSTBodyviaPOSTRequest",
+ "Url": "http://api.testsparker.com/auth/register.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "117",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/files/upload?filter=849"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 03:35 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload?filter=849 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 301.497,
+ "StatusCode": 200
+ },
+ "LookupId": "d5e37daa-2842-53fd-b6ad-01e8bb7bca61",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in File Name via POST Request issue.
Fix the Insecure Direct Object Reference in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinFileNameviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/files/upload?filter=849"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "66",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "38"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/users?id=404"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 04:42 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users?id=404 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 449.8251,
+ "StatusCode": 200
+ },
+ "LookupId": "96fef02c-3acf-51b3-8e92-0bd7db4494b5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in Form Field via POST Request issue.
Fix the Server-Side Request Forgery in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinFormFieldviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/admin/users?id=404"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "458",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Buffer Overflow in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v2/search?action=999"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 05:21 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?action=999 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 80.4479,
+ "StatusCode": 200
+ },
+ "LookupId": "fabf5ffc-9a4e-54a6-98b1-3ba4c2669a34",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in POST Body via PUT Request issue.
Fix the Buffer Overflow in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "BufferOverflowinPOSTBodyviaPUTRequest",
+ "Url": "https://shop.testsparker.com/api/v2/search?action=999"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "323",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/users?action=489"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 06:57 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users?action=489 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 233.056,
+ "StatusCode": 200
+ },
+ "LookupId": "33b3c45a-7229-51d7-a957-58c379383810",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in Multipart Data via POST Request issue.
Fix the Unvalidated Redirect in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinMultipartDataviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/admin/users?action=489"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "394",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "3"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Race Condition in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v1/users?action=394"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 07:11 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users?action=394 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 333.3636,
+ "StatusCode": 200
+ },
+ "LookupId": "60522ae6-e1a8-5676-984b-2f5c2573c1cf",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in Query Parameter via PUT Request issue.
Fix the Race Condition in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "RaceConditioninQueryParameterviaPUTRequest",
+ "Url": "https://app2.testsparker.com/api/v1/users?action=394"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "580",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Directory Traversal in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/products.php"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 04:23 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 236.6185,
+ "StatusCode": 200
+ },
+ "LookupId": "4eb994b1-d64a-591b-a8d3-b3dce905e062",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in Header via POST Request issue.
Fix the Directory Traversal in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "DirectoryTraversalinHeaderviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/products.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "546",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Path Disclosure in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/contact?q=577"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 09:10 AM",
+ "HttpRequest": {
+ "Content": "GET /contact?q=577 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 193.4913,
+ "StatusCode": 200
+ },
+ "LookupId": "c573b5cd-b937-5b0e-a03a-1295dafc6395",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in URL Path via PUT Request issue.
Fix the Path Disclosure in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "PathDisclosureinURLPathviaPUTRequest",
+ "Url": "https://portal.testsparker.com/contact?q=577"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "401",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Session Fixation in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/reports/generate?type=12"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 07:30 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?type=12 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 374.1399,
+ "StatusCode": 200
+ },
+ "LookupId": "ec5d22df-e51a-5686-bf65-839625da5288",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in JSON Payload via POST Request issue.
Fix the Session Fixation in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "SessionFixationinJSONPayloadviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/reports/generate?type=12"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "698",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "3"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Clickjacking in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v1/users?q=537"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 01:28 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users?q=537 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 163.7093,
+ "StatusCode": 200
+ },
+ "LookupId": "916d2edb-c0e4-505f-9292-bf082c8e53c3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in Header issue.
Fix the Clickjacking in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "ClickjackinginHeader",
+ "Url": "https://portal.testsparker.com/api/v1/users?q=537"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "241",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "29"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CSRF in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/account/security"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 01:55 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 285.9739,
+ "StatusCode": 200
+ },
+ "LookupId": "9b4bb919-4d17-540a-a67e-cd144544ab02",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in POST Body issue.
Fix the CSRF in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CSRFinPOSTBody",
+ "Url": "http://app1.testsparker.com/account/security"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "699",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Command Injection in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/reports/generate?q=920"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 09:06 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?q=920 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 464.5651,
+ "StatusCode": 200
+ },
+ "LookupId": "af3a2496-de7d-5771-817c-87d70927d983",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in Cookie via POST Request issue.
Fix the Command Injection in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CommandInjectioninCookieviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/reports/generate?q=920"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "291",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "12"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Version Disclosure in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/admin/dashboard"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 02:35 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 180.838,
+ "StatusCode": 200
+ },
+ "LookupId": "7ef071c2-0c3e-555e-ad38-07b76f7929f7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in URL Path via POST Request issue.
Fix the Version Disclosure in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "VersionDisclosureinURLPathviaPOSTRequest",
+ "Url": "http://api.testsparker.com/admin/dashboard"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "339",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Directory Traversal in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/upload.php"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 03:04 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 181.7219,
+ "StatusCode": 200
+ },
+ "LookupId": "15284522-4284-54b0-9f88-925ce7401349",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in Cookie via PUT Request issue.
Fix the Directory Traversal in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "DirectoryTraversalinCookieviaPUTRequest",
+ "Url": "http://app1.testsparker.com/upload.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "225",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Mass Assignment in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v2/export"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 12:38 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 193.0762,
+ "StatusCode": 200
+ },
+ "LookupId": "eb6c5b88-0d03-5f8e-a6bc-27bd311debd9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in Header issue.
Fix the Mass Assignment in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "MassAssignmentinHeader",
+ "Url": "http://admin.testsparker.com/api/v2/export"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "313",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Email Header Injection in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/files/upload?filter=196"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 03:28 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload?filter=196 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 31.99,
+ "StatusCode": 200
+ },
+ "LookupId": "01e680f9-89cb-512c-b27b-5ac21322c314",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in Multipart Data issue.
Fix the Email Header Injection in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninMultipartData",
+ "Url": "https://app2.testsparker.com/files/upload?filter=196"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "511",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HSTS Missing in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/download.php"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 08:01 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 54.1241,
+ "StatusCode": 200
+ },
+ "LookupId": "7c83f0e9-ee35-5ea6-a039-980a051ee10a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in Header issue.
Fix the HSTS Missing in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "HSTSMissinginHeader",
+ "Url": "http://api.testsparker.com/download.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "504",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Password Policy in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/api/v2/export"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 02:48 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 145.8363,
+ "StatusCode": 200
+ },
+ "LookupId": "63ee2761-3afc-598e-929b-66c524421b87",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in Cookie via POST Request issue.
Fix the Weak Password Policy in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinCookieviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/api/v2/export"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "658",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cross-site Scripting in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/cart.php"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 12:23 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 118.0503,
+ "StatusCode": 200
+ },
+ "LookupId": "42bd35e7-6272-5b3a-9b82-1af7769be74e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in Query Parameter issue.
Fix the Cross-site Scripting in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginQueryParameter",
+ "Url": "http://blog.testsparker.com/cart.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "316",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Remote Code Execution in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 07:49 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 108.8516,
+ "StatusCode": 200
+ },
+ "LookupId": "7d43c720-2974-5618-828d-a2d723ab9151",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in XML Input via POST Request issue.
Fix the Remote Code Execution in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninXMLInputviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "457",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Password Policy in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/profile.php"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 06:56 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 407.7972,
+ "StatusCode": 200
+ },
+ "LookupId": "92182bab-3241-50b0-8972-89d2390c4dba",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in URL Path via POST Request issue.
Fix the Weak Password Policy in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinURLPathviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/profile.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "557",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/files/list?type=714"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 10:58 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?type=714 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 431.6748,
+ "StatusCode": 200
+ },
+ "LookupId": "2b3907db-ed39-59ee-b719-84944cacbbb6",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in Multipart Data issue.
Fix the Cookie Not Marked as Secure in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinMultipartData",
+ "Url": "https://docs.testsparker.com/files/list?type=714"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "132",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Command Injection in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/blog/edit.php?token=849"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 06:33 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php?token=849 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 87.6374,
+ "StatusCode": 200
+ },
+ "LookupId": "e59a3695-2ed0-55cb-b258-c2d9c94231da",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in Multipart Data via POST Request issue.
Fix the Command Injection in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CommandInjectioninMultipartDataviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/blog/edit.php?token=849"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "31",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Remote Code Execution in XML Input via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v2/export"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 01:42 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 427.5818,
+ "StatusCode": 200
+ },
+ "LookupId": "2043285e-92ab-50cc-b88e-872a253614d4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in XML Input via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in XML Input via PUT Request issue.
Fix the Remote Code Execution in XML Input via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninXMLInputviaPUTRequest",
+ "Url": "https://portal.testsparker.com/api/v2/export"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "185",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Open Redirect in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/account/billing?action=151"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 12:42 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing?action=151 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 412.4386,
+ "StatusCode": 200
+ },
+ "LookupId": "9808598d-2156-5afb-a1f3-d4406a33d6b9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in File Name issue.
Fix the Open Redirect in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "OpenRedirectinFileName",
+ "Url": "http://api.testsparker.com/account/billing?action=151"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "501",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Mass Assignment in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/products.php?page=996"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 10:10 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php?page=996 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 30.9227,
+ "StatusCode": 200
+ },
+ "LookupId": "c892263b-21cd-578b-a593-23c81dd0a30c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in File Name via POST Request issue.
Fix the Mass Assignment in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "MassAssignmentinFileNameviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/products.php?page=996"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "457",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/help?id=292"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 08:47 AM",
+ "HttpRequest": {
+ "Content": "GET /help?id=292 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 496.3726,
+ "StatusCode": 200
+ },
+ "LookupId": "6816e207-0294-55ca-b549-3055777fa020",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in Cookie via POST Request issue.
Fix the Cookie Not Marked as Secure in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinCookieviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/help?id=292"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "488",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Mass Assignment in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/api/v2/webhook?q=30"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 08:08 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?q=30 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 485.0757,
+ "StatusCode": 200
+ },
+ "LookupId": "1f0585fe-c2e3-513b-9e0f-9f2db4d0f020",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in File Name issue.
Fix the Mass Assignment in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "MassAssignmentinFileName",
+ "Url": "https://docs.testsparker.com/api/v2/webhook?q=30"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "186",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/products.php?page=318"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 07:46 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php?page=318 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 170.4058,
+ "StatusCode": 200
+ },
+ "LookupId": "a41122dc-f444-5431-b316-267dab701ef8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in JSON Payload via POST Request issue.
Fix the Unvalidated Redirect in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinJSONPayloadviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/products.php?page=318"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "369",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Clickjacking in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/blog/post.php?name=94"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 03:27 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php?name=94 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 229.9334,
+ "StatusCode": 200
+ },
+ "LookupId": "1a73432a-3f25-5f81-bbc2-2dcfc2208cf5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in URL Path issue.
Fix the Clickjacking in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "ClickjackinginURLPath",
+ "Url": "http://api.testsparker.com/blog/post.php?name=94"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "61",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Open Redirect in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v1/users"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 09:18 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 178.6913,
+ "StatusCode": 200
+ },
+ "LookupId": "c0918adc-ec95-5b87-b960-f3d10d6af33d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in JSON Payload via PUT Request issue.
Fix the Open Redirect in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "OpenRedirectinJSONPayloadviaPUTRequest",
+ "Url": "http://app1.testsparker.com/api/v1/users"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "184",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "2"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Cryptography in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/auth/reset.php"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 03:48 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 412.1385,
+ "StatusCode": 200
+ },
+ "LookupId": "ae197540-e646-52db-9498-ddeb53fb2cfb",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in URL Path issue.
Fix the Weak Cryptography in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "WeakCryptographyinURLPath",
+ "Url": "http://admin.testsparker.com/auth/reset.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "543",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "40"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/upload.php?id=572"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 09:32 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php?id=572 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 117.4453,
+ "StatusCode": 200
+ },
+ "LookupId": "1aa0317e-9fc5-535c-a2ea-eae0e0c60cbb",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in POST Body via POST Request issue.
Fix the CORS Misconfiguration in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinPOSTBodyviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/upload.php?id=572"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "99",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cross-site Scripting in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/blog/post.php"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 02:32 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 328.5479,
+ "StatusCode": 200
+ },
+ "LookupId": "b08bdddd-9885-5c65-b277-aaf86a63e03f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in Form Field via POST Request issue.
Fix the Cross-site Scripting in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginFormFieldviaPOSTRequest",
+ "Url": "http://api.testsparker.com/blog/post.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "426",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CSRF in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/files/download?page=424"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 06:42 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?page=424 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 134.896,
+ "StatusCode": 200
+ },
+ "LookupId": "fdddf3b1-4966-5651-844f-d4a0678fefd9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in Cookie issue.
Fix the CSRF in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CSRFinCookie",
+ "Url": "https://portal.testsparker.com/files/download?page=424"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "318",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "12"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Directory Traversal in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/reports/export"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 10:12 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 44.0325,
+ "StatusCode": 200
+ },
+ "LookupId": "68359759-0146-5b01-92f1-b8681b1c9dd7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in File Name via POST Request issue.
Fix the Directory Traversal in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "DirectoryTraversalinFileNameviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/reports/export"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "566",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/upload.php?action=36"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 11:07 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php?action=36 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 272.1062,
+ "StatusCode": 200
+ },
+ "LookupId": "f20d1a0e-fee3-5bf2-af0d-e98881a0ecaa",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in Header via POST Request issue.
Fix the Cookie Not Marked as Secure in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinHeaderviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/upload.php?action=36"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "624",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "17"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/reports/view"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 10:36 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 253.2345,
+ "StatusCode": 200
+ },
+ "LookupId": "1607bc98-2489-5598-a4c0-7020cc24f2d9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in Query Parameter issue.
Fix the Missing X-Frame-Options in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinQueryParameter",
+ "Url": "https://app2.testsparker.com/reports/view"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "699",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Remote Code Execution in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/dashboard?page=534"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 07:28 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?page=534 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 371.4775,
+ "StatusCode": 200
+ },
+ "LookupId": "a6152826-fde2-5261-aba3-f4c5902de090",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in Cookie via POST Request issue.
Fix the Remote Code Execution in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninCookieviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/admin/dashboard?page=534"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "592",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Clickjacking in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 06:49 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 368.1236,
+ "StatusCode": 200
+ },
+ "LookupId": "cfe8619c-37d2-5337-82ba-978b11cb3ba5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in Multipart Data via POST Request issue.
Fix the Clickjacking in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "ClickjackinginMultipartDataviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "69",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/reports/export?name=977"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 05:45 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export?name=977 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 80.1108,
+ "StatusCode": 200
+ },
+ "LookupId": "121a2c5f-bdef-53ac-a74c-3ebe4dcca21a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in JSON Payload via PUT Request issue.
Fix the Server-Side Request Forgery in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinJSONPayloadviaPUTRequest",
+ "Url": "https://docs.testsparker.com/reports/export?name=977"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "236",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "3"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Clickjacking in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/admin/dashboard?ref=55"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 03:45 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?ref=55 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 238.8951,
+ "StatusCode": 200
+ },
+ "LookupId": "41c5b54c-3dc2-5976-8538-9c76e9bfe12a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in Header via POST Request issue.
Fix the Clickjacking in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "ClickjackinginHeaderviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/admin/dashboard?ref=55"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "258",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Version Disclosure vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/products.php"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 05:02 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 11.7374,
+ "StatusCode": 200
+ },
+ "LookupId": "6698cce9-68d5-5e7c-9173-eac1408f7659",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure issue.
Fix the Version Disclosure vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "VersionDisclosure",
+ "Url": "https://shop.testsparker.com/products.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "292",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Session Fixation in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/contact?name=360"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 12:28 AM",
+ "HttpRequest": {
+ "Content": "GET /contact?name=360 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 445.9199,
+ "StatusCode": 200
+ },
+ "LookupId": "2cd6594e-43a9-52e5-bb89-be2a66a9aad6",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in File Name issue.
Fix the Session Fixation in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "SessionFixationinFileName",
+ "Url": "http://admin.testsparker.com/contact?name=360"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "544",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/reports/view"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 08:15 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 50.7148,
+ "StatusCode": 200
+ },
+ "LookupId": "16a9a4ba-eea9-5af5-b138-9f5f49704ace",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in POST Body via POST Request issue.
Fix the Unvalidated Redirect in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinPOSTBodyviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/reports/view"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "205",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XML External Entity in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/products.php?name=684"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 07:31 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php?name=684 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 158.7894,
+ "StatusCode": 200
+ },
+ "LookupId": "e3166d47-8cd6-58cb-8b53-5bde7c49dd0a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in URL Path via POST Request issue.
Fix the XML External Entity in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "XMLExternalEntityinURLPathviaPOSTRequest",
+ "Url": "http://api.testsparker.com/products.php?name=684"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "387",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "2"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Information Disclosure in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/checkout.php?page=58"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 01:44 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php?page=58 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 61.9448,
+ "StatusCode": 200
+ },
+ "LookupId": "1b90a53b-51a6-5fc2-841e-44ff996c0b89",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in File Name via POST Request issue.
Fix the Information Disclosure in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "InformationDisclosureinFileNameviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/checkout.php?page=58"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "592",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Open Redirect in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/checkout.php"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 08:04 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 320.4776,
+ "StatusCode": 200
+ },
+ "LookupId": "c56f933e-ef21-55f8-84aa-8760624fd07e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in JSON Payload issue.
Fix the Open Redirect in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "OpenRedirectinJSONPayload",
+ "Url": "https://shop.testsparker.com/checkout.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "407",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Information Disclosure in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/auth/login.php"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 05:34 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 409.0681,
+ "StatusCode": 200
+ },
+ "LookupId": "8f5d0641-52e9-51d2-b3ad-ff4c6904492a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in POST Body via POST Request issue.
Fix the Information Disclosure in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InformationDisclosureinPOSTBodyviaPOSTRequest",
+ "Url": "http://api.testsparker.com/auth/login.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "177",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Cryptography in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/upload.php"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 02:14 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 73.0701,
+ "StatusCode": 200
+ },
+ "LookupId": "70678e2a-e760-5687-a2b0-4f483dd09299",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in Cookie via POST Request issue.
Fix the Weak Cryptography in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "WeakCryptographyinCookieviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/upload.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "671",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "17"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v1/orders?sort=425"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 03:04 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders?sort=425 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 40.1936,
+ "StatusCode": 200
+ },
+ "LookupId": "7b52fc39-dd8a-5f61-acfc-cd47cdbc771f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in Cookie via POST Request issue.
Fix the Missing X-Frame-Options in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinCookieviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/api/v1/orders?sort=425"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "56",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Clickjacking in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/api/v1/users?ref=925"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 12:38 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users?ref=925 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 446.7252,
+ "StatusCode": 200
+ },
+ "LookupId": "79069f8a-c58e-5ba0-8411-a57eedf4238a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in Query Parameter issue.
Fix the Clickjacking in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "ClickjackinginQueryParameter",
+ "Url": "https://docs.testsparker.com/api/v1/users?ref=925"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "175",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "11"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/settings.php?sort=975"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 02:21 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?sort=975 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 301.075,
+ "StatusCode": 200
+ },
+ "LookupId": "3622c352-8b82-532b-b078-28f37dff74ff",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in XML Input issue.
Fix the Cookie Not Marked as HttpOnly in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinXMLInput",
+ "Url": "http://app1.testsparker.com/settings.php?sort=975"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "242",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/files/list?token=950"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 11:20 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?token=950 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 440.939,
+ "StatusCode": 200
+ },
+ "LookupId": "73589597-7a6f-5cd9-b827-1f0586bd3337",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in Header via POST Request issue.
Fix the Missing Content-Security-Policy in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinHeaderviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/files/list?token=950"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "588",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/contact"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 11:53 AM",
+ "HttpRequest": {
+ "Content": "GET /contact HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 349.8009,
+ "StatusCode": 200
+ },
+ "LookupId": "d3017ff0-2256-59b4-bbd8-782cda8f6e3f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in Cookie issue.
Fix the Missing Content-Security-Policy in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinCookie",
+ "Url": "https://app2.testsparker.com/contact"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "582",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/auth/register.php?q=945"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 01:05 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?q=945 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 161.544,
+ "StatusCode": 200
+ },
+ "LookupId": "89b2b0af-c341-53fd-a50b-550578cd6604",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in Cookie via PUT Request issue.
Fix the CORS Misconfiguration in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinCookieviaPUTRequest",
+ "Url": "http://blog.testsparker.com/auth/register.php?q=945"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "611",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Open Redirect vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v1/users"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 08:33 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 133.1929,
+ "StatusCode": 200
+ },
+ "LookupId": "e3200dd1-bc91-5a62-bb48-7a9fc2a23bbe",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect issue.
Fix the Open Redirect vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "OpenRedirect",
+ "Url": "https://app2.testsparker.com/api/v1/users"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "556",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "24"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a NoSQL Injection in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/account/billing?type=484"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 07:26 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing?type=484 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 287.6207,
+ "StatusCode": 200
+ },
+ "LookupId": "4f4e735f-2091-58ee-a94e-c7c7603ba1dd",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in Header via PUT Request issue.
Fix the NoSQL Injection in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "NoSQLInjectioninHeaderviaPUTRequest",
+ "Url": "http://admin.testsparker.com/account/billing?type=484"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "269",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/api/v2/webhook?ref=586"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 12:08 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?ref=586 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 383.3961,
+ "StatusCode": 200
+ },
+ "LookupId": "13d113ec-c9a1-5081-87d1-dbdcc3a4d498",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in Multipart Data issue.
Fix the CORS Misconfiguration in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinMultipartData",
+ "Url": "http://api.testsparker.com/api/v2/webhook?ref=586"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "186",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cleartext Transmission in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/profile.php?q=482"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 08:22 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php?q=482 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 210.0906,
+ "StatusCode": 200
+ },
+ "LookupId": "55e77df1-91c1-5000-9f29-66c9e998b71d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in POST Body issue.
Fix the Cleartext Transmission in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CleartextTransmissioninPOSTBody",
+ "Url": "http://app1.testsparker.com/profile.php?q=482"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "465",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "11"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Information Disclosure in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v1/orders"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 12:20 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 390.6495,
+ "StatusCode": 200
+ },
+ "LookupId": "9e4cfda3-3d11-51aa-8986-7f06e92d9d6a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in Cookie issue.
Fix the Information Disclosure in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "InformationDisclosureinCookie",
+ "Url": "http://app1.testsparker.com/api/v1/orders"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "407",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/auth/register.php?ref=391"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 12:58 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?ref=391 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 76.8755,
+ "StatusCode": 200
+ },
+ "LookupId": "00998165-4ceb-540b-aada-09512131d19d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in JSON Payload via POST Request issue.
Fix the Insecure Direct Object Reference in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinJSONPayloadviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/auth/register.php?ref=391"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "289",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v1/products?type=109"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 11:01 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products?type=109 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 242.254,
+ "StatusCode": 200
+ },
+ "LookupId": "acb0db22-04af-5e7d-81a3-2ea880460082",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in Form Field issue.
Fix the HTTP Response Splitting in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginFormField",
+ "Url": "http://app1.testsparker.com/api/v1/products?type=109"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "158",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cross-site Scripting in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v2/export?token=173"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 12:02 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export?token=173 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 447.417,
+ "StatusCode": 200
+ },
+ "LookupId": "20163ec1-0f5b-5c91-832b-6181ed6c764e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in XML Input via POST Request issue.
Fix the Cross-site Scripting in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginXMLInputviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/api/v2/export?token=173"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "599",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "38"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Deserialization vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/admin/dashboard?page=763"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 04:08 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?page=763 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 259.6679,
+ "StatusCode": 200
+ },
+ "LookupId": "c4e6f4a3-f41a-5942-9ecc-ad92e07fb389",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization issue.
Fix the Insecure Deserialization vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InsecureDeserialization",
+ "Url": "https://docs.testsparker.com/admin/dashboard?page=763"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "434",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cleartext Transmission in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/blog/edit.php"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 05:32 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 484.1649,
+ "StatusCode": 200
+ },
+ "LookupId": "fdbd3e4a-f323-5f2c-91b7-fec2c0e91539",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in XML Input via POST Request issue.
Fix the Cleartext Transmission in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CleartextTransmissioninXMLInputviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/blog/edit.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "482",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Cryptography in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/auth/login.php?action=386"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 08:18 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php?action=386 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 74.578,
+ "StatusCode": 200
+ },
+ "LookupId": "49be5e79-c88e-544a-8361-e19c630c7a47",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in POST Body via PUT Request issue.
Fix the Weak Cryptography in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "WeakCryptographyinPOSTBodyviaPUTRequest",
+ "Url": "http://app1.testsparker.com/auth/login.php?action=386"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "303",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/cart.php"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 02:31 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 184.025,
+ "StatusCode": 200
+ },
+ "LookupId": "2f1f46f6-5cd8-55ba-88f7-77b47a1c1413",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in Cookie via PUT Request issue.
Fix the Insecure HTTP Method in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinCookieviaPUTRequest",
+ "Url": "http://blog.testsparker.com/cart.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "64",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/files/upload"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 06:42 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 244.4018,
+ "StatusCode": 200
+ },
+ "LookupId": "2758c00d-e4b8-57b3-ad3b-77eb45d42f88",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in Header issue.
Fix the CORS Misconfiguration in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinHeader",
+ "Url": "http://api.testsparker.com/files/upload"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "598",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a SQL Injection in XML Input via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/upload.php"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 03:18 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 158.5878,
+ "StatusCode": 200
+ },
+ "LookupId": "6298fbe8-012f-5a8d-b816-01aa92bab659",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in XML Input via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in XML Input via PUT Request issue.
Fix the SQL Injection in XML Input via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "SQLInjectioninXMLInputviaPUTRequest",
+ "Url": "https://portal.testsparker.com/upload.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "587",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Command Injection in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/settings.php?ref=580"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 01:48 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?ref=580 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 362.3003,
+ "StatusCode": 200
+ },
+ "LookupId": "e48b29c7-cb04-5490-aeab-b8e46f93d8f3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in JSON Payload issue.
Fix the Command Injection in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CommandInjectioninJSONPayload",
+ "Url": "https://portal.testsparker.com/settings.php?ref=580"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "125",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CSRF in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/upload.php"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 08:01 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 186.8393,
+ "StatusCode": 200
+ },
+ "LookupId": "8d3ccb45-fdf5-522e-9b6d-ecfe26fb92de",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in Header issue.
Fix the CSRF in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CSRFinHeader",
+ "Url": "http://admin.testsparker.com/upload.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "299",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "46"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Version Disclosure in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v1/orders?name=473"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 08:30 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders?name=473 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 129.4281,
+ "StatusCode": 200
+ },
+ "LookupId": "474d7f96-1f9e-5158-85cc-a56166796279",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in POST Body issue.
Fix the Version Disclosure in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "VersionDisclosureinPOSTBody",
+ "Url": "http://blog.testsparker.com/api/v1/orders?name=473"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "102",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Broken Authentication in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/admin/dashboard?page=441"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 05:17 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?page=441 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 248.4515,
+ "StatusCode": 200
+ },
+ "LookupId": "eab8512b-81b6-517c-9c89-4f162f923e44",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in POST Body via PUT Request issue.
Fix the Broken Authentication in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinPOSTBodyviaPUTRequest",
+ "Url": "http://api.testsparker.com/admin/dashboard?page=441"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "101",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "15"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/search"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 06:25 AM",
+ "HttpRequest": {
+ "Content": "GET /search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 236.901,
+ "StatusCode": 200
+ },
+ "LookupId": "fc7aad8c-d314-5a68-9313-d0d14f05e37a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in URL Path issue.
Fix the Unvalidated Redirect in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinURLPath",
+ "Url": "http://blog.testsparker.com/search"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "321",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Broken Authentication in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/files/list?ref=209"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 03:48 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?ref=209 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 191.5647,
+ "StatusCode": 200
+ },
+ "LookupId": "1a597399-1b6e-59b1-83d8-19688f650170",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in Header issue.
Fix the Broken Authentication in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinHeader",
+ "Url": "http://api.testsparker.com/files/list?ref=209"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "305",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/admin/users"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 08:30 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 272.3981,
+ "StatusCode": 200
+ },
+ "LookupId": "1066eb43-045c-53af-b015-2f26228a2280",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in File Name via POST Request issue.
Fix the Unvalidated Redirect in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinFileNameviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/admin/users"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "131",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Email Header Injection in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v2/webhook?name=318"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 11:27 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?name=318 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 259.1594,
+ "StatusCode": 200
+ },
+ "LookupId": "ee9c5082-a198-5e71-babb-07fc06b71cdb",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in Cookie issue.
Fix the Email Header Injection in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninCookie",
+ "Url": "http://blog.testsparker.com/api/v2/webhook?name=318"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "22",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "3"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Buffer Overflow in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/admin/dashboard?page=716"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 10:24 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?page=716 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 157.2023,
+ "StatusCode": 200
+ },
+ "LookupId": "fdc1c79a-73e3-5561-a89b-2b1c9c7d594b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in Query Parameter via PUT Request issue.
Fix the Buffer Overflow in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "BufferOverflowinQueryParameterviaPUTRequest",
+ "Url": "https://shop.testsparker.com/admin/dashboard?page=716"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "355",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "27"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v1/users?name=825"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 08:08 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users?name=825 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 142.5491,
+ "StatusCode": 200
+ },
+ "LookupId": "cb5a5d6f-3bde-5f34-a476-5c7dcccccdf4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in Query Parameter via PUT Request issue.
Fix the DNS Zone Transfer in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "DNSZoneTransferinQueryParameterviaPUTRequest",
+ "Url": "https://shop.testsparker.com/api/v1/users?name=825"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "475",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Race Condition in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v2/webhook"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 08:33 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 151.6457,
+ "StatusCode": 200
+ },
+ "LookupId": "0d646cac-d786-5235-b823-ea7aaa557aa7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in Cookie via POST Request issue.
Fix the Race Condition in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "RaceConditioninCookieviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/api/v2/webhook"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "159",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Mass Assignment in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/upload.php"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 04:00 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 199.7788,
+ "StatusCode": 200
+ },
+ "LookupId": "0a49a398-e543-5597-9fcf-1b52f537d8d6",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in XML Input via POST Request issue.
Fix the Mass Assignment in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "MassAssignmentinXMLInputviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/upload.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "543",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/reports/export?type=565"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 09:52 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export?type=565 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 351.9509,
+ "StatusCode": 200
+ },
+ "LookupId": "d310bc58-adfd-5305-aa14-0370300c3061",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in URL Path issue.
Fix the File Upload Vulnerability in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinURLPath",
+ "Url": "https://docs.testsparker.com/reports/export?type=565"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "670",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "34"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Session Fixation in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 12:34 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 256.6882,
+ "StatusCode": 200
+ },
+ "LookupId": "8db04c35-9ef3-592d-91c3-1cf67217e271",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in Query Parameter via PUT Request issue.
Fix the Session Fixation in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "SessionFixationinQueryParameterviaPUTRequest",
+ "Url": "https://portal.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "121",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "15"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Version Disclosure in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v1/products?q=802"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 09:21 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products?q=802 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 21.0458,
+ "StatusCode": 200
+ },
+ "LookupId": "758ea3e3-4575-55b3-b34a-928d62c5009d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in Query Parameter via PUT Request issue.
Fix the Version Disclosure in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "VersionDisclosureinQueryParameterviaPUTRequest",
+ "Url": "http://blog.testsparker.com/api/v1/products?q=802"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "571",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Email Header Injection in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/account/security"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 02:16 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 440.1127,
+ "StatusCode": 200
+ },
+ "LookupId": "fa6a756b-caa3-5919-bbc1-ca2708e69899",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in POST Body issue.
Fix the Email Header Injection in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninPOSTBody",
+ "Url": "https://app2.testsparker.com/account/security"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "168",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "17"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XPath Injection in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/upload.php"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 02:14 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 239.4702,
+ "StatusCode": 200
+ },
+ "LookupId": "cb68f01e-0374-5377-94a7-1023ae16b2e1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in Query Parameter issue.
Fix the XPath Injection in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "XPathInjectioninQueryParameter",
+ "Url": "http://api.testsparker.com/upload.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "442",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XPath Injection in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/download.php"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 11:50 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 98.2279,
+ "StatusCode": 200
+ },
+ "LookupId": "85cdd5d4-a175-5cc5-9401-443f072b3e0f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in POST Body issue.
Fix the XPath Injection in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "XPathInjectioninPOSTBody",
+ "Url": "http://app1.testsparker.com/download.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "233",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Cryptography in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/help?id=988"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 12:18 AM",
+ "HttpRequest": {
+ "Content": "GET /help?id=988 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 71.8866,
+ "StatusCode": 200
+ },
+ "LookupId": "d5cdac2f-181f-5028-8000-cdea5279cfda",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in URL Path via PUT Request issue.
Fix the Weak Cryptography in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "WeakCryptographyinURLPathviaPUTRequest",
+ "Url": "https://app2.testsparker.com/help?id=988"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "30",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "22"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/products.php?filter=931"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 01:47 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php?filter=931 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 437.2938,
+ "StatusCode": 200
+ },
+ "LookupId": "40e2cdbf-bd39-5a5d-9f94-4c3bbdfbf8e6",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in URL Path via PUT Request issue.
Fix the Missing Content-Security-Policy in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinURLPathviaPUTRequest",
+ "Url": "https://docs.testsparker.com/products.php?filter=931"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "490",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "15"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Information Disclosure in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/auth/login.php?filter=837"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 12:51 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php?filter=837 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 60.1893,
+ "StatusCode": 200
+ },
+ "LookupId": "b206994e-c1d8-58f2-96a8-66bee1671d32",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in JSON Payload issue.
Fix the Information Disclosure in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "InformationDisclosureinJSONPayload",
+ "Url": "https://docs.testsparker.com/auth/login.php?filter=837"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "626",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Information Disclosure in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/api/v2/webhook"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 07:13 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 233.9525,
+ "StatusCode": 200
+ },
+ "LookupId": "61d05e61-8d8e-5c66-8a82-0317544fb357",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in Form Field issue.
Fix the Information Disclosure in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InformationDisclosureinFormField",
+ "Url": "https://docs.testsparker.com/api/v2/webhook"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "237",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v1/products"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 09:42 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 131.8939,
+ "StatusCode": 200
+ },
+ "LookupId": "6533c1f7-f139-5b08-925b-d6a405420e5b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in Multipart Data issue.
Fix the File Upload Vulnerability in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinMultipartData",
+ "Url": "http://admin.testsparker.com/api/v1/products"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "180",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Cryptography in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/account/security?ref=664"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 02:21 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?ref=664 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 120.1643,
+ "StatusCode": 200
+ },
+ "LookupId": "ac34625a-2b44-553a-91cf-44e31cc543fe",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in Header via PUT Request issue.
Fix the Weak Cryptography in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "WeakCryptographyinHeaderviaPUTRequest",
+ "Url": "https://shop.testsparker.com/account/security?ref=664"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "164",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XML External Entity in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v1/orders?token=12"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 04:20 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders?token=12 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 449.9848,
+ "StatusCode": 200
+ },
+ "LookupId": "aacc6003-b824-5b58-9a1a-8966e63c8348",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in Multipart Data via POST Request issue.
Fix the XML External Entity in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "XMLExternalEntityinMultipartDataviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/api/v1/orders?token=12"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "658",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a NoSQL Injection in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 03:46 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 63.0907,
+ "StatusCode": 200
+ },
+ "LookupId": "2ef927b0-d2dd-5797-8995-527f9dbdf592",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in File Name via POST Request issue.
Fix the NoSQL Injection in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "NoSQLInjectioninFileNameviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "84",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/auth/login.php"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 02:36 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 11.9798,
+ "StatusCode": 200
+ },
+ "LookupId": "f14656fa-dca4-5a26-8669-95bacfb4ddf9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in Form Field issue.
Fix the Server-Side Request Forgery in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinFormField",
+ "Url": "http://app1.testsparker.com/auth/login.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "422",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/auth/reset.php?filter=40"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 01:35 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php?filter=40 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 401.3468,
+ "StatusCode": 200
+ },
+ "LookupId": "99f4eb8c-3870-5b6a-82c9-35cb9e2f97c3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in Cookie via PUT Request issue.
Fix the Insecure Direct Object Reference in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinCookieviaPUTRequest",
+ "Url": "https://docs.testsparker.com/auth/reset.php?filter=40"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "520",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/search?page=393"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 03:05 AM",
+ "HttpRequest": {
+ "Content": "GET /search?page=393 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 289.5061,
+ "StatusCode": 200
+ },
+ "LookupId": "fe2cb672-4a56-55ff-bbde-d99536e3489a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in File Name via POST Request issue.
Fix the Missing Content-Security-Policy in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinFileNameviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/search?page=393"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "221",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "38"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XML External Entity in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v2/search"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 12:09 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 196.7339,
+ "StatusCode": 200
+ },
+ "LookupId": "ce97f3c2-b66f-54c6-88c3-cad34a288a4f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in POST Body via PUT Request issue.
Fix the XML External Entity in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "XMLExternalEntityinPOSTBodyviaPUTRequest",
+ "Url": "http://app1.testsparker.com/api/v2/search"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "9",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/blog/post.php"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 08:00 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 118.5452,
+ "StatusCode": 200
+ },
+ "LookupId": "c0288e40-4acb-55b3-92c4-0246e4dd0bf8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in URL Path via POST Request issue.
Fix the Insecure Direct Object Reference in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinURLPathviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/blog/post.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "180",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "17"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Broken Authentication in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/reports/view?q=733"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 01:52 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?q=733 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 220.5988,
+ "StatusCode": 200
+ },
+ "LookupId": "a1d60481-aec5-5ee1-bf35-609dcee448aa",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in XML Input via POST Request issue.
Fix the Broken Authentication in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinXMLInputviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/reports/view?q=733"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "392",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/auth/reset.php?filter=40"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 11:47 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php?filter=40 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 157.9731,
+ "StatusCode": 200
+ },
+ "LookupId": "f7256086-a194-5a01-bf41-1817a23cae1f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in Cookie via PUT Request issue.
Fix the Insecure Direct Object Reference in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinCookieviaPUTRequest",
+ "Url": "https://docs.testsparker.com/auth/reset.php?filter=40"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "241",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/reports/view"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 04:56 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 426.9843,
+ "StatusCode": 200
+ },
+ "LookupId": "93de8fac-98ce-517e-b110-37a558566795",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in POST Body via PUT Request issue.
Fix the CORS Misconfiguration in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinPOSTBodyviaPUTRequest",
+ "Url": "http://api.testsparker.com/reports/view"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "338",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Information Disclosure in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/auth/login.php"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 12:49 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 250.4329,
+ "StatusCode": 200
+ },
+ "LookupId": "824e75d1-3f14-58e9-8691-2d6a2e2b46d8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in POST Body via POST Request issue.
Fix the Information Disclosure in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InformationDisclosureinPOSTBodyviaPOSTRequest",
+ "Url": "http://api.testsparker.com/auth/login.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "260",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Path Disclosure in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/auth/login.php?token=387"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 12:49 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php?token=387 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 230.0728,
+ "StatusCode": 200
+ },
+ "LookupId": "84ae3204-f1d2-5859-bff3-325ee1a302d4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in JSON Payload via PUT Request issue.
Fix the Path Disclosure in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "PathDisclosureinJSONPayloadviaPUTRequest",
+ "Url": "http://blog.testsparker.com/auth/login.php?token=387"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "469",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "38"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Password Policy in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/search?token=48"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 01:33 AM",
+ "HttpRequest": {
+ "Content": "GET /search?token=48 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 370.7448,
+ "StatusCode": 200
+ },
+ "LookupId": "d56b80b7-aec4-5d12-a3f0-5e7082c3130a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in Form Field issue.
Fix the Weak Password Policy in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinFormField",
+ "Url": "https://portal.testsparker.com/search?token=48"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "661",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "15"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Command Injection in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v2/search"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 10:53 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 36.0687,
+ "StatusCode": 200
+ },
+ "LookupId": "f460d467-0289-53c7-b3fd-1dbc8753b88f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in JSON Payload via PUT Request issue.
Fix the Command Injection in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CommandInjectioninJSONPayloadviaPUTRequest",
+ "Url": "https://shop.testsparker.com/api/v2/search"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "218",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a NoSQL Injection in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v2/export"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 06:03 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 226.2569,
+ "StatusCode": 200
+ },
+ "LookupId": "fc1b30ba-b137-5cc5-b83b-6d7cd0355a45",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in Multipart Data via POST Request issue.
Fix the NoSQL Injection in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "NoSQLInjectioninMultipartDataviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/api/v2/export"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "493",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "40"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/help?filter=745"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 02:22 AM",
+ "HttpRequest": {
+ "Content": "GET /help?filter=745 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 396.61,
+ "StatusCode": 200
+ },
+ "LookupId": "5d169a17-4236-5857-b5af-bff3eacd1043",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in Header via PUT Request issue.
Fix the HTTP Response Splitting in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginHeaderviaPUTRequest",
+ "Url": "http://admin.testsparker.com/help?filter=745"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "218",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/reports/export"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 03:35 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 190.9727,
+ "StatusCode": 200
+ },
+ "LookupId": "1cba3c12-dcb6-5acb-b411-559e9783f3ae",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in URL Path via POST Request issue.
Fix the Sensitive Data Exposure in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinURLPathviaPOSTRequest",
+ "Url": "http://api.testsparker.com/reports/export"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "184",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "46"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Cryptography in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/config?type=384"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 12:30 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/config?type=384 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 360.6684,
+ "StatusCode": 200
+ },
+ "LookupId": "f532e152-f890-53f5-a8dd-8f1042cc491c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in JSON Payload via POST Request issue.
Fix the Weak Cryptography in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "WeakCryptographyinJSONPayloadviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/admin/config?type=384"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "652",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "29"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Cryptography in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/account/security"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 07:52 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 89.793,
+ "StatusCode": 200
+ },
+ "LookupId": "ac0e8390-7e9c-5e32-95cb-a15ed4ac8797",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in URL Path via POST Request issue.
Fix the Weak Cryptography in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "WeakCryptographyinURLPathviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/account/security"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "357",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "29"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/files/download?page=305"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 04:13 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?page=305 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 407.2443,
+ "StatusCode": 200
+ },
+ "LookupId": "4c9cbb1d-a387-56a2-ae72-21433ead781b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in JSON Payload issue.
Fix the Server-Side Request Forgery in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinJSONPayload",
+ "Url": "https://portal.testsparker.com/files/download?page=305"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "416",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v1/users"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 03:36 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 100.3354,
+ "StatusCode": 200
+ },
+ "LookupId": "d78f9f0e-01d0-58d6-9025-5e18de9e6a93",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in JSON Payload via PUT Request issue.
Fix the Insecure HTTP Method in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinJSONPayloadviaPUTRequest",
+ "Url": "http://app1.testsparker.com/api/v1/users"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "25",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XPath Injection in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/account/billing?ref=44"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 05:47 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing?ref=44 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 70.585,
+ "StatusCode": 200
+ },
+ "LookupId": "aac8707b-41e2-5a38-a2b8-8bd6451de8f7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in POST Body via PUT Request issue.
Fix the XPath Injection in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "XPathInjectioninPOSTBodyviaPUTRequest",
+ "Url": "https://app2.testsparker.com/account/billing?ref=44"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "424",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v2/webhook?ref=914"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 12:43 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?ref=914 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 164.5964,
+ "StatusCode": 200
+ },
+ "LookupId": "9e796ba3-8508-59de-8121-4b2bc73aa152",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in Query Parameter issue.
Fix the File Upload Vulnerability in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinQueryParameter",
+ "Url": "http://app1.testsparker.com/api/v2/webhook?ref=914"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "411",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a NoSQL Injection in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/blog/edit.php?q=586"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 01:13 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php?q=586 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 426.2773,
+ "StatusCode": 200
+ },
+ "LookupId": "334feb59-453b-5506-b2a1-9bc33efa5ac3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in File Name issue.
Fix the NoSQL Injection in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "NoSQLInjectioninFileName",
+ "Url": "https://shop.testsparker.com/blog/edit.php?q=586"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "554",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Version Disclosure in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/config"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 01:25 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/config HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 155.2833,
+ "StatusCode": 200
+ },
+ "LookupId": "2172c209-2ea2-5ea5-b4f3-d7b534a973dd",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in URL Path via PUT Request issue.
Fix the Version Disclosure in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "VersionDisclosureinURLPathviaPUTRequest",
+ "Url": "https://app2.testsparker.com/admin/config"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "173",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/reports/export"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 01:30 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 117.0248,
+ "StatusCode": 200
+ },
+ "LookupId": "4f309578-44c3-5e81-8789-85a39b4c03e0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in Cookie via POST Request issue.
Fix the DNS Zone Transfer in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "DNSZoneTransferinCookieviaPOSTRequest",
+ "Url": "http://api.testsparker.com/reports/export"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "191",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Path Disclosure in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/admin/logs?type=972"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 04:16 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?type=972 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 491.6441,
+ "StatusCode": 200
+ },
+ "LookupId": "341200d1-4ebe-5f92-bdd7-221e781328c6",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in XML Input via POST Request issue.
Fix the Path Disclosure in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "PathDisclosureinXMLInputviaPOSTRequest",
+ "Url": "http://api.testsparker.com/admin/logs?type=972"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "60",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/download.php?name=952"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 12:31 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?name=952 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 409.8514,
+ "StatusCode": 200
+ },
+ "LookupId": "e9f94caa-3735-54f3-9f2d-fb3c83bfb442",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure issue.
Fix the Cookie Not Marked as Secure vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecure",
+ "Url": "http://app1.testsparker.com/download.php?name=952"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "582",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/contact?page=731"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 08:19 AM",
+ "HttpRequest": {
+ "Content": "GET /contact?page=731 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 345.3942,
+ "StatusCode": 200
+ },
+ "LookupId": "2073809d-097a-5320-958a-9e7a97df7472",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in Query Parameter issue.
Fix the CORS Misconfiguration in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinQueryParameter",
+ "Url": "https://docs.testsparker.com/contact?page=731"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "132",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Cryptography in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/profile.php"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 06:35 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 470.0848,
+ "StatusCode": 200
+ },
+ "LookupId": "b17d9013-2439-5733-986e-6924872c36c2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in Header issue.
Fix the Weak Cryptography in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "WeakCryptographyinHeader",
+ "Url": "https://docs.testsparker.com/profile.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "473",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "27"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a NoSQL Injection in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/account/security"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 03:13 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 411.9709,
+ "StatusCode": 200
+ },
+ "LookupId": "76a49604-e161-5ed5-baa1-4307ad04e11c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in XML Input via POST Request issue.
Fix the NoSQL Injection in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "NoSQLInjectioninXMLInputviaPOSTRequest",
+ "Url": "http://api.testsparker.com/account/security"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "412",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/contact"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 02:55 AM",
+ "HttpRequest": {
+ "Content": "GET /contact HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 270.0084,
+ "StatusCode": 200
+ },
+ "LookupId": "36bb404f-0720-5b03-a277-daa6dde9d759",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in XML Input via POST Request issue.
Fix the DNS Zone Transfer in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "DNSZoneTransferinXMLInputviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/contact"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "405",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "2"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Integer Overflow in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v2/export?ref=52"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 07:11 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export?ref=52 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 183.4322,
+ "StatusCode": 200
+ },
+ "LookupId": "7b7ded45-7e53-5f74-b3f0-4c96195b2d9e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in JSON Payload issue.
Fix the Integer Overflow in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "IntegerOverflowinJSONPayload",
+ "Url": "https://shop.testsparker.com/api/v2/export?ref=52"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "672",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Email Header Injection in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v2/search?filter=284"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 03:33 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?filter=284 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 385.0825,
+ "StatusCode": 200
+ },
+ "LookupId": "77d964c2-43b1-5226-8dab-c2bc4c3855e5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in XML Input issue.
Fix the Email Header Injection in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninXMLInput",
+ "Url": "http://admin.testsparker.com/api/v2/search?filter=284"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "233",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "24"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Command Injection in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/reports/generate?q=920"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 01:09 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?q=920 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 183.0292,
+ "StatusCode": 200
+ },
+ "LookupId": "e77e990c-d260-5349-a32f-5a746a3e434a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in Cookie via POST Request issue.
Fix the Command Injection in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CommandInjectioninCookieviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/reports/generate?q=920"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "325",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Email Header Injection in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/upload.php?sort=790"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 02:36 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php?sort=790 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 341.5449,
+ "StatusCode": 200
+ },
+ "LookupId": "046a603d-8164-5158-91c7-4828ed0235a5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in Header issue.
Fix the Email Header Injection in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninHeader",
+ "Url": "http://admin.testsparker.com/upload.php?sort=790"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "245",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Buffer Overflow in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/files/upload"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 11:19 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 89.2834,
+ "StatusCode": 200
+ },
+ "LookupId": "468c76cf-2f45-5b6d-890d-e3c97dba5dc4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in POST Body via POST Request issue.
Fix the Buffer Overflow in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "BufferOverflowinPOSTBodyviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/files/upload"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "49",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Deserialization in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/products.php"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 05:01 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 204.6667,
+ "StatusCode": 200
+ },
+ "LookupId": "4f1d75b5-4f47-50ff-b634-4425203a5f93",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in JSON Payload via PUT Request issue.
Fix the Insecure Deserialization in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureDeserializationinJSONPayloadviaPUTRequest",
+ "Url": "http://blog.testsparker.com/products.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "8",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "15"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Remote Code Execution in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/contact"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 11:16 AM",
+ "HttpRequest": {
+ "Content": "GET /contact HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 160.6244,
+ "StatusCode": 200
+ },
+ "LookupId": "aeb0971d-d38c-5bf6-bd38-5d12ba3cc209",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in Multipart Data via POST Request issue.
Fix the Remote Code Execution in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninMultipartDataviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/contact"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "473",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Email Header Injection in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/blog/edit.php?page=486"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 04:27 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php?page=486 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 387.3642,
+ "StatusCode": 200
+ },
+ "LookupId": "f296a924-e7e5-511b-9903-8120e491b97f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in JSON Payload via POST Request issue.
Fix the Email Header Injection in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninJSONPayloadviaPOSTRequest",
+ "Url": "http://api.testsparker.com/blog/edit.php?page=486"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "180",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/reports/view?filter=794"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 05:54 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?filter=794 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 414.9574,
+ "StatusCode": 200
+ },
+ "LookupId": "e828147f-3ab2-5265-8c52-bc369362ff50",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in Form Field issue.
Fix the Insecure Direct Object Reference in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinFormField",
+ "Url": "https://shop.testsparker.com/reports/view?filter=794"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "83",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Deserialization in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/files/download"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 03:17 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 315.9156,
+ "StatusCode": 200
+ },
+ "LookupId": "9ce8836a-7e1d-5cf6-90c7-e8d95190302a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in Cookie issue.
Fix the Insecure Deserialization in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InsecureDeserializationinCookie",
+ "Url": "http://blog.testsparker.com/files/download"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "39",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a SQL Injection in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/upload.php"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 04:56 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 273.3978,
+ "StatusCode": 200
+ },
+ "LookupId": "c64cd03f-6cf9-5af9-b568-cba4a486a664",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in Cookie issue.
Fix the SQL Injection in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "SQLInjectioninCookie",
+ "Url": "https://docs.testsparker.com/upload.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "541",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/api/v2/webhook"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 12:44 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 108.564,
+ "StatusCode": 200
+ },
+ "LookupId": "b7f97952-62b3-52d7-824f-4443f515db40",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy issue.
Fix the Missing Content-Security-Policy vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "MissingContent-Security-Policy",
+ "Url": "http://api.testsparker.com/api/v2/webhook"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "234",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Mass Assignment in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/contact"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 12:01 AM",
+ "HttpRequest": {
+ "Content": "GET /contact HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 298.9495,
+ "StatusCode": 200
+ },
+ "LookupId": "3b4bb46a-f8df-5555-b9cf-26f2bbde8283",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in XML Input issue.
Fix the Mass Assignment in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "MassAssignmentinXMLInput",
+ "Url": "https://docs.testsparker.com/contact"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "232",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/files/upload"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 06:32 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 157.2788,
+ "StatusCode": 200
+ },
+ "LookupId": "d2277a30-b79e-5d34-811f-937ef538b857",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in URL Path via POST Request issue.
Fix the Cookie Not Marked as Secure in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinURLPathviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/files/upload"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "201",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a SQL Injection in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/api/v2/webhook?ref=299"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 12:54 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?ref=299 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 292.0842,
+ "StatusCode": 200
+ },
+ "LookupId": "c5ee9386-67e2-5f97-b467-c49d04c38f6f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in Form Field via POST Request issue.
Fix the SQL Injection in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "SQLInjectioninFormFieldviaPOSTRequest",
+ "Url": "http://api.testsparker.com/api/v2/webhook?ref=299"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "277",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a SQL Injection in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/profile.php?token=284"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 12:44 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php?token=284 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 85.1145,
+ "StatusCode": 200
+ },
+ "LookupId": "feb09524-ccae-50bc-b4a6-572307c5cced",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in Cookie via POST Request issue.
Fix the SQL Injection in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "SQLInjectioninCookieviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/profile.php?token=284"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "427",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "34"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CSRF in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/cart.php?q=826"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 04:16 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php?q=826 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 109.635,
+ "StatusCode": 200
+ },
+ "LookupId": "9563808d-a5e9-5cd9-8323-36ffff5a62c4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in URL Path issue.
Fix the CSRF in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CSRFinURLPath",
+ "Url": "https://portal.testsparker.com/cart.php?q=826"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "134",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "46"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Directory Traversal in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/cart.php?ref=1"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 06:03 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php?ref=1 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 20.7373,
+ "StatusCode": 200
+ },
+ "LookupId": "9ab8f5b3-3b08-53e8-a2b6-99e88435c273",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in XML Input issue.
Fix the Directory Traversal in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "DirectoryTraversalinXMLInput",
+ "Url": "https://portal.testsparker.com/cart.php?ref=1"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "138",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Path Disclosure in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/admin/config"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 06:14 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/config HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 296.1415,
+ "StatusCode": 200
+ },
+ "LookupId": "33c227d8-9c65-5ed6-91d8-63d7485f496e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in JSON Payload via POST Request issue.
Fix the Path Disclosure in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "PathDisclosureinJSONPayloadviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/admin/config"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "468",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "24"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Path Disclosure in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/admin/users?page=858"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 06:52 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users?page=858 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 237.467,
+ "StatusCode": 200
+ },
+ "LookupId": "7b77e932-0248-5a3c-a2cf-ef38a669c90c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in XML Input issue.
Fix the Path Disclosure in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "PathDisclosureinXMLInput",
+ "Url": "http://app1.testsparker.com/admin/users?page=858"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "518",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "15"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Email Header Injection in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/contact?id=401"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 04:21 AM",
+ "HttpRequest": {
+ "Content": "GET /contact?id=401 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 332.426,
+ "StatusCode": 200
+ },
+ "LookupId": "75b2f97f-106f-54d7-88af-a16461dd9c23",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in JSON Payload via PUT Request issue.
Fix the Email Header Injection in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninJSONPayloadviaPUTRequest",
+ "Url": "http://api.testsparker.com/contact?id=401"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "44",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Integer Overflow in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/reports/export"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 04:46 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 98.4513,
+ "StatusCode": 200
+ },
+ "LookupId": "b654e9a5-d4eb-544b-a072-6f240842486e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in URL Path via PUT Request issue.
Fix the Integer Overflow in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "IntegerOverflowinURLPathviaPUTRequest",
+ "Url": "http://api.testsparker.com/reports/export"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "604",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a LDAP Injection in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/api/v1/orders"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 07:11 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 213.3188,
+ "StatusCode": 200
+ },
+ "LookupId": "0539b51d-e23f-5e2c-b2d2-721c079cf6d4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in URL Path via POST Request issue.
Fix the LDAP Injection in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "LDAPInjectioninURLPathviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/api/v1/orders"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "492",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a SQL Injection in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/files/list?type=259"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 08:13 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?type=259 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 58.533,
+ "StatusCode": 200
+ },
+ "LookupId": "cdf30f1d-553a-5ff3-a3ef-965bc6b281f1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in Form Field issue.
Fix the SQL Injection in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "SQLInjectioninFormField",
+ "Url": "http://blog.testsparker.com/files/list?type=259"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "135",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Version Disclosure in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/account/billing?action=668"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 07:02 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing?action=668 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 446.4332,
+ "StatusCode": 200
+ },
+ "LookupId": "cff02a7b-22aa-554a-8eeb-7d53dc09d455",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in File Name via POST Request issue.
Fix the Version Disclosure in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "VersionDisclosureinFileNameviaPOSTRequest",
+ "Url": "http://api.testsparker.com/account/billing?action=668"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "557",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Version Disclosure in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/reports/export"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 02:56 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 449.441,
+ "StatusCode": 200
+ },
+ "LookupId": "380ea791-e3ef-57b1-a4ce-ef9b86d434f8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in POST Body via PUT Request issue.
Fix the Version Disclosure in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "VersionDisclosureinPOSTBodyviaPUTRequest",
+ "Url": "https://docs.testsparker.com/reports/export"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "256",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Password Policy in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/api/v2/webhook?action=754"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 08:11 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?action=754 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 225.0904,
+ "StatusCode": 200
+ },
+ "LookupId": "569fdb09-6bda-5a0e-9faf-90b2e64351cf",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in Form Field via POST Request issue.
Fix the Weak Password Policy in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinFormFieldviaPOSTRequest",
+ "Url": "http://api.testsparker.com/api/v2/webhook?action=754"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "138",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/blog/edit.php"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 03:30 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 252.2293,
+ "StatusCode": 200
+ },
+ "LookupId": "84048195-cfe5-5908-becd-a07b22b46078",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in XML Input via POST Request issue.
Fix the Server-Side Request Forgery in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinXMLInputviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/blog/edit.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "693",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/payment.php?q=410"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 04:04 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php?q=410 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 318.4884,
+ "StatusCode": 200
+ },
+ "LookupId": "fa943752-7764-560a-b175-a6ee35d585ba",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in Form Field via POST Request issue.
Fix the Cookie Not Marked as HttpOnly in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinFormFieldviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/payment.php?q=410"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "364",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Command Injection in XML Input via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/admin/dashboard?page=985"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 10:26 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?page=985 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 495.9339,
+ "StatusCode": 200
+ },
+ "LookupId": "1c27b709-9df5-59f1-8479-5b4c4d5cccfd",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in XML Input via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in XML Input via PUT Request issue.
Fix the Command Injection in XML Input via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CommandInjectioninXMLInputviaPUTRequest",
+ "Url": "http://blog.testsparker.com/admin/dashboard?page=985"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "152",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "44"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/reports/view?name=235"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 07:56 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?name=235 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 269.0802,
+ "StatusCode": 200
+ },
+ "LookupId": "d6213930-46d5-5fc4-8378-e8fe34715dff",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in JSON Payload via PUT Request issue.
Fix the CORS Misconfiguration in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinJSONPayloadviaPUTRequest",
+ "Url": "http://app1.testsparker.com/reports/view?name=235"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "97",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CSRF in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/admin/users?ref=747"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 07:24 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users?ref=747 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 351.2434,
+ "StatusCode": 200
+ },
+ "LookupId": "6d89dee2-48f4-5b41-ad02-5bcda20f4220",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in JSON Payload via PUT Request issue.
Fix the CSRF in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CSRFinJSONPayloadviaPUTRequest",
+ "Url": "http://api.testsparker.com/admin/users?ref=747"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "524",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Directory Traversal in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v2/export"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 11:14 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 233.8081,
+ "StatusCode": 200
+ },
+ "LookupId": "389e483f-956a-528a-bb78-b64e60d77794",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in Form Field issue.
Fix the Directory Traversal in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "DirectoryTraversalinFormField",
+ "Url": "https://app2.testsparker.com/api/v2/export"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "401",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a LDAP Injection in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v1/orders"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 01:53 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 428.0031,
+ "StatusCode": 200
+ },
+ "LookupId": "928a7fe5-52de-5aae-8955-8dfd33c84580",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in POST Body issue.
Fix the LDAP Injection in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "LDAPInjectioninPOSTBody",
+ "Url": "http://blog.testsparker.com/api/v1/orders"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "526",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/checkout.php?id=62"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 10:56 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php?id=62 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 275.1604,
+ "StatusCode": 200
+ },
+ "LookupId": "7fc914ca-a340-513c-b4a2-f922e5f370db",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in JSON Payload via POST Request issue.
Fix the Cookie Not Marked as Secure in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinJSONPayloadviaPOSTRequest",
+ "Url": "http://api.testsparker.com/checkout.php?id=62"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "145",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XML External Entity in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v2/search"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 01:30 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 394.9907,
+ "StatusCode": 200
+ },
+ "LookupId": "03dc7d6d-e0f8-57c4-b521-8856a410a9a0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in POST Body via PUT Request issue.
Fix the XML External Entity in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "XMLExternalEntityinPOSTBodyviaPUTRequest",
+ "Url": "http://app1.testsparker.com/api/v2/search"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "42",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Clickjacking in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/help"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 07:49 AM",
+ "HttpRequest": {
+ "Content": "GET /help HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 141.9869,
+ "StatusCode": 200
+ },
+ "LookupId": "2b9a92fd-d41b-5f2c-83f2-e5f20476d1fe",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in Cookie via PUT Request issue.
Fix the Clickjacking in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "ClickjackinginCookieviaPUTRequest",
+ "Url": "http://admin.testsparker.com/help"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "284",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cross-site Scripting in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v1/users?ref=221"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 07:58 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users?ref=221 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 98.8176,
+ "StatusCode": 200
+ },
+ "LookupId": "ed7454d6-e7bf-58f2-ad92-e6c823c49977",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in Header via PUT Request issue.
Fix the Cross-site Scripting in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginHeaderviaPUTRequest",
+ "Url": "https://portal.testsparker.com/api/v1/users?ref=221"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "621",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/checkout.php"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 02:05 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 210.1664,
+ "StatusCode": 200
+ },
+ "LookupId": "966ede57-d876-5d54-8b8d-a59e4a5c1ddd",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in POST Body via PUT Request issue.
Fix the Cookie Not Marked as HttpOnly in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinPOSTBodyviaPUTRequest",
+ "Url": "http://api.testsparker.com/checkout.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "185",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "2"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Integer Overflow in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/search?q=676"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 10:42 AM",
+ "HttpRequest": {
+ "Content": "GET /search?q=676 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 94.447,
+ "StatusCode": 200
+ },
+ "LookupId": "13edca56-a5c1-5542-8c22-1725df18d937",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in JSON Payload via PUT Request issue.
Fix the Integer Overflow in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "IntegerOverflowinJSONPayloadviaPUTRequest",
+ "Url": "https://portal.testsparker.com/search?q=676"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "18",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "24"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Deserialization vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/admin/dashboard?page=763"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 12:53 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?page=763 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 13.6445,
+ "StatusCode": 200
+ },
+ "LookupId": "7aab2ad8-4fb4-5def-96c8-44bf999c59a8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization issue.
Fix the Insecure Deserialization vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InsecureDeserialization",
+ "Url": "https://docs.testsparker.com/admin/dashboard?page=763"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "46",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/contact?name=791"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 11:11 AM",
+ "HttpRequest": {
+ "Content": "GET /contact?name=791 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 416.888,
+ "StatusCode": 200
+ },
+ "LookupId": "6832dd0e-b9cb-5f14-8679-8a762fdbd9b5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in Cookie issue.
Fix the Insecure Direct Object Reference in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinCookie",
+ "Url": "https://app2.testsparker.com/contact?name=791"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "75",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "33"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v2/webhook"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 06:08 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 207.1356,
+ "StatusCode": 200
+ },
+ "LookupId": "822df789-5a13-5a8d-a48d-fdf0f597da26",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in POST Body via PUT Request issue.
Fix the Missing Content-Security-Policy in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinPOSTBodyviaPUTRequest",
+ "Url": "https://app2.testsparker.com/api/v2/webhook"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "86",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Race Condition in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v2/search?page=886"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 12:53 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?page=886 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 287.6532,
+ "StatusCode": 200
+ },
+ "LookupId": "3021f559-2462-5b16-8364-dd464b4d8527",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in POST Body via PUT Request issue.
Fix the Race Condition in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "RaceConditioninPOSTBodyviaPUTRequest",
+ "Url": "https://app2.testsparker.com/api/v2/search?page=886"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "618",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Broken Authentication in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/cart.php?q=103"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 04:48 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php?q=103 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 216.7308,
+ "StatusCode": 200
+ },
+ "LookupId": "46cf11a1-5172-54cf-bd82-30cbfd80a939",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in File Name issue.
Fix the Broken Authentication in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinFileName",
+ "Url": "https://app2.testsparker.com/cart.php?q=103"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "646",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a SQL Injection in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/files/list?type=259"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 02:42 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?type=259 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 264.9515,
+ "StatusCode": 200
+ },
+ "LookupId": "5e9c9ac4-3016-5335-a179-251a42d7d468",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in Form Field issue.
Fix the SQL Injection in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "SQLInjectioninFormField",
+ "Url": "http://blog.testsparker.com/files/list?type=259"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "8",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "34"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v1/orders?type=419"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 01:24 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders?type=419 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 330.7276,
+ "StatusCode": 200
+ },
+ "LookupId": "6db641f9-b3bd-58e5-a56d-9bf95cb1550a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in File Name issue.
Fix the Missing X-Frame-Options in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinFileName",
+ "Url": "https://portal.testsparker.com/api/v1/orders?type=419"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "513",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Path Disclosure in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v1/products?type=509"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 02:28 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products?type=509 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 219.4808,
+ "StatusCode": 200
+ },
+ "LookupId": "d734ffcb-2cac-58f0-8cf0-951828d6560c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in Query Parameter via PUT Request issue.
Fix the Path Disclosure in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "PathDisclosureinQueryParameterviaPUTRequest",
+ "Url": "http://blog.testsparker.com/api/v1/products?type=509"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "244",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Session Fixation in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v2/webhook?filter=761"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 07:05 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?filter=761 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 444.725,
+ "StatusCode": 200
+ },
+ "LookupId": "d713e64f-e20a-536c-a1c9-db0ace75acab",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in Form Field via POST Request issue.
Fix the Session Fixation in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "SessionFixationinFormFieldviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/api/v2/webhook?filter=761"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "335",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Unvalidated Redirect vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/admin/dashboard?page=487"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 06:53 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?page=487 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 363.0456,
+ "StatusCode": 200
+ },
+ "LookupId": "b299ea76-e311-50a2-924d-70e6cd66fafd",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect issue.
Fix the Unvalidated Redirect vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "UnvalidatedRedirect",
+ "Url": "https://portal.testsparker.com/admin/dashboard?page=487"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "520",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/auth/register.php?action=695"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 05:09 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?action=695 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 440.3066,
+ "StatusCode": 200
+ },
+ "LookupId": "12964b45-5e01-5d26-8734-6bf2fdfd8ed2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in Header issue.
Fix the Server-Side Request Forgery in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinHeader",
+ "Url": "http://api.testsparker.com/auth/register.php?action=695"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "134",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Remote Code Execution in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/download.php?token=258"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 01:53 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?token=258 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 189.7496,
+ "StatusCode": 200
+ },
+ "LookupId": "7ea0da50-383d-54fd-9bf1-fc14fc536dea",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in Header via POST Request issue.
Fix the Remote Code Execution in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninHeaderviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/download.php?token=258"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "12",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/admin/logs"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 12:01 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 50.9806,
+ "StatusCode": 200
+ },
+ "LookupId": "ea7cf73f-067a-5882-9199-27de3b9688eb",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in Form Field via POST Request issue.
Fix the Cookie Not Marked as Secure in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinFormFieldviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/admin/logs"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "381",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/reports/generate?token=848"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 02:06 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?token=848 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 48.1262,
+ "StatusCode": 200
+ },
+ "LookupId": "2661891c-e2b8-50bb-9ca1-a8734a45ca86",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in File Name via POST Request issue.
Fix the Insecure HTTP Method in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinFileNameviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/reports/generate?token=848"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "403",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Race Condition in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v2/export"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 05:20 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 297.7321,
+ "StatusCode": 200
+ },
+ "LookupId": "e78b4750-d29d-543e-ab72-46aac3b7c1e6",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in Header via POST Request issue.
Fix the Race Condition in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "RaceConditioninHeaderviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/api/v2/export"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "124",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "15"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/blog/edit.php"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 01:37 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 281.4215,
+ "StatusCode": 200
+ },
+ "LookupId": "5786e2a0-2cfa-50b5-ba66-9c8b1df79eb2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options issue.
Fix the Missing X-Frame-Options vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "MissingX-Frame-Options",
+ "Url": "http://admin.testsparker.com/blog/edit.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "484",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cleartext Transmission in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/admin/logs"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 12:18 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 413.2901,
+ "StatusCode": 200
+ },
+ "LookupId": "7c2faa3d-8acb-54b4-b6c2-f8618cd4cd3f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in Cookie via POST Request issue.
Fix the Cleartext Transmission in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CleartextTransmissioninCookieviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/admin/logs"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "303",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "27"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a LDAP Injection in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/blog/edit.php"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 12:02 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 295.6816,
+ "StatusCode": 200
+ },
+ "LookupId": "bab62de0-7f14-5bac-9844-16079c048dd9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in XML Input issue.
Fix the LDAP Injection in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "LDAPInjectioninXMLInput",
+ "Url": "http://app1.testsparker.com/blog/edit.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "82",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Directory Traversal in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v1/orders?q=559"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 08:38 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders?q=559 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 361.6548,
+ "StatusCode": 200
+ },
+ "LookupId": "ea1816c7-bb9f-5b0f-b529-5c6418c2fd5a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in Header issue.
Fix the Directory Traversal in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "DirectoryTraversalinHeader",
+ "Url": "http://blog.testsparker.com/api/v1/orders?q=559"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "262",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Open Redirect in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/files/upload?name=819"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 01:24 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload?name=819 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 403.6717,
+ "StatusCode": 200
+ },
+ "LookupId": "0b3087bd-0774-5d9b-983c-7ce5b8241203",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in URL Path via PUT Request issue.
Fix the Open Redirect in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "OpenRedirectinURLPathviaPUTRequest",
+ "Url": "https://shop.testsparker.com/files/upload?name=819"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "593",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Email Header Injection in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v2/search?type=231"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 02:45 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?type=231 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 215.9099,
+ "StatusCode": 200
+ },
+ "LookupId": "b3c55683-8633-59e3-bdd4-6468db286799",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in Query Parameter via PUT Request issue.
Fix the Email Header Injection in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninQueryParameterviaPUTRequest",
+ "Url": "http://app1.testsparker.com/api/v2/search?type=231"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "491",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CSRF in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/files/upload?token=360"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 08:04 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload?token=360 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 401.6053,
+ "StatusCode": 200
+ },
+ "LookupId": "c4c8957d-b66c-5875-a84c-d1d59291e44c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in XML Input issue.
Fix the CSRF in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CSRFinXMLInput",
+ "Url": "http://api.testsparker.com/files/upload?token=360"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "233",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/account/security?page=529"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 11:53 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?page=529 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 351.671,
+ "StatusCode": 200
+ },
+ "LookupId": "962c24f6-5d20-5a46-8a18-84b497306e7c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in File Name issue.
Fix the Server-Side Request Forgery in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinFileName",
+ "Url": "https://app2.testsparker.com/account/security?page=529"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "123",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Version Disclosure in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/profile.php"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 10:56 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 426.5753,
+ "StatusCode": 200
+ },
+ "LookupId": "6574377a-a0e2-5792-b517-4de08c8da08b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in Multipart Data via POST Request issue.
Fix the Version Disclosure in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "VersionDisclosureinMultipartDataviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/profile.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "529",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/auth/reset.php?page=182"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 11:04 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php?page=182 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 205.8573,
+ "StatusCode": 200
+ },
+ "LookupId": "b39aa47b-cd14-5862-a58c-3f5290dcae01",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in URL Path via PUT Request issue.
Fix the Cookie Not Marked as HttpOnly in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinURLPathviaPUTRequest",
+ "Url": "https://shop.testsparker.com/auth/reset.php?page=182"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "193",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "2"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Directory Traversal in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/settings.php?ref=633"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 09:01 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?ref=633 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 101.1094,
+ "StatusCode": 200
+ },
+ "LookupId": "289559c3-9134-500b-a66a-980c3018bc44",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in Multipart Data issue.
Fix the Directory Traversal in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "DirectoryTraversalinMultipartData",
+ "Url": "http://api.testsparker.com/settings.php?ref=633"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "618",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Command Injection in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/files/download?token=103"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 02:52 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?token=103 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 16.6405,
+ "StatusCode": 200
+ },
+ "LookupId": "d9d67e65-d67f-5330-b050-f931d13d6629",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in File Name via POST Request issue.
Fix the Command Injection in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CommandInjectioninFileNameviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/files/download?token=103"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "510",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/api/v1/orders"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 11:16 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 235.1895,
+ "StatusCode": 200
+ },
+ "LookupId": "69d6df5d-2ed2-5fcb-a848-953ac6c48d83",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in POST Body issue.
Fix the HTTP Response Splitting in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginPOSTBody",
+ "Url": "http://api.testsparker.com/api/v1/orders"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "635",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "17"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HSTS Missing in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/admin/users?name=537"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 07:05 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users?name=537 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 192.7953,
+ "StatusCode": 200
+ },
+ "LookupId": "f1763054-99d2-5cd5-b6cd-d680d75a3e24",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in URL Path issue.
Fix the HSTS Missing in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "HSTSMissinginURLPath",
+ "Url": "http://blog.testsparker.com/admin/users?name=537"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "579",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Email Header Injection in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/files/list?token=298"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 09:56 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?token=298 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 161.7007,
+ "StatusCode": 200
+ },
+ "LookupId": "4988e79f-172e-5002-ae25-117f22b24699",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in Cookie via POST Request issue.
Fix the Email Header Injection in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninCookieviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/files/list?token=298"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "381",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Path Disclosure in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/admin/config?filter=536"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 02:49 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/config?filter=536 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 450.9497,
+ "StatusCode": 200
+ },
+ "LookupId": "ea561356-735b-5de3-81ae-aa9aed0fc7c7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in JSON Payload issue.
Fix the Path Disclosure in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "PathDisclosureinJSONPayload",
+ "Url": "http://app1.testsparker.com/admin/config?filter=536"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "301",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v1/orders?page=680"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 11:00 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders?page=680 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 66.2138,
+ "StatusCode": 200
+ },
+ "LookupId": "7c612165-d0b8-57f4-bcfd-a093a65bba6d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in Form Field issue.
Fix the CORS Misconfiguration in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinFormField",
+ "Url": "http://blog.testsparker.com/api/v1/orders?page=680"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "628",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "34"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Version Disclosure in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/profile.php"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 03:20 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 371.0659,
+ "StatusCode": 200
+ },
+ "LookupId": "9d4b5167-a96e-5a43-af5a-91c12b879514",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in Header via POST Request issue.
Fix the Version Disclosure in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "VersionDisclosureinHeaderviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/profile.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "420",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CSRF in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/auth/register.php?page=457"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 04:57 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?page=457 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 241.8819,
+ "StatusCode": 200
+ },
+ "LookupId": "df9a760f-808b-5f28-96ca-258f5b04d7d4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in Cookie via POST Request issue.
Fix the CSRF in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CSRFinCookieviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/auth/register.php?page=457"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "186",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/admin/users?sort=944"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 03:47 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users?sort=944 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 320.2543,
+ "StatusCode": 200
+ },
+ "LookupId": "44f0ffd9-88d0-5c21-bf08-67c31c916c9f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in Cookie issue.
Fix the Missing X-Frame-Options in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinCookie",
+ "Url": "http://app1.testsparker.com/admin/users?sort=944"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "385",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CSRF in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v1/orders?filter=511"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 12:38 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders?filter=511 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 494.3902,
+ "StatusCode": 200
+ },
+ "LookupId": "6cc020bb-c65a-53d4-a59e-bcd60c6a313d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in XML Input via POST Request issue.
Fix the CSRF in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CSRFinXMLInputviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/api/v1/orders?filter=511"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "619",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Mass Assignment in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v1/products"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 09:18 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 120.6636,
+ "StatusCode": 200
+ },
+ "LookupId": "a03ce5d2-4371-535d-a5d6-deb841218d0d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in Cookie issue.
Fix the Mass Assignment in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "MassAssignmentinCookie",
+ "Url": "https://shop.testsparker.com/api/v1/products"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "517",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "46"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/blog/edit.php?sort=883"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 01:47 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php?sort=883 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 416.8232,
+ "StatusCode": 200
+ },
+ "LookupId": "8883576c-adde-51ad-a483-da6f4bc2cba4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in POST Body via PUT Request issue.
Fix the HTTP Response Splitting in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginPOSTBodyviaPUTRequest",
+ "Url": "http://blog.testsparker.com/blog/edit.php?sort=883"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "470",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Deserialization in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v2/export"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 09:32 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 172.3275,
+ "StatusCode": 200
+ },
+ "LookupId": "61a3d75f-bf65-5e70-9c1f-9d22af078766",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in Cookie via POST Request issue.
Fix the Insecure Deserialization in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InsecureDeserializationinCookieviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/api/v2/export"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "626",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "38"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/reports/generate?ref=541"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 06:54 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?ref=541 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 234.3517,
+ "StatusCode": 200
+ },
+ "LookupId": "7f315a7e-3d76-5431-82d3-f9203a1c0293",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in URL Path issue.
Fix the Insecure Direct Object Reference in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinURLPath",
+ "Url": "https://portal.testsparker.com/reports/generate?ref=541"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "200",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "33"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XML External Entity in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/upload.php"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 07:27 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 353.3166,
+ "StatusCode": 200
+ },
+ "LookupId": "6019f025-0b51-57a3-9a1f-ebef715bd959",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in XML Input issue.
Fix the XML External Entity in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "XMLExternalEntityinXMLInput",
+ "Url": "http://blog.testsparker.com/upload.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "618",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Information Disclosure in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 08:57 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 452.4126,
+ "StatusCode": 200
+ },
+ "LookupId": "f66458b2-fad4-5874-98be-98e29363a66c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in URL Path via PUT Request issue.
Fix the Information Disclosure in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InformationDisclosureinURLPathviaPUTRequest",
+ "Url": "https://docs.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "141",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 02:47 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 398.7269,
+ "StatusCode": 200
+ },
+ "LookupId": "5a8754a2-fd31-5827-9c34-9c6990ae5dd8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in POST Body via PUT Request issue.
Fix the Insecure HTTP Method in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinPOSTBodyviaPUTRequest",
+ "Url": "https://app2.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "530",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "34"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/dashboard"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 08:40 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 373.4262,
+ "StatusCode": 200
+ },
+ "LookupId": "eef582fd-318e-552f-b328-b29b89b2a06c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in Query Parameter issue.
Fix the Insecure Direct Object Reference in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinQueryParameter",
+ "Url": "https://app2.testsparker.com/admin/dashboard"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "264",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Email Header Injection in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v2/search?type=231"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 04:56 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?type=231 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 478.5266,
+ "StatusCode": 200
+ },
+ "LookupId": "4d43ac17-98e9-56f3-b508-01c2f184fc2f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in Query Parameter via PUT Request issue.
Fix the Email Header Injection in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninQueryParameterviaPUTRequest",
+ "Url": "http://app1.testsparker.com/api/v2/search?type=231"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "278",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "24"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Buffer Overflow in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/download.php?sort=728"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 03:11 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?sort=728 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 428.5638,
+ "StatusCode": 200
+ },
+ "LookupId": "82c4c0eb-e229-5580-941b-686af0d8e69e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in File Name issue.
Fix the Buffer Overflow in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "BufferOverflowinFileName",
+ "Url": "https://portal.testsparker.com/download.php?sort=728"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "242",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "12"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Directory Traversal in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/admin/dashboard"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 02:09 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 301.8166,
+ "StatusCode": 200
+ },
+ "LookupId": "b418af91-0867-528f-a17b-77c682613afc",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in POST Body via POST Request issue.
Fix the Directory Traversal in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "DirectoryTraversalinPOSTBodyviaPOSTRequest",
+ "Url": "http://api.testsparker.com/admin/dashboard"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "375",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "44"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/help"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 08:49 AM",
+ "HttpRequest": {
+ "Content": "GET /help HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 45.766,
+ "StatusCode": 200
+ },
+ "LookupId": "762f3a2a-4908-58c5-8157-7f3c57731ed2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in JSON Payload issue.
Fix the Insecure HTTP Method in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinJSONPayload",
+ "Url": "http://app1.testsparker.com/help"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "199",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Information Disclosure in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/reports/export"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 11:50 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 67.7836,
+ "StatusCode": 200
+ },
+ "LookupId": "f011e862-d29c-5aa5-ab5c-5c1723844276",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in Query Parameter issue.
Fix the Information Disclosure in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InformationDisclosureinQueryParameter",
+ "Url": "https://docs.testsparker.com/reports/export"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "685",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "17"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Information Disclosure in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/upload.php?q=108"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 01:33 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php?q=108 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 122.3182,
+ "StatusCode": 200
+ },
+ "LookupId": "ec244aa7-0c6e-5cca-9a3a-c5c8929d3daa",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in JSON Payload via POST Request issue.
Fix the Information Disclosure in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InformationDisclosureinJSONPayloadviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/upload.php?q=108"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "357",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a LDAP Injection in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/cart.php"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 07:18 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 307.5152,
+ "StatusCode": 200
+ },
+ "LookupId": "61d2e824-7b3a-52b4-bc8e-989c8813092b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in XML Input via POST Request issue.
Fix the LDAP Injection in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "LDAPInjectioninXMLInputviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/cart.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "644",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "33"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cleartext Transmission in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/auth/login.php?id=945"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 12:25 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php?id=945 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 50.3896,
+ "StatusCode": 200
+ },
+ "LookupId": "35ae137a-6c19-579e-b003-79b2975c3da7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in JSON Payload issue.
Fix the Cleartext Transmission in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CleartextTransmissioninJSONPayload",
+ "Url": "https://app2.testsparker.com/auth/login.php?id=945"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "700",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CSRF in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/blog/edit.php?type=850"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 07:12 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php?type=850 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 321.8443,
+ "StatusCode": 200
+ },
+ "LookupId": "284f8722-5683-5f33-85aa-fb785f8e9e30",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in Header via PUT Request issue.
Fix the CSRF in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CSRFinHeaderviaPUTRequest",
+ "Url": "http://api.testsparker.com/blog/edit.php?type=850"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "175",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cross-site Scripting in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/products.php?token=114"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 10:08 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php?token=114 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 375.527,
+ "StatusCode": 200
+ },
+ "LookupId": "ad9678eb-613d-5dc3-acc0-e576a346e2cd",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in JSON Payload via POST Request issue.
Fix the Cross-site Scripting in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginJSONPayloadviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/products.php?token=114"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "699",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/reports/export?filter=619"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 11:25 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export?filter=619 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 195.4335,
+ "StatusCode": 200
+ },
+ "LookupId": "3fd86786-1a4d-5c2f-8cfb-cb36bacf6396",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in XML Input via POST Request issue.
Fix the CORS Misconfiguration in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinXMLInputviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/reports/export?filter=619"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "541",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "15"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cleartext Transmission in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/reports/export"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 12:56 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 287.7242,
+ "StatusCode": 200
+ },
+ "LookupId": "08e2b367-f53f-5631-96dc-29ccc2520c9d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in URL Path issue.
Fix the Cleartext Transmission in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CleartextTransmissioninURLPath",
+ "Url": "https://app2.testsparker.com/reports/export"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "313",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a LDAP Injection in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/products.php?type=31"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 11:53 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php?type=31 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 183.7846,
+ "StatusCode": 200
+ },
+ "LookupId": "34cb7905-049e-5afb-9fcc-6d340958b07d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in JSON Payload via POST Request issue.
Fix the LDAP Injection in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "LDAPInjectioninJSONPayloadviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/products.php?type=31"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "370",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Broken Authentication in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/cart.php"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 03:37 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 470.432,
+ "StatusCode": 200
+ },
+ "LookupId": "5b52610b-bd0c-5be5-a849-28979060512c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in URL Path via PUT Request issue.
Fix the Broken Authentication in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinURLPathviaPUTRequest",
+ "Url": "http://api.testsparker.com/cart.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "588",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a NoSQL Injection in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/files/download?filter=558"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 09:06 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?filter=558 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 412.7913,
+ "StatusCode": 200
+ },
+ "LookupId": "d3241c65-100b-5d0d-bd62-ed24adb8a13d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in Query Parameter issue.
Fix the NoSQL Injection in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "NoSQLInjectioninQueryParameter",
+ "Url": "http://blog.testsparker.com/files/download?filter=558"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "100",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Clickjacking in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/checkout.php?action=622"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 02:31 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php?action=622 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 56.1159,
+ "StatusCode": 200
+ },
+ "LookupId": "1179ca3d-64e3-55d8-a4dc-dcbe95923084",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in File Name via POST Request issue.
Fix the Clickjacking in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "ClickjackinginFileNameviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/checkout.php?action=622"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "518",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "24"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Broken Authentication in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/auth/login.php?page=70"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 11:42 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php?page=70 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 467.6128,
+ "StatusCode": 200
+ },
+ "LookupId": "2b367db8-7c03-547c-b3d1-92650f546e2e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in URL Path issue.
Fix the Broken Authentication in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinURLPath",
+ "Url": "http://app1.testsparker.com/auth/login.php?page=70"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "508",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/search?filter=660"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 02:12 AM",
+ "HttpRequest": {
+ "Content": "GET /search?filter=660 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 116.9443,
+ "StatusCode": 200
+ },
+ "LookupId": "4660505f-22cd-5b33-9e64-82357d7cfebc",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in XML Input via POST Request issue.
Fix the Cookie Not Marked as HttpOnly in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinXMLInputviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/search?filter=660"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "397",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Version Disclosure in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/auth/register.php"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 01:02 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 231.9256,
+ "StatusCode": 200
+ },
+ "LookupId": "cc8717be-2573-585e-975e-72985d670c62",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in POST Body via POST Request issue.
Fix the Version Disclosure in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "VersionDisclosureinPOSTBodyviaPOSTRequest",
+ "Url": "http://api.testsparker.com/auth/register.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "422",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "22"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Directory Traversal in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/settings.php?id=893"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 10:42 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?id=893 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 351.4632,
+ "StatusCode": 200
+ },
+ "LookupId": "e49aff08-d3de-555a-8768-db159cd1fe55",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in Cookie via POST Request issue.
Fix the Directory Traversal in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "DirectoryTraversalinCookieviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/settings.php?id=893"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "377",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Directory Traversal in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v1/orders"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 02:31 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 324.2906,
+ "StatusCode": 200
+ },
+ "LookupId": "a0330570-9453-50ef-ac44-785733d8852d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in Form Field via POST Request issue.
Fix the Directory Traversal in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "DirectoryTraversalinFormFieldviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/api/v1/orders"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "240",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Version Disclosure in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v1/orders?sort=972"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 05:35 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders?sort=972 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 176.9711,
+ "StatusCode": 200
+ },
+ "LookupId": "2becb35a-5b24-55e9-9e17-dc13c1f19a0f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in Cookie via POST Request issue.
Fix the Version Disclosure in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "VersionDisclosureinCookieviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/api/v1/orders?sort=972"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "317",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "29"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Deserialization in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/admin/dashboard?q=184"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 03:07 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?q=184 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 450.2855,
+ "StatusCode": 200
+ },
+ "LookupId": "45dd13b5-17cd-519b-83fa-14707e8fd55d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in Query Parameter issue.
Fix the Insecure Deserialization in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "InsecureDeserializationinQueryParameter",
+ "Url": "https://shop.testsparker.com/admin/dashboard?q=184"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "47",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Broken Authentication in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/contact?sort=695"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 04:19 AM",
+ "HttpRequest": {
+ "Content": "GET /contact?sort=695 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 473.2088,
+ "StatusCode": 200
+ },
+ "LookupId": "5285928d-3485-5596-9d11-b9a9ea2b4b41",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in Cookie issue.
Fix the Broken Authentication in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinCookie",
+ "Url": "https://app2.testsparker.com/contact?sort=695"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "228",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/dashboard?action=446"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 07:59 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?action=446 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 492.3796,
+ "StatusCode": 200
+ },
+ "LookupId": "5d2b2ddc-7d8a-5c81-93dd-5652b985af1c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in File Name issue.
Fix the File Upload Vulnerability in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinFileName",
+ "Url": "https://app2.testsparker.com/admin/dashboard?action=446"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "683",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XPath Injection in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/profile.php"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 02:45 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 404.9358,
+ "StatusCode": 200
+ },
+ "LookupId": "f230979e-79cb-5017-8929-f130e90de539",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in URL Path via PUT Request issue.
Fix the XPath Injection in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "XPathInjectioninURLPathviaPUTRequest",
+ "Url": "http://admin.testsparker.com/profile.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "258",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "36"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Clickjacking in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/reports/view?q=739"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 12:39 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?q=739 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 301.0526,
+ "StatusCode": 200
+ },
+ "LookupId": "9eeab453-df13-547f-b5df-8f67d94c0b89",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in URL Path via PUT Request issue.
Fix the Clickjacking in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "ClickjackinginURLPathviaPUTRequest",
+ "Url": "http://blog.testsparker.com/reports/view?q=739"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "518",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XPath Injection in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 10:36 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 40.5186,
+ "StatusCode": 200
+ },
+ "LookupId": "3129215b-c4df-5d6c-bc15-300d92d3f372",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in JSON Payload issue.
Fix the XPath Injection in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "XPathInjectioninJSONPayload",
+ "Url": "https://shop.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "548",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/download.php?id=930"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 07:56 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?id=930 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 420.4264,
+ "StatusCode": 200
+ },
+ "LookupId": "73967a44-fdc9-504d-ba66-f7d410244654",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in Header issue.
Fix the HTTP Response Splitting in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginHeader",
+ "Url": "http://admin.testsparker.com/download.php?id=930"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "14",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "22"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CSRF in XML Input via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v1/products?page=798"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 10:40 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products?page=798 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 483.1657,
+ "StatusCode": 200
+ },
+ "LookupId": "2feb0d29-5f0d-5876-be6a-2fecc774ea89",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in XML Input via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in XML Input via PUT Request issue.
Fix the CSRF in XML Input via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CSRFinXMLInputviaPUTRequest",
+ "Url": "https://shop.testsparker.com/api/v1/products?page=798"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "576",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "40"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/files/download"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 11:37 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 409.0826,
+ "StatusCode": 200
+ },
+ "LookupId": "ea3e9608-7c0a-525d-b7c0-63a64a14dfc7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in XML Input issue.
Fix the Server-Side Request Forgery in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinXMLInput",
+ "Url": "http://api.testsparker.com/files/download"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "416",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/auth/login.php"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 11:32 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 494.7446,
+ "StatusCode": 200
+ },
+ "LookupId": "8b3219aa-bd6c-5318-aa80-e7e00bf7d5b4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in JSON Payload via POST Request issue.
Fix the DNS Zone Transfer in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "DNSZoneTransferinJSONPayloadviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/auth/login.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "672",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "11"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Integer Overflow in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v2/webhook?type=932"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 09:34 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?type=932 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 474.8148,
+ "StatusCode": 200
+ },
+ "LookupId": "d925894c-f9d7-577a-b68d-bcb8b26e8c18",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in Multipart Data issue.
Fix the Integer Overflow in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "IntegerOverflowinMultipartData",
+ "Url": "https://portal.testsparker.com/api/v2/webhook?type=932"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "100",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Password Policy vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/checkout.php"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 07:29 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 433.28,
+ "StatusCode": 200
+ },
+ "LookupId": "4ad1e1d1-d160-5a19-9eae-17c73c67cddf",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy issue.
Fix the Weak Password Policy vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "WeakPasswordPolicy",
+ "Url": "https://docs.testsparker.com/checkout.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "217",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/auth/reset.php?filter=807"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 09:09 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php?filter=807 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 373.1152,
+ "StatusCode": 200
+ },
+ "LookupId": "6dfb94de-fdde-55cf-bca7-5571575e3d1a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in POST Body via POST Request issue.
Fix the Insecure HTTP Method in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinPOSTBodyviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/auth/reset.php?filter=807"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "162",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "34"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Password Policy in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/blog/edit.php?sort=322"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 10:43 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php?sort=322 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 211.0549,
+ "StatusCode": 200
+ },
+ "LookupId": "8fbc56a8-7b67-5dff-ad45-10ac21adaa65",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in Header via POST Request issue.
Fix the Weak Password Policy in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinHeaderviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/blog/edit.php?sort=322"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "20",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Email Header Injection in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/account/security?ref=515"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 12:53 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?ref=515 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 444.9514,
+ "StatusCode": 200
+ },
+ "LookupId": "22c057e2-0d0d-5c83-b54f-8b980270cc7e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in URL Path via POST Request issue.
Fix the Email Header Injection in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninURLPathviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/account/security?ref=515"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "164",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Mass Assignment in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/blog/post.php?ref=360"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 04:37 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php?ref=360 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 162.1585,
+ "StatusCode": 200
+ },
+ "LookupId": "60e51358-7af5-5449-b11d-50e2adb61648",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in URL Path via PUT Request issue.
Fix the Mass Assignment in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "MassAssignmentinURLPathviaPUTRequest",
+ "Url": "http://api.testsparker.com/blog/post.php?ref=360"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "195",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Broken Authentication in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/reports/view?q=733"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 07:59 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?q=733 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 213.7519,
+ "StatusCode": 200
+ },
+ "LookupId": "8634751a-85c3-528d-bbbc-e82d5f0cedf1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in XML Input via POST Request issue.
Fix the Broken Authentication in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinXMLInputviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/reports/view?q=733"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "416",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HTTP Response Splitting vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/admin/logs?token=694"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 04:27 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?token=694 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 395.0218,
+ "StatusCode": 200
+ },
+ "LookupId": "ed81a8f4-0cf5-5697-930e-9ba3bf3c3a62",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting issue.
Fix the HTTP Response Splitting vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "HTTPResponseSplitting",
+ "Url": "http://api.testsparker.com/admin/logs?token=694"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "82",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Version Disclosure in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 05:04 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 177.6544,
+ "StatusCode": 200
+ },
+ "LookupId": "e560ac95-2793-5926-913b-cae009affca7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in XML Input via POST Request issue.
Fix the Version Disclosure in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "VersionDisclosureinXMLInputviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "621",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "17"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/checkout.php"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 09:25 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 11.6009,
+ "StatusCode": 200
+ },
+ "LookupId": "6640f109-f844-59ca-a343-c15248bba2b3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in Form Field via POST Request issue.
Fix the Insecure HTTP Method in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinFormFieldviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/checkout.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "194",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "12"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XPath Injection in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v2/search?token=750"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 10:31 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?token=750 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 264.123,
+ "StatusCode": 200
+ },
+ "LookupId": "723bcd89-31ca-52bc-a745-b4e08d4a588d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in Multipart Data via POST Request issue.
Fix the XPath Injection in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "XPathInjectioninMultipartDataviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/api/v2/search?token=750"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "539",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HSTS Missing in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/payment.php?filter=175"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 04:45 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php?filter=175 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 109.5412,
+ "StatusCode": 200
+ },
+ "LookupId": "e2104774-717d-5b79-9339-7f12fec8fdae",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in Header via POST Request issue.
Fix the HSTS Missing in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "HSTSMissinginHeaderviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/payment.php?filter=175"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "223",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "2"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Session Fixation in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/contact?name=360"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 03:17 AM",
+ "HttpRequest": {
+ "Content": "GET /contact?name=360 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 175.2845,
+ "StatusCode": 200
+ },
+ "LookupId": "c10852ff-6472-5b9c-be91-258305c0b170",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in File Name issue.
Fix the Session Fixation in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "SessionFixationinFileName",
+ "Url": "http://admin.testsparker.com/contact?name=360"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "268",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "24"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Remote Code Execution in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/admin/logs?type=595"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 06:23 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?type=595 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 451.0259,
+ "StatusCode": 200
+ },
+ "LookupId": "976e4150-d9eb-555c-874f-7c149826d45e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in JSON Payload via PUT Request issue.
Fix the Remote Code Execution in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninJSONPayloadviaPUTRequest",
+ "Url": "http://blog.testsparker.com/admin/logs?type=595"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "184",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v2/search"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 01:03 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 281.1459,
+ "StatusCode": 200
+ },
+ "LookupId": "e908914d-0ffa-56bf-bd04-b2f427575dbc",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in POST Body issue.
Fix the Missing Content-Security-Policy in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinPOSTBody",
+ "Url": "http://admin.testsparker.com/api/v2/search"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "108",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a LDAP Injection in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/checkout.php"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 07:54 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 45.7596,
+ "StatusCode": 200
+ },
+ "LookupId": "f611e010-c038-52a9-ad53-b7619f7f37c4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in File Name via POST Request issue.
Fix the LDAP Injection in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "LDAPInjectioninFileNameviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/checkout.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "117",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "27"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Race Condition in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/auth/login.php?ref=957"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 12:00 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php?ref=957 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 494.2369,
+ "StatusCode": 200
+ },
+ "LookupId": "7514a674-51f9-53a9-819f-0b7f2f7241a5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in File Name via POST Request issue.
Fix the Race Condition in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "RaceConditioninFileNameviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/auth/login.php?ref=957"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "218",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/admin/logs"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 10:47 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 351.7038,
+ "StatusCode": 200
+ },
+ "LookupId": "0d301c8e-9423-5afd-923c-410368f057b8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in JSON Payload issue.
Fix the Missing Content-Security-Policy in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinJSONPayload",
+ "Url": "http://blog.testsparker.com/admin/logs"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "610",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Version Disclosure in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v1/products"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 06:07 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 78.4664,
+ "StatusCode": 200
+ },
+ "LookupId": "e5a4034d-4b98-5d13-91ae-bda80dfe837e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in Cookie issue.
Fix the Version Disclosure in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "VersionDisclosureinCookie",
+ "Url": "http://admin.testsparker.com/api/v1/products"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "567",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/files/download?q=254"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 12:01 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?q=254 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 425.4671,
+ "StatusCode": 200
+ },
+ "LookupId": "245840e9-8ff2-57d5-90f3-2b407438c05f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in JSON Payload issue.
Fix the File Upload Vulnerability in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinJSONPayload",
+ "Url": "https://shop.testsparker.com/files/download?q=254"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "443",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Session Fixation in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/blog/post.php"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 07:45 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 441.1045,
+ "StatusCode": 200
+ },
+ "LookupId": "9acb07f1-b9e0-50d6-92d6-9dffc6bc292b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in JSON Payload via PUT Request issue.
Fix the Session Fixation in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "SessionFixationinJSONPayloadviaPUTRequest",
+ "Url": "http://api.testsparker.com/blog/post.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "110",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/admin/users?token=677"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 02:56 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users?token=677 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 320.0677,
+ "StatusCode": 200
+ },
+ "LookupId": "fa0dc3d4-2f41-5dae-be74-e5cb1e8a2cf9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in POST Body via POST Request issue.
Fix the File Upload Vulnerability in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinPOSTBodyviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/admin/users?token=677"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "336",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CSRF in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/blog/edit.php?sort=712"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 08:40 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php?sort=712 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 335.4305,
+ "StatusCode": 200
+ },
+ "LookupId": "4b427b4a-908a-592c-ba35-87c60990d79c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CSRF in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CSRF in JSON Payload issue.
Fix the CSRF in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CSRFinJSONPayload",
+ "Url": "https://app2.testsparker.com/blog/edit.php?sort=712"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "224",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Integer Overflow in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 09:49 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 91.3895,
+ "StatusCode": 200
+ },
+ "LookupId": "db731116-5de8-5160-95c3-568a148294b7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in File Name via POST Request issue.
Fix the Integer Overflow in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "IntegerOverflowinFileNameviaPOSTRequest",
+ "Url": "http://api.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "225",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cleartext Transmission in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/search"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 06:20 AM",
+ "HttpRequest": {
+ "Content": "GET /search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 199.8874,
+ "StatusCode": 200
+ },
+ "LookupId": "1ce64e89-921a-525a-b694-3d8585dfd13b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in URL Path via PUT Request issue.
Fix the Cleartext Transmission in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CleartextTransmissioninURLPathviaPUTRequest",
+ "Url": "https://shop.testsparker.com/search"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "675",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/files/upload"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 03:16 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 213.7425,
+ "StatusCode": 200
+ },
+ "LookupId": "160549a6-0acd-59ef-a8ff-6084d3cba0a4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in XML Input issue.
Fix the HTTP Response Splitting in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginXMLInput",
+ "Url": "http://admin.testsparker.com/files/upload"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "491",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cleartext Transmission in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v1/users?token=175"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 07:50 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users?token=175 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 380.8106,
+ "StatusCode": 200
+ },
+ "LookupId": "bd9c0d7b-77a0-54e3-9aa5-2e5ddb70b73a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in Form Field via POST Request issue.
Fix the Cleartext Transmission in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CleartextTransmissioninFormFieldviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/api/v1/users?token=175"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "73",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 08:01 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 449.2911,
+ "StatusCode": 200
+ },
+ "LookupId": "97286f79-6bb5-56c8-a0e0-f955142f3b5b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in POST Body via POST Request issue.
Fix the Missing X-Frame-Options in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinPOSTBodyviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "347",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "17"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/reports/view"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 01:08 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 110.0743,
+ "StatusCode": 200
+ },
+ "LookupId": "64f8ddcb-dcb3-5f5c-80c3-186eef059e55",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in Query Parameter via PUT Request issue.
Fix the CORS Misconfiguration in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinQueryParameterviaPUTRequest",
+ "Url": "https://app2.testsparker.com/reports/view"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "646",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XPath Injection in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/admin/dashboard?id=181"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 08:19 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?id=181 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 132.9773,
+ "StatusCode": 200
+ },
+ "LookupId": "b733de5d-67fb-5f7d-9843-10a23e0a8b7f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in File Name issue.
Fix the XPath Injection in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "XPathInjectioninFileName",
+ "Url": "http://api.testsparker.com/admin/dashboard?id=181"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "449",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Version Disclosure in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v1/products"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 09:46 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 376.9793,
+ "StatusCode": 200
+ },
+ "LookupId": "a844695f-0170-5911-841d-b8979d6f93bb",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in Cookie issue.
Fix the Version Disclosure in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "VersionDisclosureinCookie",
+ "Url": "http://admin.testsparker.com/api/v1/products"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "357",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v1/orders?type=282"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 04:44 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders?type=282 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 433.2854,
+ "StatusCode": 200
+ },
+ "LookupId": "eb8f004c-2df5-5306-a41f-aab91cc53747",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in Header issue.
Fix the Missing X-Frame-Options in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinHeader",
+ "Url": "http://admin.testsparker.com/api/v1/orders?type=282"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "151",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Race Condition in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/reports/view?id=581"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 12:21 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?id=581 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 231.782,
+ "StatusCode": 200
+ },
+ "LookupId": "d61b896a-2229-53f0-b00d-45f0178db9b3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in Multipart Data via POST Request issue.
Fix the Race Condition in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "RaceConditioninMultipartDataviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/reports/view?id=581"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "500",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Path Disclosure in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/admin/logs?type=921"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 08:25 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?type=921 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 193.4116,
+ "StatusCode": 200
+ },
+ "LookupId": "f68b5cd8-53e5-59be-ae7e-077c3fbec750",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in Form Field via POST Request issue.
Fix the Path Disclosure in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "PathDisclosureinFormFieldviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/admin/logs?type=921"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "155",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Command Injection in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/settings.php?ref=745"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 07:19 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?ref=745 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 395.0054,
+ "StatusCode": 200
+ },
+ "LookupId": "c8b4fc4a-4d65-5484-a6af-4de1e2dd9c7d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in Multipart Data issue.
Fix the Command Injection in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CommandInjectioninMultipartData",
+ "Url": "https://app2.testsparker.com/settings.php?ref=745"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "116",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a LDAP Injection in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/profile.php"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 03:56 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 357.7827,
+ "StatusCode": 200
+ },
+ "LookupId": "c0610615-1fe3-5822-83f7-637b85aaa857",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in URL Path via PUT Request issue.
Fix the LDAP Injection in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "LDAPInjectioninURLPathviaPUTRequest",
+ "Url": "https://shop.testsparker.com/profile.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "587",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Version Disclosure in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/profile.php"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 02:59 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 416.3152,
+ "StatusCode": 200
+ },
+ "LookupId": "1ad3ca76-dbd9-5fb6-907b-cb08f7eba029",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in Header via POST Request issue.
Fix the Version Disclosure in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "VersionDisclosureinHeaderviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/profile.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "56",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "41"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Cryptography in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/config?type=384"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 05:13 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/config?type=384 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 260.4387,
+ "StatusCode": 200
+ },
+ "LookupId": "3b0c8082-d98d-546e-a3ed-6cb7820dd110",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in JSON Payload via POST Request issue.
Fix the Weak Cryptography in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "WeakCryptographyinJSONPayloadviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/admin/config?type=384"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "36",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/download.php?action=559"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 10:48 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?action=559 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 257.3944,
+ "StatusCode": 200
+ },
+ "LookupId": "8a495f31-1aa3-5006-b5b2-51f3f33d69dc",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in POST Body via POST Request issue.
Fix the Sensitive Data Exposure in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinPOSTBodyviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/download.php?action=559"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "335",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XPath Injection in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/checkout.php?name=109"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 05:42 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php?name=109 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 243.3881,
+ "StatusCode": 200
+ },
+ "LookupId": "a2e796d1-98d6-56b5-9a88-4b1cda5f1369",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in XML Input via POST Request issue.
Fix the XPath Injection in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "XPathInjectioninXMLInputviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/checkout.php?name=109"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "385",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "44"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Directory Traversal in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/help"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 06:07 AM",
+ "HttpRequest": {
+ "Content": "GET /help HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 97.4521,
+ "StatusCode": 200
+ },
+ "LookupId": "0f5599db-8640-5ab4-ab13-6839ddb19e60",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in URL Path issue.
Fix the Directory Traversal in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "DirectoryTraversalinURLPath",
+ "Url": "http://blog.testsparker.com/help"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "341",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/auth/reset.php?name=843"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 03:44 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php?name=843 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 137.8753,
+ "StatusCode": 200
+ },
+ "LookupId": "cbee5789-e30e-5670-9ea0-cf3a5fa4d3fc",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in Header via POST Request issue.
Fix the Missing X-Frame-Options in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinHeaderviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/auth/reset.php?name=843"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "347",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "40"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Broken Authentication in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/cart.php?q=103"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 07:40 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php?q=103 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 12.5924,
+ "StatusCode": 200
+ },
+ "LookupId": "e67352eb-e0a4-5b0e-a19f-beac032b207a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in File Name issue.
Fix the Broken Authentication in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinFileName",
+ "Url": "https://app2.testsparker.com/cart.php?q=103"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "438",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a LDAP Injection in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/auth/register.php?id=397"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 02:57 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php?id=397 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 311.6701,
+ "StatusCode": 200
+ },
+ "LookupId": "5180d42b-80a0-5ada-86a1-25c4c135e80c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in Query Parameter via PUT Request issue.
Fix the LDAP Injection in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "LDAPInjectioninQueryParameterviaPUTRequest",
+ "Url": "http://blog.testsparker.com/auth/register.php?id=397"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "313",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Broken Authentication in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/reports/generate?sort=976"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 06:54 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?sort=976 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 54.1689,
+ "StatusCode": 200
+ },
+ "LookupId": "9418032e-17c9-5f45-8294-9f61a3afe264",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in Form Field via POST Request issue.
Fix the Broken Authentication in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinFormFieldviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/reports/generate?sort=976"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "642",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "2"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/reports/export"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 03:28 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 233.6939,
+ "StatusCode": 200
+ },
+ "LookupId": "2fe1264c-f7b7-53a8-b498-15ac35dcb79a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in JSON Payload issue.
Fix the Cookie Not Marked as Secure in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinJSONPayload",
+ "Url": "http://api.testsparker.com/reports/export"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "605",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/admin/logs?type=200"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 04:09 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?type=200 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 18.0252,
+ "StatusCode": 200
+ },
+ "LookupId": "748ce2d7-a901-5ebb-990b-798766eee307",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in Cookie via PUT Request issue.
Fix the Cookie Not Marked as Secure in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinCookieviaPUTRequest",
+ "Url": "http://app1.testsparker.com/admin/logs?type=200"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "98",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "44"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Command Injection in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/contact"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 11:49 AM",
+ "HttpRequest": {
+ "Content": "GET /contact HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 23.8355,
+ "StatusCode": 200
+ },
+ "LookupId": "be8df8da-d779-522b-9bd9-5f3254d128a8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in Header via PUT Request issue.
Fix the Command Injection in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CommandInjectioninHeaderviaPUTRequest",
+ "Url": "https://shop.testsparker.com/contact"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "422",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "29"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Mass Assignment in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/users?q=745"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 04:06 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users?q=745 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 74.4575,
+ "StatusCode": 200
+ },
+ "LookupId": "d169b9c3-77c4-5f92-b83c-57f55d885fa1",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in Multipart Data issue.
Fix the Mass Assignment in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "MassAssignmentinMultipartData",
+ "Url": "https://app2.testsparker.com/admin/users?q=745"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "4",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Password Policy in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/blog/edit.php"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 10:34 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 468.1707,
+ "StatusCode": 200
+ },
+ "LookupId": "140bfbe9-7e32-5bdf-9189-2590b289c60f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in POST Body via POST Request issue.
Fix the Weak Password Policy in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinPOSTBodyviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/blog/edit.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "536",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "40"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cross-site Scripting in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/contact?id=511"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 08:18 AM",
+ "HttpRequest": {
+ "Content": "GET /contact?id=511 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 41.6621,
+ "StatusCode": 200
+ },
+ "LookupId": "93ffd249-f27c-5def-badb-f2cafdb5c0f0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in Query Parameter via PUT Request issue.
Fix the Cross-site Scripting in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginQueryParameterviaPUTRequest",
+ "Url": "https://docs.testsparker.com/contact?id=511"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "659",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "29"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Integer Overflow in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/upload.php?filter=960"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 06:59 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php?filter=960 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 125.9877,
+ "StatusCode": 200
+ },
+ "LookupId": "59dbae80-4098-569d-ad1c-749826db80e8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in Query Parameter via PUT Request issue.
Fix the Integer Overflow in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "IntegerOverflowinQueryParameterviaPUTRequest",
+ "Url": "http://app1.testsparker.com/upload.php?filter=960"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "387",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Race Condition in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/help"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 12:40 AM",
+ "HttpRequest": {
+ "Content": "GET /help HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 140.8819,
+ "StatusCode": 200
+ },
+ "LookupId": "d82905a0-7921-5edb-802e-021c087f35dc",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in JSON Payload via PUT Request issue.
Fix the Race Condition in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "RaceConditioninJSONPayloadviaPUTRequest",
+ "Url": "http://blog.testsparker.com/help"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "584",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HSTS Missing in JSON Payload vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/products.php?type=194"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 12:43 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php?type=194 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 115.0278,
+ "StatusCode": 200
+ },
+ "LookupId": "cc98f1b2-437b-5c0d-95dc-4de685ff4c73",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in JSON Payload",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in JSON Payload issue.
Fix the HSTS Missing in JSON Payload vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "HSTSMissinginJSONPayload",
+ "Url": "http://admin.testsparker.com/products.php?type=194"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "600",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/files/upload"
+ }
+ ],
+ "FirstSeenDate": "16/06/2021 01:55 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 320.8544,
+ "StatusCode": 200
+ },
+ "LookupId": "5b3af8f1-cd3d-55d7-8af4-5703b2a6d22a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in XML Input issue.
Fix the HTTP Response Splitting in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginXMLInput",
+ "Url": "http://admin.testsparker.com/files/upload"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "102",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "33"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Clickjacking in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/account/security?page=988"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 12:37 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?page=988 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 100.7116,
+ "StatusCode": 200
+ },
+ "LookupId": "159ad3d7-4094-548b-af90-b404f08bc432",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in Cookie via POST Request issue.
Fix the Clickjacking in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "ClickjackinginCookieviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/account/security?page=988"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "459",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cleartext Transmission in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/blog/post.php"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 10:01 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 263.6286,
+ "StatusCode": 200
+ },
+ "LookupId": "9b5bde87-6159-50b3-931a-682df9453ad8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in Multipart Data issue.
Fix the Cleartext Transmission in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CleartextTransmissioninMultipartData",
+ "Url": "https://portal.testsparker.com/blog/post.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "197",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "2"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Remote Code Execution in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/payment.php"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 09:56 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 232.4238,
+ "StatusCode": 200
+ },
+ "LookupId": "4233af3f-9fcf-51ea-9c66-549f83d950c9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in JSON Payload via POST Request issue.
Fix the Remote Code Execution in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninJSONPayloadviaPOSTRequest",
+ "Url": "http://api.testsparker.com/payment.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "491",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Remote Code Execution in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/blog/edit.php?page=748"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 03:52 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php?page=748 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 432.5526,
+ "StatusCode": 200
+ },
+ "LookupId": "c23af10c-2f3d-57a0-af27-13c95776740e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in File Name via POST Request issue.
Fix the Remote Code Execution in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninFileNameviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/blog/edit.php?page=748"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "134",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Deserialization in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/files/list?token=798"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 08:02 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?token=798 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 41.0347,
+ "StatusCode": 200
+ },
+ "LookupId": "ce6641a1-f810-5e53-a976-d276f233c13e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in Form Field issue.
Fix the Insecure Deserialization in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureDeserializationinFormField",
+ "Url": "https://docs.testsparker.com/files/list?token=798"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "552",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Race Condition in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/admin/logs"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 09:54 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 307.3817,
+ "StatusCode": 200
+ },
+ "LookupId": "5961f352-9f45-5f3d-80f2-68ccdb69c371",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in XML Input issue.
Fix the Race Condition in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "RaceConditioninXMLInput",
+ "Url": "http://app1.testsparker.com/admin/logs"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "630",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Deserialization in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/reports/generate?type=28"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 10:34 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?type=28 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 450.9571,
+ "StatusCode": 200
+ },
+ "LookupId": "2b43011e-94b7-5789-9627-1462dd0464ff",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in Query Parameter via PUT Request issue.
Fix the Insecure Deserialization in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InsecureDeserializationinQueryParameterviaPUTRequest",
+ "Url": "http://blog.testsparker.com/reports/generate?type=28"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "688",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "27"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Open Redirect in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v2/webhook?action=753"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 04:46 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?action=753 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 90.3146,
+ "StatusCode": 200
+ },
+ "LookupId": "f7b96d1a-f1dd-5ea1-91a7-a8a824e15c60",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in Header via POST Request issue.
Fix the Open Redirect in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "OpenRedirectinHeaderviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/api/v2/webhook?action=753"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "278",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Path Disclosure in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/admin/logs?id=409"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 01:28 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?id=409 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 287.6841,
+ "StatusCode": 200
+ },
+ "LookupId": "8adeeea3-696f-5657-8095-73b5b50c99c6",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in Header via PUT Request issue.
Fix the Path Disclosure in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "PathDisclosureinHeaderviaPUTRequest",
+ "Url": "https://portal.testsparker.com/admin/logs?id=409"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "139",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "36"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/download.php"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 05:05 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 155.6937,
+ "StatusCode": 200
+ },
+ "LookupId": "7c882640-f13e-5e1e-b9e8-132f4caf2d52",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in Query Parameter via PUT Request issue.
Fix the Server-Side Request Forgery in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinQueryParameterviaPUTRequest",
+ "Url": "http://blog.testsparker.com/download.php"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "229",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a SQL Injection in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/reports/view"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 10:30 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 285.3202,
+ "StatusCode": 200
+ },
+ "LookupId": "91633cd4-bb34-54f8-afc6-9b1535c8c822",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in Header issue.
Fix the SQL Injection in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "SQLInjectioninHeader",
+ "Url": "https://docs.testsparker.com/reports/view"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "537",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "32"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/checkout.php?name=675"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 05:20 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php?name=675 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 210.8042,
+ "StatusCode": 200
+ },
+ "LookupId": "796d86bd-7f10-56b6-872d-d3a9d545b81d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in Multipart Data issue.
Fix the Missing X-Frame-Options in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinMultipartData",
+ "Url": "https://shop.testsparker.com/checkout.php?name=675"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "504",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Unvalidated Redirect in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/files/list?id=182"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 07:31 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?id=182 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 384.3655,
+ "StatusCode": 200
+ },
+ "LookupId": "16be2a58-a9d3-5e34-8cd5-e11072a86613",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Unvalidated Redirect in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Unvalidated Redirect in Cookie via POST Request issue.
Fix the Unvalidated Redirect in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "UnvalidatedRedirectinCookieviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/files/list?id=182"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "108",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "17"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XML External Entity in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/admin/users?ref=820"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 03:46 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users?ref=820 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 45.7025,
+ "StatusCode": 200
+ },
+ "LookupId": "faf43dbb-142e-5e34-a02b-3365c4d91103",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in Form Field via POST Request issue.
Fix the XML External Entity in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "XMLExternalEntityinFormFieldviaPOSTRequest",
+ "Url": "http://api.testsparker.com/admin/users?ref=820"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "669",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Deserialization in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 04:46 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 392.2142,
+ "StatusCode": 200
+ },
+ "LookupId": "da4e6996-4c3d-5285-9c90-a323b5319ce9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in Multipart Data via POST Request issue.
Fix the Insecure Deserialization in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureDeserializationinMultipartDataviaPOSTRequest",
+ "Url": "http://api.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "313",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "33"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Cryptography in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/auth/login.php"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 10:54 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 249.2506,
+ "StatusCode": 200
+ },
+ "LookupId": "ff57fbff-5166-5a4f-bc32-48a8fc2a2f92",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in Form Field via POST Request issue.
Fix the Weak Cryptography in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "WeakCryptographyinFormFieldviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/auth/login.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "294",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a SQL Injection in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/payment.php?id=1"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 08:48 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php?id=1 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 243.7629,
+ "StatusCode": 200
+ },
+ "LookupId": "b9102c68-f0fc-5ffd-b929-7152d945fdb2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in Multipart Data issue.
Fix the SQL Injection in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "SQLInjectioninMultipartData",
+ "Url": "http://blog.testsparker.com/payment.php?id=1"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "375",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "11"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HSTS Missing in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/account/billing"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 01:35 AM",
+ "HttpRequest": {
+ "Content": "GET /account/billing HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 360.0012,
+ "StatusCode": 200
+ },
+ "LookupId": "56a2128a-f362-5315-8beb-a10ce27e2727",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in XML Input via POST Request issue.
Fix the HSTS Missing in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "HSTSMissinginXMLInputviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/account/billing"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "234",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/help"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 08:54 AM",
+ "HttpRequest": {
+ "Content": "GET /help HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 262.9161,
+ "StatusCode": 200
+ },
+ "LookupId": "e1ea0de8-1b27-52d0-be02-c18240a0cb27",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in URL Path via POST Request issue.
Fix the Missing Content-Security-Policy in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinURLPathviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/help"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "265",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Path Disclosure in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 12:14 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 402.0791,
+ "StatusCode": 200
+ },
+ "LookupId": "dbf172b4-1c18-5b3f-b4af-d891ebcd3c3b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in File Name issue.
Fix the Path Disclosure in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "PathDisclosureinFileName",
+ "Url": "https://docs.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "567",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Password Policy in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v1/orders"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 11:55 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 468.8171,
+ "StatusCode": 200
+ },
+ "LookupId": "a172bef8-bb96-5e8b-a945-58cb5b0dfc17",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in XML Input issue.
Fix the Weak Password Policy in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinXMLInput",
+ "Url": "https://app2.testsparker.com/api/v1/orders"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "424",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/blog/edit.php"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 08:40 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 226.6001,
+ "StatusCode": 200
+ },
+ "LookupId": "f1e463a5-f3d9-5af0-876d-11a43703b2fc",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in POST Body issue.
Fix the Sensitive Data Exposure in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinPOSTBody",
+ "Url": "https://app2.testsparker.com/blog/edit.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "267",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XPath Injection in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v1/products"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 07:18 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 194.0078,
+ "StatusCode": 200
+ },
+ "LookupId": "7d57135d-ac3a-53bc-8b14-d906f1b665a3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in Cookie via PUT Request issue.
Fix the XPath Injection in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "XPathInjectioninCookieviaPUTRequest",
+ "Url": "http://blog.testsparker.com/api/v1/products"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "334",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "18"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/payment.php?action=256"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 09:57 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php?action=256 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 37.8565,
+ "StatusCode": 200
+ },
+ "LookupId": "44828315-0bad-56a1-be47-41e919e20094",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in Multipart Data issue.
Fix the Sensitive Data Exposure in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinMultipartData",
+ "Url": "http://api.testsparker.com/payment.php?action=256"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "524",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Password Policy in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/blog/edit.php"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 02:06 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/edit.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 81.532,
+ "StatusCode": 200
+ },
+ "LookupId": "01b1c3cd-b273-5a01-84a5-0035ba59e439",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in Header via PUT Request issue.
Fix the Weak Password Policy in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinHeaderviaPUTRequest",
+ "Url": "http://admin.testsparker.com/blog/edit.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "100",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/settings.php"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 12:19 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 234.1909,
+ "StatusCode": 200
+ },
+ "LookupId": "35994841-3080-5c14-a61a-444d977c52ce",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in XML Input via POST Request issue.
Fix the Insecure Direct Object Reference in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinXMLInputviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/settings.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "292",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cleartext Transmission in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/auth/register.php"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 09:02 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 175.321,
+ "StatusCode": 200
+ },
+ "LookupId": "f622f642-3c4b-5edd-a5be-81c08d8e9651",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in Multipart Data via POST Request issue.
Fix the Cleartext Transmission in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CleartextTransmissioninMultipartDataviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/auth/register.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "636",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/files/download"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 10:50 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 179.4384,
+ "StatusCode": 200
+ },
+ "LookupId": "8a5befa2-6476-5a75-ac17-7b5acc3f8b83",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in XML Input issue.
Fix the Server-Side Request Forgery in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinXMLInput",
+ "Url": "http://api.testsparker.com/files/download"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "129",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HSTS Missing in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/cart.php?q=279"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 01:14 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php?q=279 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 202.2226,
+ "StatusCode": 200
+ },
+ "LookupId": "3b52d7e5-3f7f-5f8a-8d81-1083b5766062",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in File Name via POST Request issue.
Fix the HSTS Missing in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "HSTSMissinginFileNameviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/cart.php?q=279"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "296",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Cryptography in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v2/search"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 02:20 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 133.6754,
+ "StatusCode": 200
+ },
+ "LookupId": "a1a7ac70-a622-5914-8439-d176617f0e10",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in POST Body issue.
Fix the Weak Cryptography in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "WeakCryptographyinPOSTBody",
+ "Url": "https://shop.testsparker.com/api/v2/search"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "503",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XPath Injection in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/settings.php"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 10:08 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 185.9317,
+ "StatusCode": 200
+ },
+ "LookupId": "6115c713-0d17-5a71-b9d4-303bdaf7a845",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in Header via POST Request issue.
Fix the XPath Injection in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "XPathInjectioninHeaderviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/settings.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "647",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "22"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/help?sort=397"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 02:35 AM",
+ "HttpRequest": {
+ "Content": "GET /help?sort=397 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 342.4059,
+ "StatusCode": 200
+ },
+ "LookupId": "a89d966b-cc3e-53ad-b212-37e2418c722e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in Cookie issue.
Fix the CORS Misconfiguration in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinCookie",
+ "Url": "http://api.testsparker.com/help?sort=397"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "80",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Buffer Overflow in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/files/download?action=399"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 11:52 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?action=399 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 470.0948,
+ "StatusCode": 200
+ },
+ "LookupId": "db85a0d8-3068-5ee1-9b63-c1e203617221",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in File Name via POST Request issue.
Fix the Buffer Overflow in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "BufferOverflowinFileNameviaPOSTRequest",
+ "Url": "http://api.testsparker.com/files/download?action=399"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "682",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XML External Entity in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v2/webhook?filter=189"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 08:34 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?filter=189 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 487.9782,
+ "StatusCode": 200
+ },
+ "LookupId": "7d03bea3-00cb-52e3-a9b6-51346dae6325",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in Cookie via POST Request issue.
Fix the XML External Entity in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "XMLExternalEntityinCookieviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/api/v2/webhook?filter=189"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "567",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "36"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Weak Cryptography in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/auth/login.php?page=220"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 01:29 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php?page=220 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 184.2713,
+ "StatusCode": 200
+ },
+ "LookupId": "758b3f86-f4cb-5f89-b77c-e60cf7845a3a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Cryptography in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Cryptography in Multipart Data issue.
Fix the Weak Cryptography in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "WeakCryptographyinMultipartData",
+ "Url": "http://admin.testsparker.com/auth/login.php?page=220"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "179",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Broken Authentication in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/contact"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 12:36 AM",
+ "HttpRequest": {
+ "Content": "GET /contact HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 176.2526,
+ "StatusCode": 200
+ },
+ "LookupId": "3d3e95c5-2992-5aca-a4cc-17440b303a94",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in Query Parameter via PUT Request issue.
Fix the Broken Authentication in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinQueryParameterviaPUTRequest",
+ "Url": "https://portal.testsparker.com/contact"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "226",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "38"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cross-site Scripting vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/cart.php?id=575"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 01:48 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php?id=575 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 404.8514,
+ "StatusCode": 200
+ },
+ "LookupId": "89407364-9859-5de3-9b22-7e665558595b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting issue.
Fix the Cross-site Scripting vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "Cross-siteScripting",
+ "Url": "https://portal.testsparker.com/cart.php?id=575"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "322",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Mass Assignment in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/auth/login.php?id=176"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 11:12 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php?id=176 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 479.2856,
+ "StatusCode": 200
+ },
+ "LookupId": "da4ca632-5eb9-5180-8727-c420dde3f18e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in Header via POST Request issue.
Fix the Mass Assignment in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "MassAssignmentinHeaderviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/auth/login.php?id=176"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "534",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "12"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v1/users"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 01:04 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 436.2347,
+ "StatusCode": 200
+ },
+ "LookupId": "03e41693-dd3b-57e1-aa55-aba8d8c1ffd7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in XML Input via POST Request issue.
Fix the Cookie Not Marked as Secure in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinXMLInputviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/api/v1/users"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "268",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Information Disclosure in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/admin/users?token=379"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 11:11 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/users?token=379 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 278.2641,
+ "StatusCode": 200
+ },
+ "LookupId": "da884b08-f9e2-5234-86e4-fa63c466ec58",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Information Disclosure in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Information Disclosure in XML Input issue.
Fix the Information Disclosure in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "InformationDisclosureinXMLInput",
+ "Url": "http://blog.testsparker.com/admin/users?token=379"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "93",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Mass Assignment in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/dashboard"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 02:29 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 190.607,
+ "StatusCode": 200
+ },
+ "LookupId": "9716e4a3-8441-5bd5-b344-2b6b2041732c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Mass Assignment in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Mass Assignment in POST Body issue.
Fix the Mass Assignment in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "MassAssignmentinPOSTBody",
+ "Url": "https://app2.testsparker.com/admin/dashboard"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "571",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "44"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/search?name=537"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 03:00 AM",
+ "HttpRequest": {
+ "Content": "GET /search?name=537 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 482.1639,
+ "StatusCode": 200
+ },
+ "LookupId": "224a3df9-3d25-580f-a9d8-34b4072f0e01",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in JSON Payload via PUT Request issue.
Fix the Cookie Not Marked as Secure in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinJSONPayloadviaPUTRequest",
+ "Url": "https://app2.testsparker.com/search?name=537"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "343",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cleartext Transmission in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/profile.php?q=482"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 10:33 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php?q=482 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 462.92,
+ "StatusCode": 200
+ },
+ "LookupId": "ea62ffbe-3863-5e7d-9792-9da83bafba9d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in POST Body issue.
Fix the Cleartext Transmission in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CleartextTransmissioninPOSTBody",
+ "Url": "http://app1.testsparker.com/profile.php?q=482"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "583",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "27"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/files/upload"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 09:36 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 135.0225,
+ "StatusCode": 200
+ },
+ "LookupId": "86900892-fb7a-5469-a946-1149ee800bd2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in XML Input issue.
Fix the HTTP Response Splitting in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginXMLInput",
+ "Url": "http://admin.testsparker.com/files/upload"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "635",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/search?name=537"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 12:43 AM",
+ "HttpRequest": {
+ "Content": "GET /search?name=537 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 53.2335,
+ "StatusCode": 200
+ },
+ "LookupId": "23eb98c5-676d-596f-aafb-e2eb01336903",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in JSON Payload via PUT Request issue.
Fix the Cookie Not Marked as Secure in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinJSONPayloadviaPUTRequest",
+ "Url": "https://app2.testsparker.com/search?name=537"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "567",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "12"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Password Policy in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/reports/view?token=438"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 08:19 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?token=438 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 232.2655,
+ "StatusCode": 200
+ },
+ "LookupId": "6eaef266-803f-579d-b705-facb7e6c682b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in XML Input via POST Request issue.
Fix the Weak Password Policy in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinXMLInputviaPOSTRequest",
+ "Url": "http://api.testsparker.com/reports/view?token=438"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "227",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "15"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Clickjacking in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/api/v1/orders?token=51"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 11:26 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders?token=51 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 261.5078,
+ "StatusCode": 200
+ },
+ "LookupId": "c5a9ae63-c4e4-5484-9f91-26cf87fe233a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in XML Input issue.
Fix the Clickjacking in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "ClickjackinginXMLInput",
+ "Url": "http://admin.testsparker.com/api/v1/orders?token=51"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "186",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Buffer Overflow in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/admin/config?action=855"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 09:29 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/config?action=855 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 325.8905,
+ "StatusCode": 200
+ },
+ "LookupId": "60eac2dd-6bf8-5e1f-9179-38701790f0d5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in Form Field issue.
Fix the Buffer Overflow in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "BufferOverflowinFormField",
+ "Url": "http://api.testsparker.com/admin/config?action=855"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "193",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a HSTS Missing in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/upload.php?sort=790"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 06:47 AM",
+ "HttpRequest": {
+ "Content": "GET /upload.php?sort=790 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 33.4985,
+ "StatusCode": 200
+ },
+ "LookupId": "f94fdb45-39d2-531c-9663-181a9548653b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in JSON Payload via PUT Request issue.
Fix the HSTS Missing in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "HSTSMissinginJSONPayloadviaPUTRequest",
+ "Url": "http://blog.testsparker.com/upload.php?sort=790"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "196",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Buffer Overflow in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v2/webhook"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 09:55 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 384.3485,
+ "StatusCode": 200
+ },
+ "LookupId": "53c1180a-f07d-569f-9eed-eba9d9d5b36b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in JSON Payload via PUT Request issue.
Fix the Buffer Overflow in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "BufferOverflowinJSONPayloadviaPUTRequest",
+ "Url": "http://blog.testsparker.com/api/v2/webhook"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "85",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "8"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/auth/reset.php?action=916"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 11:45 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php?action=916 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 40.5395,
+ "StatusCode": 200
+ },
+ "LookupId": "39e041b5-a5f1-5527-b220-6c072210301e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in Cookie via PUT Request issue.
Fix the Missing X-Frame-Options in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinCookieviaPUTRequest",
+ "Url": "https://app2.testsparker.com/auth/reset.php?action=916"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "12",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Race Condition in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/files/upload?q=437"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 01:32 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload?q=437 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 117.16,
+ "StatusCode": 200
+ },
+ "LookupId": "adcc32f2-8683-50d6-a3c7-09d20e76c19c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in Multipart Data issue.
Fix the Race Condition in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "RaceConditioninMultipartData",
+ "Url": "https://portal.testsparker.com/files/upload?q=437"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "520",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v2/export?id=735"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 10:03 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/export?id=735 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 11.3698,
+ "StatusCode": 200
+ },
+ "LookupId": "256011ba-6f99-567f-9b58-330bffce0a4a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in Multipart Data via POST Request issue.
Fix the File Upload Vulnerability in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinMultipartDataviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/api/v2/export?id=735"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "699",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in Form Field vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/files/list?action=941"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 05:34 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list?action=941 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 364.748,
+ "StatusCode": 200
+ },
+ "LookupId": "8da1bdcc-a221-5f35-8e45-9ff69744fba4",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in Form Field",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in Form Field issue.
Fix the DNS Zone Transfer in Form Field vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "DNSZoneTransferinFormField",
+ "Url": "https://shop.testsparker.com/files/list?action=941"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "240",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "15"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XML External Entity in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/api/v1/products"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 09:11 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 276.3208,
+ "StatusCode": 200
+ },
+ "LookupId": "915e2e8b-9462-5244-bd7d-5172e6440d4e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in JSON Payload via PUT Request issue.
Fix the XML External Entity in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "XMLExternalEntityinJSONPayloadviaPUTRequest",
+ "Url": "https://shop.testsparker.com/api/v1/products"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "108",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/products.php?page=480"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 05:45 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php?page=480 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 232.4708,
+ "StatusCode": 200
+ },
+ "LookupId": "57b1c8ea-730a-51fe-9e15-00b93c8c2ca9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in Multipart Data via POST Request issue.
Fix the DNS Zone Transfer in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "DNSZoneTransferinMultipartDataviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/products.php?page=480"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "73",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Open Redirect in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v1/users"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 03:46 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/users HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 105.3633,
+ "StatusCode": 200
+ },
+ "LookupId": "8a64f128-46db-5cc7-8880-34bfdc4ac1e2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in JSON Payload via PUT Request issue.
Fix the Open Redirect in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "OpenRedirectinJSONPayloadviaPUTRequest",
+ "Url": "http://app1.testsparker.com/api/v1/users"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "463",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "29"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Command Injection in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/settings.php?ref=956"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 03:07 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?ref=956 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 30.4134,
+ "StatusCode": 200
+ },
+ "LookupId": "66738287-eafc-55fa-8394-80a8823e3616",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in Query Parameter via PUT Request issue.
Fix the Command Injection in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CommandInjectioninQueryParameterviaPUTRequest",
+ "Url": "https://app2.testsparker.com/settings.php?ref=956"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "582",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "16",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "1"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a SQL Injection in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/cart.php?sort=447"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 03:06 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php?sort=447 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 368.9833,
+ "StatusCode": 200
+ },
+ "LookupId": "1dd71426-9a11-5563-9132-a9a508017713",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in POST Body issue.
Fix the SQL Injection in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "SQLInjectioninPOSTBody",
+ "Url": "http://blog.testsparker.com/cart.php?sort=447"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "456",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "40"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/admin/dashboard?action=182"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 02:51 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?action=182 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 467.7815,
+ "StatusCode": 200
+ },
+ "LookupId": "a867089e-6c72-59a0-a164-2ce468a0a903",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in JSON Payload via PUT Request issue.
Fix the Missing X-Frame-Options in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinJSONPayloadviaPUTRequest",
+ "Url": "https://app2.testsparker.com/admin/dashboard?action=182"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "182",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Version Disclosure in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/checkout.php?q=707"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 05:05 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php?q=707 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 374.1241,
+ "StatusCode": 200
+ },
+ "LookupId": "bc15a6e3-2ff4-59a7-aa49-0548d40c4c90",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Version Disclosure in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Version Disclosure in Header via PUT Request issue.
Fix the Version Disclosure in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "VersionDisclosureinHeaderviaPUTRequest",
+ "Url": "https://portal.testsparker.com/checkout.php?q=707"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "145",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Broken Authentication in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/help?action=447"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 03:33 AM",
+ "HttpRequest": {
+ "Content": "GET /help?action=447 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 289.996,
+ "StatusCode": 200
+ },
+ "LookupId": "ffc009c2-e3ae-5e12-90ff-e19441fcacea",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in Cookie via POST Request issue.
Fix the Broken Authentication in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinCookieviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/help?action=447"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "68",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 07:49 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 210.6224,
+ "StatusCode": 200
+ },
+ "LookupId": "cfa6166e-e4b3-528d-a74e-3a271fe06762",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in Header issue.
Fix the Cookie Not Marked as HttpOnly in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinHeader",
+ "Url": "https://shop.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "613",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Directory Traversal in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/cart.php?ref=1"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 08:44 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php?ref=1 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 145.7699,
+ "StatusCode": 200
+ },
+ "LookupId": "862898ee-5f33-5fd5-b8bf-900f219daab0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Directory Traversal in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Directory Traversal in XML Input issue.
Fix the Directory Traversal in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "DirectoryTraversalinXMLInput",
+ "Url": "https://portal.testsparker.com/cart.php?ref=1"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "541",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "24"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/products.php"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 02:03 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 416.0993,
+ "StatusCode": 200
+ },
+ "LookupId": "deb7872c-1df2-539f-a330-aca61161c26f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in Header issue.
Fix the Insecure Direct Object Reference in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinHeader",
+ "Url": "https://docs.testsparker.com/products.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "464",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/auth/reset.php"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 07:15 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 292.4428,
+ "StatusCode": 200
+ },
+ "LookupId": "9a6645c5-18fa-5c47-a2ec-5e5324136c8b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in Multipart Data via POST Request issue.
Fix the Insecure HTTP Method in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinMultipartDataviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/auth/reset.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "38",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Remote Code Execution in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/files/download"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 10:46 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 309.6327,
+ "StatusCode": 200
+ },
+ "LookupId": "5222fb2b-a502-5810-9ae6-a4280a3a2867",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Remote Code Execution in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Remote Code Execution in URL Path via POST Request issue.
Fix the Remote Code Execution in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "RemoteCodeExecutioninURLPathviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/files/download"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "597",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HTTP Response Splitting vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/admin/logs?token=694"
+ }
+ ],
+ "FirstSeenDate": "25/06/2021 10:36 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?token=694 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 405.9543,
+ "StatusCode": 200
+ },
+ "LookupId": "a9c1d3a9-3e9a-5d45-a431-b8c16e415c6e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting issue.
Fix the HTTP Response Splitting vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "HTTPResponseSplitting",
+ "Url": "http://api.testsparker.com/admin/logs?token=694"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "684",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "13"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/reports/generate?ref=541"
+ }
+ ],
+ "FirstSeenDate": "27/06/2021 03:14 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?ref=541 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 371.3628,
+ "StatusCode": 200
+ },
+ "LookupId": "6b846f32-0125-5d30-8c5d-f7fb67217ba6",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in URL Path issue.
Fix the Insecure Direct Object Reference in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinURLPath",
+ "Url": "https://portal.testsparker.com/reports/generate?ref=541"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "452",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "12"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Missing X-Frame-Options in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/reports/export?id=588"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 08:07 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export?id=588 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 412.8367,
+ "StatusCode": 200
+ },
+ "LookupId": "284c30fd-6d96-5112-b6ae-bbc68cbe5f13",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing X-Frame-Options in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing X-Frame-Options in POST Body issue.
Fix the Missing X-Frame-Options in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "MissingX-Frame-OptionsinPOSTBody",
+ "Url": "http://api.testsparker.com/reports/export?id=588"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "95",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/payment.php?action=256"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 02:46 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php?action=256 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 169.0991,
+ "StatusCode": 200
+ },
+ "LookupId": "555c6f6b-7595-5efc-afbb-334c26aed888",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in Multipart Data issue.
Fix the Sensitive Data Exposure in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinMultipartData",
+ "Url": "http://api.testsparker.com/payment.php?action=256"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "382",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Race Condition in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/checkout.php"
+ }
+ ],
+ "FirstSeenDate": "05/06/2021 11:48 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 445.8202,
+ "StatusCode": 200
+ },
+ "LookupId": "509b66c8-c09e-574a-84b2-3da2e89c23e2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in File Name issue.
Fix the Race Condition in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "RaceConditioninFileName",
+ "Url": "http://api.testsparker.com/checkout.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "182",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "40"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cross-site Scripting in Query Parameter vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/cart.php"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 06:55 AM",
+ "HttpRequest": {
+ "Content": "GET /cart.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 234.197,
+ "StatusCode": 200
+ },
+ "LookupId": "69cb75d3-d90c-52bf-bb75-718d667c5771",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in Query Parameter",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in Query Parameter issue.
Fix the Cross-site Scripting in Query Parameter vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginQueryParameter",
+ "Url": "http://blog.testsparker.com/cart.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "147",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "3"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a HSTS Missing in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/blog/post.php"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 07:20 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 15.7391,
+ "StatusCode": 200
+ },
+ "LookupId": "7017b19f-7ff2-529d-bd91-171b8d8e422b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in URL Path via PUT Request issue.
Fix the HSTS Missing in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "HSTSMissinginURLPathviaPUTRequest",
+ "Url": "http://app1.testsparker.com/blog/post.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "642",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "35"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in Multipart Data via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/help?name=199"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 03:16 AM",
+ "HttpRequest": {
+ "Content": "GET /help?name=199 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 456.0604,
+ "StatusCode": 200
+ },
+ "LookupId": "ffbdac1e-efc7-5618-bf48-c9579e358e9b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in Multipart Data via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in Multipart Data via POST Request issue.
Fix the Insecure Direct Object Reference in Multipart Data via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinMultipartDataviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/help?name=199"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "376",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Race Condition in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/files/download?sort=41"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 07:21 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?sort=41 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 340.7482,
+ "StatusCode": 200
+ },
+ "LookupId": "bca5e15c-bc7e-5886-9f68-26c4e093a6ee",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in Cookie via PUT Request issue.
Fix the Race Condition in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "RaceConditioninCookieviaPUTRequest",
+ "Url": "https://docs.testsparker.com/files/download?sort=41"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "645",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "7"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Sensitive Data Exposure in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/files/download"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 03:57 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 12.5658,
+ "StatusCode": 200
+ },
+ "LookupId": "d1ecb6a7-1aa9-5e92-b651-70d877704373",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Sensitive Data Exposure in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Sensitive Data Exposure in Query Parameter via PUT Request issue.
Fix the Sensitive Data Exposure in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "SensitiveDataExposureinQueryParameterviaPUTRequest",
+ "Url": "http://api.testsparker.com/files/download"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "512",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "23"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in Cookie vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v2/webhook?page=603"
+ }
+ ],
+ "FirstSeenDate": "09/06/2021 12:30 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?page=603 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 431.9757,
+ "StatusCode": 200
+ },
+ "LookupId": "8a39f1c6-52ea-5c33-80f5-ea79219cd95c",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in Cookie",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in Cookie issue.
Fix the Server-Side Request Forgery in Cookie vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinCookie",
+ "Url": "http://app1.testsparker.com/api/v2/webhook?page=603"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "691",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "200",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HSTS Missing in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/api/v2/webhook?id=738"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 11:23 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/webhook?id=738 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 17.2678,
+ "StatusCode": 200
+ },
+ "LookupId": "f4f09f0f-035f-5e16-9364-0f47fab8a6a5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in POST Body via POST Request issue.
Fix the HSTS Missing in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "HSTSMissinginPOSTBodyviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/api/v2/webhook?id=738"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "204",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XML External Entity in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/auth/login.php?page=395"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 11:13 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php?page=395 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 241.6845,
+ "StatusCode": 200
+ },
+ "LookupId": "5bb2d071-8531-577b-aa52-a157aef2cc26",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in Multipart Data issue.
Fix the XML External Entity in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "XMLExternalEntityinMultipartData",
+ "Url": "http://blog.testsparker.com/auth/login.php?page=395"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "331",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "12"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in File Name via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/api/v1/products?token=983"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 06:31 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products?token=983 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 217.6777,
+ "StatusCode": 200
+ },
+ "LookupId": "1f18b7ce-becc-50df-8f41-3841588ba042",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in File Name via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in File Name via POST Request issue.
Fix the Cookie Not Marked as Secure in File Name via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinFileNameviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/api/v1/products?token=983"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "275",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a DNS Zone Transfer in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/account/security?token=174"
+ }
+ ],
+ "FirstSeenDate": "06/06/2021 07:17 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?token=174 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 216.3401,
+ "StatusCode": 200
+ },
+ "LookupId": "580cf70f-79e1-512f-a64f-d1c027571ea0",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "DNS Zone Transfer in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the DNS Zone Transfer in URL Path issue.
Fix the DNS Zone Transfer in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "DNSZoneTransferinURLPath",
+ "Url": "https://portal.testsparker.com/account/security?token=174"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "432",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "22"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Path Disclosure in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/download.php"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 02:11 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 457.4429,
+ "StatusCode": 200
+ },
+ "LookupId": "8ff8aee8-0516-58e2-b283-c23e1dc97624",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Path Disclosure in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Path Disclosure in Cookie via PUT Request issue.
Fix the Path Disclosure in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "PathDisclosureinCookieviaPUTRequest",
+ "Url": "http://app1.testsparker.com/download.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "453",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "38"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Session Fixation in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "21/06/2021 07:44 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 132.5481,
+ "StatusCode": 200
+ },
+ "LookupId": "d06e3fea-4248-58ff-8012-93163f4bd3a5",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in POST Body issue.
Fix the Session Fixation in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "SessionFixationinPOSTBody",
+ "Url": "http://app1.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "351",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "45"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/reports/generate"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 08:44 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 136.3817,
+ "StatusCode": 200
+ },
+ "LookupId": "eb5b8ba5-9d89-5130-9ec2-c9cbd32ca5f6",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in Header via PUT Request issue.
Fix the File Upload Vulnerability in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinHeaderviaPUTRequest",
+ "Url": "https://app2.testsparker.com/reports/generate"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "27",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XML External Entity in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/checkout.php"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 01:39 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 327.6597,
+ "StatusCode": 200
+ },
+ "LookupId": "8268a157-b768-5d8b-9178-bc5fd8b34e5e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in URL Path issue.
Fix the XML External Entity in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "XMLExternalEntityinURLPath",
+ "Url": "http://app1.testsparker.com/checkout.php"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "346",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a HTTP Response Splitting in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/payment.php"
+ }
+ ],
+ "FirstSeenDate": "02/06/2021 06:19 AM",
+ "HttpRequest": {
+ "Content": "GET /payment.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 280.7866,
+ "StatusCode": 200
+ },
+ "LookupId": "01560474-5baf-5b8a-98bb-dd3e144b2eab",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HTTP Response Splitting in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HTTP Response Splitting in URL Path issue.
Fix the HTTP Response Splitting in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "HTTPResponseSplittinginURLPath",
+ "Url": "https://portal.testsparker.com/payment.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "63",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "4"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a HSTS Missing in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/files/upload"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 07:16 AM",
+ "HttpRequest": {
+ "Content": "GET /files/upload HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 419.1001,
+ "StatusCode": 200
+ },
+ "LookupId": "312dc814-fcc4-5a0a-a721-ea3c0b4ffd67",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "HSTS Missing in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the HSTS Missing in Multipart Data issue.
Fix the HSTS Missing in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "HSTSMissinginMultipartData",
+ "Url": "http://api.testsparker.com/files/upload"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "312",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Server-Side Request Forgery in Header via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/reports/export?filter=86"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 11:29 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export?filter=86 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 24.4866,
+ "StatusCode": 200
+ },
+ "LookupId": "2d464dbd-1afe-55b7-a673-6f72ffd32972",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Server-Side Request Forgery in Header via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Server-Side Request Forgery in Header via PUT Request issue.
Fix the Server-Side Request Forgery in Header via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "Server-SideRequestForgeryinHeaderviaPUTRequest",
+ "Url": "https://app2.testsparker.com/reports/export?filter=86"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "418",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a NoSQL Injection in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/auth/register.php"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 06:27 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 244.8057,
+ "StatusCode": 200
+ },
+ "LookupId": "47ce27cc-d8dd-5ff8-b640-857ca71f58e3",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in Form Field via POST Request issue.
Fix the NoSQL Injection in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "NoSQLInjectioninFormFieldviaPOSTRequest",
+ "Url": "http://blog.testsparker.com/auth/register.php"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "64",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cleartext Transmission in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/reports/generate?token=849"
+ }
+ ],
+ "FirstSeenDate": "07/06/2021 08:04 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?token=849 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 190.9542,
+ "StatusCode": 200
+ },
+ "LookupId": "e18f9dca-b63d-56fd-a75e-5239a83b1178",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cleartext Transmission in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cleartext Transmission in URL Path via POST Request issue.
Fix the Cleartext Transmission in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "CleartextTransmissioninURLPathviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/reports/generate?token=849"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "316",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "24"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Missing Content-Security-Policy in URL Path vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/checkout.php?sort=390"
+ }
+ ],
+ "FirstSeenDate": "15/06/2021 02:51 AM",
+ "HttpRequest": {
+ "Content": "GET /checkout.php?sort=390 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 490.846,
+ "StatusCode": 200
+ },
+ "LookupId": "d76bcc83-44b7-5c49-9b1e-a6a49f9914d2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Missing Content-Security-Policy in URL Path",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Missing Content-Security-Policy in URL Path issue.
Fix the Missing Content-Security-Policy in URL Path vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "MissingContent-Security-PolicyinURLPath",
+ "Url": "http://blog.testsparker.com/checkout.php?sort=390"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "495",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "611",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "44"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Weak Password Policy in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/reports/export"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 08:04 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 347.4207,
+ "StatusCode": 200
+ },
+ "LookupId": "0eb0c313-08fd-57d3-8e77-0c2c7abce642",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Weak Password Policy in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Weak Password Policy in Header issue.
Fix the Weak Password Policy in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "WeakPasswordPolicyinHeader",
+ "Url": "http://app1.testsparker.com/reports/export"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "301",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "47"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Broken Authentication in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/reports/generate?sort=976"
+ }
+ ],
+ "FirstSeenDate": "22/06/2021 02:30 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?sort=976 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 194.8629,
+ "StatusCode": 200
+ },
+ "LookupId": "67bb1fec-bec3-54ba-9367-7ca556598603",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Broken Authentication in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Broken Authentication in Form Field via POST Request issue.
Fix the Broken Authentication in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "BrokenAuthenticationinFormFieldviaPOSTRequest",
+ "Url": "https://shop.testsparker.com/reports/generate?sort=976"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "443",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "434",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/auth/register.php"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 04:42 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/register.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 365.9827,
+ "StatusCode": 200
+ },
+ "LookupId": "059eab91-8fcd-5e3e-b7c0-aac84b549fce",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in Header via POST Request issue.
Fix the File Upload Vulnerability in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinHeaderviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/auth/register.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "522",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "22",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "2"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Open Redirect in XML Input via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/reports/export?name=936"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 02:15 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export?name=936 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 46.4632,
+ "StatusCode": 200
+ },
+ "LookupId": "606ad4d1-0f43-5b96-b83b-ae265fd2d44f",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Open Redirect in XML Input via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Open Redirect in XML Input via PUT Request issue.
Fix the Open Redirect in XML Input via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "OpenRedirectinXMLInputviaPUTRequest",
+ "Url": "https://portal.testsparker.com/reports/export?name=936"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "675",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "20"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cross-site Scripting in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v2/search?sort=69"
+ }
+ ],
+ "FirstSeenDate": "01/06/2021 02:36 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?sort=69 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 479.0055,
+ "StatusCode": 200
+ },
+ "LookupId": "c9781ea7-d355-59db-b181-446132f0c7dc",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in Header via POST Request issue.
Fix the Cross-site Scripting in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginHeaderviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/api/v2/search?sort=69"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "430",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as Secure in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/admin/logs"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 01:38 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 131.2739,
+ "StatusCode": 200
+ },
+ "LookupId": "3e13b4eb-32ed-58f8-b7fe-40ff9007fbdd",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as Secure in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as Secure in Form Field via POST Request issue.
Fix the Cookie Not Marked as Secure in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CookieNotMarkedasSecureinFormFieldviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/admin/logs"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "212",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "10"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XML External Entity in POST Body via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v2/search"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 11:50 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 70.3896,
+ "StatusCode": 200
+ },
+ "LookupId": "b93287e5-3f5c-56ec-b171-aa6e2bef7556",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in POST Body via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in POST Body via PUT Request issue.
Fix the XML External Entity in POST Body via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "XMLExternalEntityinPOSTBodyviaPUTRequest",
+ "Url": "http://app1.testsparker.com/api/v2/search"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "653",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "614",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "17"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Cookie Not Marked as HttpOnly in JSON Payload via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v2/search?name=608"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 08:46 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?name=608 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 314.2169,
+ "StatusCode": 200
+ },
+ "LookupId": "bfceaf1b-a3aa-5745-8834-0b03a03d5231",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cookie Not Marked as HttpOnly in JSON Payload via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cookie Not Marked as HttpOnly in JSON Payload via POST Request issue.
Fix the Cookie Not Marked as HttpOnly in JSON Payload via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CookieNotMarkedasHttpOnlyinJSONPayloadviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/api/v2/search?name=608"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "230",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "39"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a CORS Misconfiguration in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/reports/view"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 12:41 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 144.9355,
+ "StatusCode": 200
+ },
+ "LookupId": "0e79253b-a8e3-5c74-8567-a863f160cd08",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "CORS Misconfiguration in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the CORS Misconfiguration in XML Input issue.
Fix the CORS Misconfiguration in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "CORSMisconfigurationinXMLInput",
+ "Url": "http://app1.testsparker.com/reports/view"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "17",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "9"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Integer Overflow in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/profile.php?filter=350"
+ }
+ ],
+ "FirstSeenDate": "20/06/2021 08:00 AM",
+ "HttpRequest": {
+ "Content": "GET /profile.php?filter=350 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 451.708,
+ "StatusCode": 200
+ },
+ "LookupId": "fe16b395-2f40-5cb7-b8ef-7333c7262b83",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in URL Path via POST Request issue.
Fix the Integer Overflow in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "IntegerOverflowinURLPathviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/profile.php?filter=350"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "55",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "6"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/api/v2/search"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 04:47 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 83.7954,
+ "StatusCode": 200
+ },
+ "LookupId": "49eff2ad-15ad-5abc-ba5b-524077e410c2",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in JSON Payload via PUT Request issue.
Fix the Insecure Direct Object Reference in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinJSONPayloadviaPUTRequest",
+ "Url": "http://app1.testsparker.com/api/v2/search"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "554",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "2"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Session Fixation in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/reports/generate?ref=503"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 02:24 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?ref=503 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 230.5566,
+ "StatusCode": 200
+ },
+ "LookupId": "b34b9272-c7d9-5920-bdce-5e1c8a7a7ff9",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation in Cookie via POST Request issue.
Fix the Session Fixation in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "SessionFixationinCookieviaPOSTRequest",
+ "Url": "https://docs.testsparker.com/reports/generate?ref=503"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "654",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "16"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a File Upload Vulnerability in Form Field via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v1/products"
+ }
+ ],
+ "FirstSeenDate": "18/06/2021 07:18 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/products HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 29.08,
+ "StatusCode": 200
+ },
+ "LookupId": "09a59f22-df03-5f68-9904-a3cb5f4dc63b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "File Upload Vulnerability in Form Field via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the File Upload Vulnerability in Form Field via POST Request issue.
Fix the File Upload Vulnerability in Form Field via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "FileUploadVulnerabilityinFormFieldviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/api/v1/products"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "524",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "89",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "28"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure Deserialization in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/admin/dashboard?id=332"
+ }
+ ],
+ "FirstSeenDate": "11/06/2021 05:32 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/dashboard?id=332 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 382.4036,
+ "StatusCode": 200
+ },
+ "LookupId": "1e7b8409-eed9-5bd5-9616-5352bd1cd098",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Deserialization in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Deserialization in Cookie via PUT Request issue.
Fix the Insecure Deserialization in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "InsecureDeserializationinCookieviaPUTRequest",
+ "Url": "http://api.testsparker.com/admin/dashboard?id=332"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "508",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "79",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "5"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Clickjacking in Multipart Data vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/download.php?page=157"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 07:19 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?page=157 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 414.3637,
+ "StatusCode": 200
+ },
+ "LookupId": "eeb878a6-0309-5eae-8924-0468c4955291",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Clickjacking in Multipart Data",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Clickjacking in Multipart Data issue.
Fix the Clickjacking in Multipart Data vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "ClickjackinginMultipartData",
+ "Url": "http://api.testsparker.com/download.php?page=157"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "625",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "12"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a NoSQL Injection in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/reports/view?id=912"
+ }
+ ],
+ "FirstSeenDate": "12/06/2021 03:29 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/view?id=912 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 362.7124,
+ "StatusCode": 200
+ },
+ "LookupId": "33648f76-bc23-5ff1-bb40-c50d9a1c415e",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "NoSQL Injection in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the NoSQL Injection in POST Body via POST Request issue.
Fix the NoSQL Injection in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "NoSQLInjectioninPOSTBodyviaPOSTRequest",
+ "Url": "https://app2.testsparker.com/reports/view?id=912"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "589",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a XML External Entity in POST Body via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/blog/post.php"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 02:53 AM",
+ "HttpRequest": {
+ "Content": "GET /blog/post.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 351.1498,
+ "StatusCode": 200
+ },
+ "LookupId": "8c7aa0d3-93c3-5658-b376-04491a98fb20",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XML External Entity in POST Body via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XML External Entity in POST Body via POST Request issue.
Fix the XML External Entity in POST Body via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "XMLExternalEntityinPOSTBodyviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/blog/post.php"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "642",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a LDAP Injection in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/api/v1/orders"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 09:02 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v1/orders HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 312.5551,
+ "StatusCode": 200
+ },
+ "LookupId": "78563521-e29a-50cc-a13f-54fd91cc50b7",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in POST Body issue.
Fix the LDAP Injection in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "LDAPInjectioninPOSTBody",
+ "Url": "http://blog.testsparker.com/api/v1/orders"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "231",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "94",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "48"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Integer Overflow in XML Input via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://portal.testsparker.com/reports/export?token=61"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 03:54 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/export?token=61 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 248.8773,
+ "StatusCode": 200
+ },
+ "LookupId": "cf7d2542-54da-50e9-a14c-dc3c3694854b",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in XML Input via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in XML Input via POST Request issue.
Fix the Integer Overflow in XML Input via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "IntegerOverflowinXMLInputviaPOSTRequest",
+ "Url": "https://portal.testsparker.com/reports/export?token=61"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "169",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "330",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "31"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Integer Overflow in POST Body vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://api.testsparker.com/admin/logs?type=898"
+ }
+ ],
+ "FirstSeenDate": "24/06/2021 06:51 AM",
+ "HttpRequest": {
+ "Content": "GET /admin/logs?type=898 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 66.4332,
+ "StatusCode": 200
+ },
+ "LookupId": "0ed831cf-913e-5ae5-b8aa-e1d05967136a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Integer Overflow in POST Body",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Integer Overflow in POST Body issue.
Fix the Integer Overflow in POST Body vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "IntegerOverflowinPOSTBody",
+ "Url": "http://api.testsparker.com/admin/logs?type=898"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "421",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A3",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "25"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Insecure HTTP Method in XML Input vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/api/v2/search?name=805"
+ }
+ ],
+ "FirstSeenDate": "19/06/2021 10:30 AM",
+ "HttpRequest": {
+ "Content": "GET /api/v2/search?name=805 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 28.3582,
+ "StatusCode": 200
+ },
+ "LookupId": "7ec30794-e8bd-510a-915d-07535f717889",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure HTTP Method in XML Input",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure HTTP Method in XML Input issue.
Fix the Insecure HTTP Method in XML Input vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "InsecureHTTPMethodinXMLInput",
+ "Url": "https://app2.testsparker.com/api/v2/search?name=805"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "593",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "502",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "37"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Command Injection in File Name vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/auth/reset.php?filter=106"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 11:24 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/reset.php?filter=106 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 188.9954,
+ "StatusCode": 200
+ },
+ "LookupId": "bf57ec2c-8a41-56aa-b0ee-653baed67e42",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in File Name",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in File Name issue.
Fix the Command Injection in File Name vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "CommandInjectioninFileName",
+ "Url": "https://docs.testsparker.com/auth/reset.php?filter=106"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "291",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "352",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "43"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Session Fixation vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://shop.testsparker.com/reports/generate?page=524"
+ }
+ ],
+ "FirstSeenDate": "03/06/2021 04:43 AM",
+ "HttpRequest": {
+ "Content": "GET /reports/generate?page=524 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 162.1055,
+ "StatusCode": 200
+ },
+ "LookupId": "472bc9d0-b27b-587d-ac43-8a52b1c8aeae",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Session Fixation",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Session Fixation issue.
Fix the Session Fixation vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "SessionFixation",
+ "Url": "https://shop.testsparker.com/reports/generate?page=524"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "515",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "30"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Race Condition in JSON Payload via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://blog.testsparker.com/help"
+ }
+ ],
+ "FirstSeenDate": "23/06/2021 10:24 AM",
+ "HttpRequest": {
+ "Content": "GET /help HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 402.6408,
+ "StatusCode": 200
+ },
+ "LookupId": "b8b0175a-9029-5c4d-8047-f762913c8d3d",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Race Condition in JSON Payload via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Race Condition in JSON Payload via PUT Request issue.
Fix the Race Condition in JSON Payload via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "RaceConditioninJSONPayloadviaPUTRequest",
+ "Url": "http://blog.testsparker.com/help"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "146",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 3,
+ "Type": "Base",
+ "Value": "7.5"
+ },
+ "EnvironmentalScore": {
+ "Severity": 3,
+ "Type": "Environmental",
+ "Value": "7.5"
+ },
+ "TemporalScore": {
+ "Severity": 3,
+ "Type": "Temporal",
+ "Value": "7.5"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "78",
+ "Hipaa": "",
+ "Owasp": "A5",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "21"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a XPath Injection in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/download.php?id=306"
+ }
+ ],
+ "FirstSeenDate": "13/06/2021 02:03 AM",
+ "HttpRequest": {
+ "Content": "GET /download.php?id=306 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 109.2541,
+ "StatusCode": 200
+ },
+ "LookupId": "b1981c5b-9a78-5b9d-a0d2-aa3b5ad5f499",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "XPath Injection in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the XPath Injection in URL Path via POST Request issue.
Fix the XPath Injection in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "High",
+ "State": "Present",
+ "Type": "XPathInjectioninURLPathviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/download.php?id=306"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "418",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 2,
+ "Type": "Base",
+ "Value": "5.7"
+ },
+ "EnvironmentalScore": {
+ "Severity": 2,
+ "Type": "Environmental",
+ "Value": "5.7"
+ },
+ "TemporalScore": {
+ "Severity": 2,
+ "Type": "Temporal",
+ "Value": "5.7"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "918",
+ "Hipaa": "",
+ "Owasp": "A7",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Command Injection in Query Parameter via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://app2.testsparker.com/settings.php?ref=956"
+ }
+ ],
+ "FirstSeenDate": "08/06/2021 11:41 AM",
+ "HttpRequest": {
+ "Content": "GET /settings.php?ref=956 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 232.2905,
+ "StatusCode": 200
+ },
+ "LookupId": "2fcec539-d789-5e70-9b65-1e9e32a504ff",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Command Injection in Query Parameter via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Command Injection in Query Parameter via PUT Request issue.
Fix the Command Injection in Query Parameter via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Medium",
+ "State": "Present",
+ "Type": "CommandInjectioninQueryParameterviaPUTRequest",
+ "Url": "https://app2.testsparker.com/settings.php?ref=956"
+ },
+ {
+ "Certainty": 90,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "565",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "287",
+ "Hipaa": "",
+ "Owasp": "A6",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "42"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Buffer Overflow in URL Path via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/search?token=822"
+ }
+ ],
+ "FirstSeenDate": "04/06/2021 05:46 AM",
+ "HttpRequest": {
+ "Content": "GET /search?token=822 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 191.7087,
+ "StatusCode": 200
+ },
+ "LookupId": "0a66226e-5563-52f0-b8f8-68843022d273",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Buffer Overflow in URL Path via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Buffer Overflow in URL Path via PUT Request issue.
Fix the Buffer Overflow in URL Path via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "BufferOverflowinURLPathviaPUTRequest",
+ "Url": "http://app1.testsparker.com/search?token=822"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "155",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "319",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "49"
+ },
+ "Confirmed": false,
+ "Description": "Acunetix360 detected a Email Header Injection in URL Path via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/account/security?ref=515"
+ }
+ ],
+ "FirstSeenDate": "17/06/2021 10:50 AM",
+ "HttpRequest": {
+ "Content": "GET /account/security?ref=515 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 30.8053,
+ "StatusCode": 200
+ },
+ "LookupId": "502b9bc4-4468-53e3-8fb0-36c97a3a8480",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Email Header Injection in URL Path via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Email Header Injection in URL Path via POST Request issue.
Fix the Email Header Injection in URL Path via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "EmailHeaderInjectioninURLPathviaPOSTRequest",
+ "Url": "http://app1.testsparker.com/account/security?ref=515"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "409",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 1,
+ "Type": "Base",
+ "Value": "3.1"
+ },
+ "EnvironmentalScore": {
+ "Severity": 1,
+ "Type": "Environmental",
+ "Value": "3.1"
+ },
+ "TemporalScore": {
+ "Severity": 1,
+ "Type": "Temporal",
+ "Value": "3.1"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "523",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "19"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a SQL Injection in Cookie via PUT Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://app1.testsparker.com/files/download?type=499"
+ }
+ ],
+ "FirstSeenDate": "14/06/2021 05:46 AM",
+ "HttpRequest": {
+ "Content": "GET /files/download?type=499 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 461.7654,
+ "StatusCode": 200
+ },
+ "LookupId": "f9ff3bed-ddd7-5f14-96d2-06c2c238bd45",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "SQL Injection in Cookie via PUT Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the SQL Injection in Cookie via PUT Request issue.
Fix the SQL Injection in Cookie via PUT Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Low",
+ "State": "Present",
+ "Type": "SQLInjectioninCookieviaPUTRequest",
+ "Url": "http://app1.testsparker.com/files/download?type=499"
+ },
+ {
+ "Certainty": 100,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "90",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 0,
+ "Type": "Base",
+ "Value": "0.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 0,
+ "Type": "Environmental",
+ "Value": "0.0"
+ },
+ "TemporalScore": {
+ "Severity": 0,
+ "Type": "Temporal",
+ "Value": "0.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "601",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "26"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Cross-site Scripting in Cookie via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/files/list"
+ }
+ ],
+ "FirstSeenDate": "10/06/2021 02:06 AM",
+ "HttpRequest": {
+ "Content": "GET /files/list HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 90.7354,
+ "StatusCode": 200
+ },
+ "LookupId": "dfb31fad-3330-5267-b2d7-38815fcc4a74",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Cross-site Scripting in Cookie via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Cross-site Scripting in Cookie via POST Request issue.
Fix the Cross-site Scripting in Cookie via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Info",
+ "State": "Present",
+ "Type": "Cross-siteScriptinginCookieviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/files/list"
+ },
+ {
+ "Certainty": 95,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "583",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "776",
+ "Hipaa": "",
+ "Owasp": "A2",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "14"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a LDAP Injection in Header via POST Request vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at http://admin.testsparker.com/auth/login.php?id=672"
+ }
+ ],
+ "FirstSeenDate": "26/06/2021 11:18 AM",
+ "HttpRequest": {
+ "Content": "GET /auth/login.php?id=672 HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 168.3537,
+ "StatusCode": 200
+ },
+ "LookupId": "b0873b7e-df34-59ed-8f18-d5cdbc3cbdf8",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "LDAP Injection in Header via POST Request",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the LDAP Injection in Header via POST Request issue.
Fix the LDAP Injection in Header via POST Request vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "LDAPInjectioninHeaderviaPOSTRequest",
+ "Url": "http://admin.testsparker.com/auth/login.php?id=672"
+ },
+ {
+ "Certainty": 80,
+ "Classification": {
+ "Iso27001": "A.14.2.5",
+ "Capec": "1",
+ "Cvss": {
+ "BaseScore": {
+ "Severity": 4,
+ "Type": "Base",
+ "Value": "10.0"
+ },
+ "EnvironmentalScore": {
+ "Severity": 4,
+ "Type": "Environmental",
+ "Value": "10.0"
+ },
+ "TemporalScore": {
+ "Severity": 4,
+ "Type": "Temporal",
+ "Value": "10.0"
+ },
+ "Vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ "Cvss31": null,
+ "Cwe": "693",
+ "Hipaa": "",
+ "Owasp": "A1",
+ "OwaspProactiveControls": "",
+ "Pci32": "",
+ "Wasc": "40"
+ },
+ "Confirmed": true,
+ "Description": "Acunetix360 detected a Insecure Direct Object Reference in Header vulnerability at the target endpoint.
\nThis issue could allow an attacker to compromise the application security.
",
+ "ExploitationSkills": "",
+ "ExternalReferences": "",
+ "ExtraInformation": [
+ {
+ "Name": "Evidence",
+ "Value": "Detected at https://docs.testsparker.com/products.php"
+ }
+ ],
+ "FirstSeenDate": "28/06/2021 01:17 AM",
+ "HttpRequest": {
+ "Content": "GET /products.php HTTP/1.1\r\nHost: testsparker.com\r\nUser-Agent: Mozilla/5.0\r\nX-Scanner: Acunetix360\r\n\r\n",
+ "Method": "GET",
+ "Parameters": []
+ },
+ "HttpResponse": {
+ "Content": "HTTP/1.1 200 OK\r\nContent-Type: text/html\r\n\r\nResponse",
+ "Duration": 465.7781,
+ "StatusCode": 200
+ },
+ "LookupId": "3df56a46-c64e-52ed-9008-9dd3a94de51a",
+ "Impact": "This vulnerability could lead to unauthorized access or data leakage.
",
+ "KnownVulnerabilities": [],
+ "LastSeenDate": "25/06/2021 02:00 AM",
+ "Name": "Insecure Direct Object Reference in Header",
+ "ProofOfConcept": "",
+ "RemedialActions": "- Address the Insecure Direct Object Reference in Header issue.
Fix the Insecure Direct Object Reference in Header vulnerability by applying appropriate security controls.
",
+ "RemedyReferences": "",
+ "Severity": "Critical",
+ "State": "Present",
+ "Type": "InsecureDirectObjectReferenceinHeader",
+ "Url": "https://docs.testsparker.com/products.php"
+ }
+ ]
+}
\ No newline at end of file
diff --git a/unittests/scans/jfrog_xray_unified/many_vulns_1373_constructed.json b/unittests/scans/jfrog_xray_unified/many_vulns_1373_constructed.json
new file mode 100644
index 00000000000..70472198c6c
--- /dev/null
+++ b/unittests/scans/jfrog_xray_unified/many_vulns_1373_constructed.json
@@ -0,0 +1,51437 @@
+{ "total_rows" : 1373,
+ "rows" : [
+{
+ "cves": [
+ {
+ "cve": "CVE-2020-14363",
+ "cvss_v2_score": 4.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.6,
+ "cvss3_max_score": 7.8,
+ "summary": "CVE-2020-14363 libX11: integer overflow leads to double free in locale handling (important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:libX11-common:0:1.6.8-3.el8",
+ "impacted_artifact": "rpm://8:libX11-common:0:1.6.8-3.el8",
+ "impact_path": [
+ "rpm://8:libX11-common:0:1.6.8-3.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/l/libX11-common-1.6.8-3.el8.noarch.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T16:18:32+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:38+11:00",
+ "issue_id": "XRAY-134873",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to confidentiality, integrity as well as system availability. STATEMENT: Xorg server does not run with root privileges in Red Hat Enterprise Linux 8. Therefore this flaw has been rated as having a moderate impact for Red Hat Enterprise Linux 8.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-14363"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite pcache1.c pcache1AllocPage() Function Uninitialized Memory Use Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:sqlite-libs:3.34.1-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "generic://sha256:0fbf23c5a32ab9c6e5fe681d3bfe670b9e625817e5cf6bf792068596793a3378/sha256__0fbf23c5a32ab9c6e5fe681d3bfe670b9e625817e5cf6bf792068596793a3378.tar.gz",
+ "alpine://3.13:sqlite-libs:3.34.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c/",
+ "fixed_versions": [],
+ "published": "2021-04-20T00:31:27+10:00",
+ "artifact_scan_time": "2021-02-18T14:16:57+11:00",
+ "issue_id": "XRAY-172950",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains a flaw in the pcache1AllocPage() function in pcache1.c related to use of uninitialized memory. The issue is triggered when handling specially crafted database files. This may allow a context-dependent attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/1e06c70eb073a92e683c55ffb8471301db999b75",
+ "https://github.com/sqlite/sqlite/commit/1f9f5766954d250a00da59f7f7c1fc57d9032a6e",
+ "https://www.sqlite.org/src/info/39c8686cabe6c437",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/60efbb3584af2ba05e1935b3e07d3a861841db7c",
+ "https://github.com/chromium/chromium/commit/78157c349734be628ac9eef25a897a50bd31b8cd",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1175522",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1181276",
+ "https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1198709"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3345",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "_gcry_md_block_write in cipher/hash-common.c in Libgcrypt before 1.9.1 has a heap-based buffer overflow when the digest final function sets a large count value.",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:libgcrypt:1.8.7-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "generic://sha256:0fbf23c5a32ab9c6e5fe681d3bfe670b9e625817e5cf6bf792068596793a3378/sha256__0fbf23c5a32ab9c6e5fe681d3bfe670b9e625817e5cf6bf792068596793a3378.tar.gz",
+ "alpine://3.13:libgcrypt:1.8.7-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c/",
+ "fixed_versions": [],
+ "published": "2021-02-02T04:46:15+11:00",
+ "artifact_scan_time": "2021-02-18T14:16:57+11:00",
+ "issue_id": "XRAY-139180",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "_gcry_md_block_write in cipher/hash-common.c in Libgcrypt before 1.9.1 has a heap-based buffer overflow when the digest final function sets a large count value.",
+ "references": [
+ "https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000456.html",
+ "https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000455.html",
+ "https://gnupg.org",
+ "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=512c0c75276949f13b6373b5c04f7065af750b08",
+ "https://bugs.gentoo.org/show_bug.cgi?id=767814"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite btree.c balance_nonroot() Function Database File Handling Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:sqlite-libs:3.34.1-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "generic://sha256:0fbf23c5a32ab9c6e5fe681d3bfe670b9e625817e5cf6bf792068596793a3378/sha256__0fbf23c5a32ab9c6e5fe681d3bfe670b9e625817e5cf6bf792068596793a3378.tar.gz",
+ "alpine://3.13:sqlite-libs:3.34.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c/",
+ "fixed_versions": [],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-02-18T14:16:57+11:00",
+ "issue_id": "XRAY-173004",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains a flaw in the balance_nonroot() function in btree.c that is triggered when handling a specially crafted database file. This may allow a context-dependent attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/1e06c70eb073a92e683c55ffb8471301db999b75",
+ "https://github.com/sqlite/sqlite/commit/1f9f5766954d250a00da59f7f7c1fc57d9032a6e",
+ "https://www.sqlite.org/src/info/39c8686cabe6c437",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/60efbb3584af2ba05e1935b3e07d3a861841db7c",
+ "https://github.com/chromium/chromium/commit/78157c349734be628ac9eef25a897a50bd31b8cd",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1175522",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1181276",
+ "https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1198709"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.5,
+ "summary": "Alpine Package Keeper (apk-tools) io.c apk_resolve_[ug]id() Functions Username / Groupname TAR Header Field Handling Out-of-bounds Read DoS Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:apk-tools:2.12.1-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "generic://sha256:4c0d98bf9879488e0407f897d9dd4bf758555a78e39675e72b5124ccf12c2580/sha256__4c0d98bf9879488e0407f897d9dd4bf758555a78e39675e72b5124ccf12c2580.tar.gz",
+ "alpine://3.13:apk-tools:2.12.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c/",
+ "fixed_versions": [
+ "2.12.5-r0"
+ ],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-02-18T14:16:57+11:00",
+ "issue_id": "XRAY-173006",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Alpine Package Keeper (apk-tools) contains an out-of-bounds read flaw in the apk_resolve_uid() and apk_resolve_gid() functions in io.c that is triggered as username and groupname header fields are not properly checked for string terminators when parsing TAR file headers. This can potentially allow a context-dependent attacker to cause a denial of service.",
+ "references": [
+ "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741",
+ "https://github.com/docker-library/official-images/pull/9982",
+ "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606",
+ "https://github.com/alpinelinux/apk-tools/commit/f7143c1766ae59489ac922e890ffe6d4a61c3b2d",
+ "https://github.com/alpinelinux/aports/commit/aa740eb10ca7b8386cadc8761da1e30ed931486c",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-30139"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3121",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "severity": "High",
+ "vulnerable_component": "go://github.com/gogo/protobuf:1.3.1",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "generic://sha256:e5bfcdca3470798216bf1c2b8b2a7b9466b707e2ea1f5c4676d0ac1bdaacf733/sha256__e5bfcdca3470798216bf1c2b8b2a7b9466b707e2ea1f5c4676d0ac1bdaacf733.tar.gz",
+ "generic://sha256:3d906c31b6b36e7ce9772a469875af0c8ab2dbe01db30c01b80d820b78c0357c/kustomize-controller",
+ "go://github.com/gogo/protobuf:1.3.1"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c/",
+ "fixed_versions": [
+ "1.3.2"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-02-18T14:16:57+11:00",
+ "issue_id": "XRAY-139136",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "references": [
+ "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E",
+ "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E",
+ "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2",
+ "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "GNU Libtasn1 lib/int.h ETYPE_OK Macro ASN.1 Type Encoding Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:libtasn1:4.16.0-r1",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "generic://sha256:0fbf23c5a32ab9c6e5fe681d3bfe670b9e625817e5cf6bf792068596793a3378/sha256__0fbf23c5a32ab9c6e5fe681d3bfe670b9e625817e5cf6bf792068596793a3378.tar.gz",
+ "alpine://3.13:libtasn1:4.16.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c/",
+ "fixed_versions": [],
+ "published": "2021-02-10T04:07:40+11:00",
+ "artifact_scan_time": "2021-02-18T14:16:57+11:00",
+ "issue_id": "XRAY-140262",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU Libtasn1 contains an out-of-bounds read flaw in the ETYPE_OK() macro in lib/int.h that is triggered when encoding ASN.1 types. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://gitlab.com/gnutls/libtasn1/-/issues/32"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 8.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 8.5,
+ "cvss3_max_score": 8.2,
+ "summary": "Git fsmonitor.c fsmonitor_is_trivial_response() Function Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:git:2.30.1-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "generic://sha256:0fbf23c5a32ab9c6e5fe681d3bfe670b9e625817e5cf6bf792068596793a3378/sha256__0fbf23c5a32ab9c6e5fe681d3bfe670b9e625817e5cf6bf792068596793a3378.tar.gz",
+ "alpine://3.13:git:2.30.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c/",
+ "fixed_versions": [],
+ "published": "2021-04-21T02:31:31+10:00",
+ "artifact_scan_time": "2021-02-18T14:16:57+11:00",
+ "issue_id": "XRAY-173164",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Git contains an out-of-bounds read flaw in the fsmonitor_is_trivial_response() function in fsmonitor.c that is triggered when handling input passed via 'query_result' values. This may allow an attacker to cause a denial of service or potentially disclose memory contents.",
+ "references": [
+ "https://lore.kernel.org/git/27cc2d6b-834f-e34b-0949-561b575544da@gmail.com/#r",
+ "https://lore.kernel.org/git/pull.904.git.1615826363431.gitgitgadget@gmail.com/",
+ "https://github.com/gitgitgadget/git/commit/8779c141da62d66be5d420b94d506636006a7901",
+ "https://github.com/gitgitgadget/git/pull/904"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite sqliteInt.h sqlite3ExpandSubquery() Function Declaration Unspecified Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:sqlite-libs:3.34.1-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "generic://sha256:0fbf23c5a32ab9c6e5fe681d3bfe670b9e625817e5cf6bf792068596793a3378/sha256__0fbf23c5a32ab9c6e5fe681d3bfe670b9e625817e5cf6bf792068596793a3378.tar.gz",
+ "alpine://3.13:sqlite-libs:3.34.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c/",
+ "fixed_versions": [],
+ "published": "2021-03-15T04:32:05+11:00",
+ "artifact_scan_time": "2021-02-18T14:16:57+11:00",
+ "issue_id": "XRAY-146201",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains an unspecified flaw in sqliteInt.h as the sqlite3ExpandSubquery() function is not declared for SQLITE_OMIT_WINDOWFUNC builds. This may allow an attacker to have an unspecified impact. No further details have been provided.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/7225bfef164bced949c0ba98436b1fa104546493",
+ "https://www.sqlite.org/src/info/9587fa8b29fc2f91",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/8162d64e702214e8cb12078f387e4278a3302d16",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/d9581878fcf81ec8beda15b079726edaddd775bb",
+ "https://chromium.googlesource.com/chromium/src/+/b8631d09aaba64ee30d492e47e6ccf43860e0cac",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1183883",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1161048",
+ "https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "GNU dbm (GDBM) bucket.c _gdbm_get_bucket() Function Improper Bucket Re-initialization Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:gdbm:1.19-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "generic://sha256:0fbf23c5a32ab9c6e5fe681d3bfe670b9e625817e5cf6bf792068596793a3378/sha256__0fbf23c5a32ab9c6e5fe681d3bfe670b9e625817e5cf6bf792068596793a3378.tar.gz",
+ "alpine://3.13:gdbm:1.19-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c/",
+ "fixed_versions": [],
+ "published": "2021-03-19T00:44:44+11:00",
+ "artifact_scan_time": "2021-02-18T14:16:57+11:00",
+ "issue_id": "XRAY-147853",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU dbm (GDBM) contains an out-of-bounds read flaw in the _gdbm_get_bucket() function in bucket.c that is triggered as buckets are not properly re-initialized when a failure occurs. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=40a464d322c720c88a50c3eb0a8c1d87e6079f89",
+ "/vulnerabilities/251924",
+ "https://puszcza.gnu.org.ua/bugs/?501"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:C",
+ "cvss_v3_score": 9.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 9.1,
+ "summary": "Nettle ECDSA Signature Verification Functions Out-of-range Scalar Handling Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:nettle:3.7-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "generic://sha256:0fbf23c5a32ab9c6e5fe681d3bfe670b9e625817e5cf6bf792068596793a3378/sha256__0fbf23c5a32ab9c6e5fe681d3bfe670b9e625817e5cf6bf792068596793a3378.tar.gz",
+ "alpine://3.13:nettle:3.7-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c/",
+ "fixed_versions": [],
+ "published": "2021-03-29T21:10:59+11:00",
+ "artifact_scan_time": "2021-02-18T14:16:57+11:00",
+ "issue_id": "XRAY-159091",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Nettle contains a flaw in ECDSA signature verification functions that is triggered when handling out-of-range scalars. With a specially crafted signature, a context-dependent attacker can cause an assertion failure, resulting in a denial of service, or potentially forge a valid signature.",
+ "references": [
+ "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009458.html",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/b30e0ca6d2b41579a5b6a010fc54065d790e8d55",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/63f222c60b03470c0005aa9bc4296fbf585f68b9",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/d9b564e4b3b3a5691afb9328c7342b3f7ca64288",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/ae3801a0e5cce276c270973214385c86048d5f7b",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/fbaefb64b90cb45b7075a0ed72a92f2a1fbcd2ab",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/401c8d53d8a8cf1e79980e62bda3f946f8e07c14",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/c24b36160dc5303f7541dd9da1429c4046f27398",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/51f643eee00e2caa65c8a2f5857f49acdf3ef1ce",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/2397757b3f95fcae1e2d3011bf99ca5b5438378f",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/74ee0e82b6891e090f20723750faeb19064e31b2",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/5b7608fde3a6d2ab82bffb35db1e4e330927c906",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/971bed6ab4b27014eb23085e8176917e1a096fd5",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/a63893791280d441c713293491da97c79c0950fe",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/2bf497ba4d6acc6f352bca015837fad33008565c",
+ "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1942533"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "GNU dbm (GDBM) gdbmopen.c gdbm_avail_block_validate() Function Block Validation Out-of-bounds Read DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:gdbm:1.19-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "generic://sha256:0fbf23c5a32ab9c6e5fe681d3bfe670b9e625817e5cf6bf792068596793a3378/sha256__0fbf23c5a32ab9c6e5fe681d3bfe670b9e625817e5cf6bf792068596793a3378.tar.gz",
+ "alpine://3.13:gdbm:1.19-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c/",
+ "fixed_versions": [],
+ "published": "2021-03-19T02:44:49+11:00",
+ "artifact_scan_time": "2021-02-18T14:16:57+11:00",
+ "issue_id": "XRAY-147947",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU dbm (GDBM) contains an out-of-bounds read flaw in the gdbm_avail_block_validate() function in gdbmopen.c that is triggered when validating available blocks. This may allow a context-dependent attacker to crash a process linked against the library.",
+ "references": [
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=9405ce2373ae5d64fc370c8b5ff280a92f15d01f",
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=4fe603315b4e5189ff5ba31fb9ef0bedd625202a",
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=7011ecbaf12a07f912eaf1b3ed6d3a528cefc7ad",
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=fd5cf245ea6d3e2f36dc349d8013ef62f4a9d532",
+ "/vulnerabilities/251922",
+ "https://puszcza.gnu.org.ua/bugs/?501",
+ "https://puszcza.gnu.org.ua/bugs/?503"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "GNU dbm (GDBM) bucket.c _gdbm_get_bucket() Function Improper Bucket Re-initialization Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:gdbm:1.19-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "generic://sha256:a5d2b7ba81558d4b91b32cbf571786516fc0f7f871723ccaea623ef087bf09b3/sha256__a5d2b7ba81558d4b91b32cbf571786516fc0f7f871723ccaea623ef087bf09b3.tar.gz",
+ "alpine://3.13:gdbm:1.19-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f/",
+ "fixed_versions": [],
+ "published": "2021-03-19T00:44:44+11:00",
+ "artifact_scan_time": "2021-02-19T17:56:58+11:00",
+ "issue_id": "XRAY-147853",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU dbm (GDBM) contains an out-of-bounds read flaw in the _gdbm_get_bucket() function in bucket.c that is triggered as buckets are not properly re-initialized when a failure occurs. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=40a464d322c720c88a50c3eb0a8c1d87e6079f89",
+ "/vulnerabilities/251924",
+ "https://puszcza.gnu.org.ua/bugs/?501"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 8.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 8.5,
+ "cvss3_max_score": 8.2,
+ "summary": "Git fsmonitor.c fsmonitor_is_trivial_response() Function Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:git:2.30.1-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "generic://sha256:a5d2b7ba81558d4b91b32cbf571786516fc0f7f871723ccaea623ef087bf09b3/sha256__a5d2b7ba81558d4b91b32cbf571786516fc0f7f871723ccaea623ef087bf09b3.tar.gz",
+ "alpine://3.13:git:2.30.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f/",
+ "fixed_versions": [],
+ "published": "2021-04-21T02:31:31+10:00",
+ "artifact_scan_time": "2021-02-19T17:56:58+11:00",
+ "issue_id": "XRAY-173164",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Git contains an out-of-bounds read flaw in the fsmonitor_is_trivial_response() function in fsmonitor.c that is triggered when handling input passed via 'query_result' values. This may allow an attacker to cause a denial of service or potentially disclose memory contents.",
+ "references": [
+ "https://lore.kernel.org/git/27cc2d6b-834f-e34b-0949-561b575544da@gmail.com/#r",
+ "https://lore.kernel.org/git/pull.904.git.1615826363431.gitgitgadget@gmail.com/",
+ "https://github.com/gitgitgadget/git/commit/8779c141da62d66be5d420b94d506636006a7901",
+ "https://github.com/gitgitgadget/git/pull/904"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite sqliteInt.h sqlite3ExpandSubquery() Function Declaration Unspecified Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:sqlite-libs:3.34.1-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "generic://sha256:a5d2b7ba81558d4b91b32cbf571786516fc0f7f871723ccaea623ef087bf09b3/sha256__a5d2b7ba81558d4b91b32cbf571786516fc0f7f871723ccaea623ef087bf09b3.tar.gz",
+ "alpine://3.13:sqlite-libs:3.34.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f/",
+ "fixed_versions": [],
+ "published": "2021-03-15T04:32:05+11:00",
+ "artifact_scan_time": "2021-02-19T17:56:58+11:00",
+ "issue_id": "XRAY-146201",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains an unspecified flaw in sqliteInt.h as the sqlite3ExpandSubquery() function is not declared for SQLITE_OMIT_WINDOWFUNC builds. This may allow an attacker to have an unspecified impact. No further details have been provided.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/7225bfef164bced949c0ba98436b1fa104546493",
+ "https://www.sqlite.org/src/info/9587fa8b29fc2f91",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/8162d64e702214e8cb12078f387e4278a3302d16",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/d9581878fcf81ec8beda15b079726edaddd775bb",
+ "https://chromium.googlesource.com/chromium/src/+/b8631d09aaba64ee30d492e47e6ccf43860e0cac",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1183883",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1161048",
+ "https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3121",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "severity": "High",
+ "vulnerable_component": "go://github.com/gogo/protobuf:1.3.1",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "generic://sha256:1678a9c0d087373db88c5e38c7ad1aa148939f5c92f45340c3f2a6b333b84483/sha256__1678a9c0d087373db88c5e38c7ad1aa148939f5c92f45340c3f2a6b333b84483.tar.gz",
+ "generic://sha256:875178cb631eca736748ac16b1aa7034a95a3bbb4162f8cfa99fd7baf676e698/kustomize-controller",
+ "go://github.com/gogo/protobuf:1.3.1"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f/",
+ "fixed_versions": [
+ "1.3.2"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-02-19T17:56:58+11:00",
+ "issue_id": "XRAY-139136",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "references": [
+ "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E",
+ "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E",
+ "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2",
+ "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3345",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "_gcry_md_block_write in cipher/hash-common.c in Libgcrypt before 1.9.1 has a heap-based buffer overflow when the digest final function sets a large count value.",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:libgcrypt:1.8.7-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "generic://sha256:a5d2b7ba81558d4b91b32cbf571786516fc0f7f871723ccaea623ef087bf09b3/sha256__a5d2b7ba81558d4b91b32cbf571786516fc0f7f871723ccaea623ef087bf09b3.tar.gz",
+ "alpine://3.13:libgcrypt:1.8.7-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f/",
+ "fixed_versions": [],
+ "published": "2021-02-02T04:46:15+11:00",
+ "artifact_scan_time": "2021-02-19T17:56:58+11:00",
+ "issue_id": "XRAY-139180",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "_gcry_md_block_write in cipher/hash-common.c in Libgcrypt before 1.9.1 has a heap-based buffer overflow when the digest final function sets a large count value.",
+ "references": [
+ "https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000456.html",
+ "https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000455.html",
+ "https://gnupg.org",
+ "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=512c0c75276949f13b6373b5c04f7065af750b08",
+ "https://bugs.gentoo.org/show_bug.cgi?id=767814"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite btree.c balance_nonroot() Function Database File Handling Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:sqlite-libs:3.34.1-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "generic://sha256:a5d2b7ba81558d4b91b32cbf571786516fc0f7f871723ccaea623ef087bf09b3/sha256__a5d2b7ba81558d4b91b32cbf571786516fc0f7f871723ccaea623ef087bf09b3.tar.gz",
+ "alpine://3.13:sqlite-libs:3.34.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f/",
+ "fixed_versions": [],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-02-19T17:56:58+11:00",
+ "issue_id": "XRAY-173004",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains a flaw in the balance_nonroot() function in btree.c that is triggered when handling a specially crafted database file. This may allow a context-dependent attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/1e06c70eb073a92e683c55ffb8471301db999b75",
+ "https://github.com/sqlite/sqlite/commit/1f9f5766954d250a00da59f7f7c1fc57d9032a6e",
+ "https://www.sqlite.org/src/info/39c8686cabe6c437",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/60efbb3584af2ba05e1935b3e07d3a861841db7c",
+ "https://github.com/chromium/chromium/commit/78157c349734be628ac9eef25a897a50bd31b8cd",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1175522",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1181276",
+ "https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1198709"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.5,
+ "summary": "Alpine Package Keeper (apk-tools) io.c apk_resolve_[ug]id() Functions Username / Groupname TAR Header Field Handling Out-of-bounds Read DoS Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:apk-tools:2.12.1-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "generic://sha256:ba3557a56b150f9b813f9d02274d62914fd8fce120dd374d9ee17b87cf1d277d/sha256__ba3557a56b150f9b813f9d02274d62914fd8fce120dd374d9ee17b87cf1d277d.tar.gz",
+ "alpine://3.13:apk-tools:2.12.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f/",
+ "fixed_versions": [
+ "2.12.5-r0"
+ ],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-02-19T17:56:58+11:00",
+ "issue_id": "XRAY-173006",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Alpine Package Keeper (apk-tools) contains an out-of-bounds read flaw in the apk_resolve_uid() and apk_resolve_gid() functions in io.c that is triggered as username and groupname header fields are not properly checked for string terminators when parsing TAR file headers. This can potentially allow a context-dependent attacker to cause a denial of service.",
+ "references": [
+ "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741",
+ "https://github.com/docker-library/official-images/pull/9982",
+ "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606",
+ "https://github.com/alpinelinux/apk-tools/commit/f7143c1766ae59489ac922e890ffe6d4a61c3b2d",
+ "https://github.com/alpinelinux/aports/commit/aa740eb10ca7b8386cadc8761da1e30ed931486c",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-30139"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:C",
+ "cvss_v3_score": 9.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 9.1,
+ "summary": "Nettle ECDSA Signature Verification Functions Out-of-range Scalar Handling Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:nettle:3.7-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "generic://sha256:a5d2b7ba81558d4b91b32cbf571786516fc0f7f871723ccaea623ef087bf09b3/sha256__a5d2b7ba81558d4b91b32cbf571786516fc0f7f871723ccaea623ef087bf09b3.tar.gz",
+ "alpine://3.13:nettle:3.7-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f/",
+ "fixed_versions": [],
+ "published": "2021-03-29T21:10:59+11:00",
+ "artifact_scan_time": "2021-02-19T17:56:58+11:00",
+ "issue_id": "XRAY-159091",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Nettle contains a flaw in ECDSA signature verification functions that is triggered when handling out-of-range scalars. With a specially crafted signature, a context-dependent attacker can cause an assertion failure, resulting in a denial of service, or potentially forge a valid signature.",
+ "references": [
+ "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009458.html",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/b30e0ca6d2b41579a5b6a010fc54065d790e8d55",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/63f222c60b03470c0005aa9bc4296fbf585f68b9",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/d9b564e4b3b3a5691afb9328c7342b3f7ca64288",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/ae3801a0e5cce276c270973214385c86048d5f7b",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/fbaefb64b90cb45b7075a0ed72a92f2a1fbcd2ab",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/401c8d53d8a8cf1e79980e62bda3f946f8e07c14",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/c24b36160dc5303f7541dd9da1429c4046f27398",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/51f643eee00e2caa65c8a2f5857f49acdf3ef1ce",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/2397757b3f95fcae1e2d3011bf99ca5b5438378f",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/74ee0e82b6891e090f20723750faeb19064e31b2",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/5b7608fde3a6d2ab82bffb35db1e4e330927c906",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/971bed6ab4b27014eb23085e8176917e1a096fd5",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/a63893791280d441c713293491da97c79c0950fe",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/2bf497ba4d6acc6f352bca015837fad33008565c",
+ "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1942533"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite pcache1.c pcache1AllocPage() Function Uninitialized Memory Use Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:sqlite-libs:3.34.1-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "generic://sha256:a5d2b7ba81558d4b91b32cbf571786516fc0f7f871723ccaea623ef087bf09b3/sha256__a5d2b7ba81558d4b91b32cbf571786516fc0f7f871723ccaea623ef087bf09b3.tar.gz",
+ "alpine://3.13:sqlite-libs:3.34.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f/",
+ "fixed_versions": [],
+ "published": "2021-04-20T00:31:27+10:00",
+ "artifact_scan_time": "2021-02-19T17:56:58+11:00",
+ "issue_id": "XRAY-172950",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains a flaw in the pcache1AllocPage() function in pcache1.c related to use of uninitialized memory. The issue is triggered when handling specially crafted database files. This may allow a context-dependent attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/1e06c70eb073a92e683c55ffb8471301db999b75",
+ "https://github.com/sqlite/sqlite/commit/1f9f5766954d250a00da59f7f7c1fc57d9032a6e",
+ "https://www.sqlite.org/src/info/39c8686cabe6c437",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/60efbb3584af2ba05e1935b3e07d3a861841db7c",
+ "https://github.com/chromium/chromium/commit/78157c349734be628ac9eef25a897a50bd31b8cd",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1175522",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1181276",
+ "https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1198709"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "GNU dbm (GDBM) gdbmopen.c gdbm_avail_block_validate() Function Block Validation Out-of-bounds Read DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:gdbm:1.19-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "generic://sha256:a5d2b7ba81558d4b91b32cbf571786516fc0f7f871723ccaea623ef087bf09b3/sha256__a5d2b7ba81558d4b91b32cbf571786516fc0f7f871723ccaea623ef087bf09b3.tar.gz",
+ "alpine://3.13:gdbm:1.19-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f/",
+ "fixed_versions": [],
+ "published": "2021-03-19T02:44:49+11:00",
+ "artifact_scan_time": "2021-02-19T17:56:58+11:00",
+ "issue_id": "XRAY-147947",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU dbm (GDBM) contains an out-of-bounds read flaw in the gdbm_avail_block_validate() function in gdbmopen.c that is triggered when validating available blocks. This may allow a context-dependent attacker to crash a process linked against the library.",
+ "references": [
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=9405ce2373ae5d64fc370c8b5ff280a92f15d01f",
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=4fe603315b4e5189ff5ba31fb9ef0bedd625202a",
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=7011ecbaf12a07f912eaf1b3ed6d3a528cefc7ad",
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=fd5cf245ea6d3e2f36dc349d8013ef62f4a9d532",
+ "/vulnerabilities/251922",
+ "https://puszcza.gnu.org.ua/bugs/?501",
+ "https://puszcza.gnu.org.ua/bugs/?503"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "GNU Libtasn1 lib/int.h ETYPE_OK Macro ASN.1 Type Encoding Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:libtasn1:4.16.0-r1",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "generic://sha256:a5d2b7ba81558d4b91b32cbf571786516fc0f7f871723ccaea623ef087bf09b3/sha256__a5d2b7ba81558d4b91b32cbf571786516fc0f7f871723ccaea623ef087bf09b3.tar.gz",
+ "alpine://3.13:libtasn1:4.16.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f/",
+ "fixed_versions": [],
+ "published": "2021-02-10T04:07:40+11:00",
+ "artifact_scan_time": "2021-02-19T17:56:58+11:00",
+ "issue_id": "XRAY-140262",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU Libtasn1 contains an out-of-bounds read flaw in the ETYPE_OK() macro in lib/int.h that is triggered when encoding ASN.1 types. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://gitlab.com/gnutls/libtasn1/-/issues/32"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.5,
+ "summary": "Alpine Package Keeper (apk-tools) io.c apk_resolve_[ug]id() Functions Username / Groupname TAR Header Field Handling Out-of-bounds Read DoS Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:apk-tools:2.12.1-r0",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__e9457bc5a0295a78f3e3e6eea3b912290292b8b9f4b6e794d737cbe956db56a1",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__e9457bc5a0295a78f3e3e6eea3b912290292b8b9f4b6e794d737cbe956db56a1",
+ "generic://sha256:ba3557a56b150f9b813f9d02274d62914fd8fce120dd374d9ee17b87cf1d277d/sha256__ba3557a56b150f9b813f9d02274d62914fd8fce120dd374d9ee17b87cf1d277d.tar.gz",
+ "alpine://3.13:apk-tools:2.12.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__e9457bc5a0295a78f3e3e6eea3b912290292b8b9f4b6e794d737cbe956db56a1/",
+ "fixed_versions": [
+ "2.12.5-r0"
+ ],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-02-19T17:57:53+11:00",
+ "issue_id": "XRAY-173006",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Alpine Package Keeper (apk-tools) contains an out-of-bounds read flaw in the apk_resolve_uid() and apk_resolve_gid() functions in io.c that is triggered as username and groupname header fields are not properly checked for string terminators when parsing TAR file headers. This can potentially allow a context-dependent attacker to cause a denial of service.",
+ "references": [
+ "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741",
+ "https://github.com/docker-library/official-images/pull/9982",
+ "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606",
+ "https://github.com/alpinelinux/apk-tools/commit/f7143c1766ae59489ac922e890ffe6d4a61c3b2d",
+ "https://github.com/alpinelinux/aports/commit/aa740eb10ca7b8386cadc8761da1e30ed931486c",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-30139"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "libssh2 userauth.c file_read_publickey() Function Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:libssh2:1.9.0-r1",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__e9457bc5a0295a78f3e3e6eea3b912290292b8b9f4b6e794d737cbe956db56a1",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__e9457bc5a0295a78f3e3e6eea3b912290292b8b9f4b6e794d737cbe956db56a1",
+ "generic://sha256:9a089c30baaeff315db8bff38e1ebe785cd3710719cc64c0f6654bdbb3b656d6/sha256__9a089c30baaeff315db8bff38e1ebe785cd3710719cc64c0f6654bdbb3b656d6.tar.gz",
+ "alpine://3.13:libssh2:1.9.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__e9457bc5a0295a78f3e3e6eea3b912290292b8b9f4b6e794d737cbe956db56a1/",
+ "fixed_versions": [],
+ "published": "2020-08-13T00:54:37+10:00",
+ "artifact_scan_time": "2021-02-19T17:57:53+11:00",
+ "issue_id": "XRAY-117888",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "libssh2 contains an out-of-bounds read flaw in the file_read_publickey() function in userauth.c. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://github.com/libssh2/libssh2/pull/386",
+ "https://github.com/libssh2/libssh2/commit/482055695011fabb55f3cb7598356d47a0429068"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "libssh2 packet.c packet_queue_listener() Function SSH Packet Parsing Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:libssh2:1.9.0-r1",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__e9457bc5a0295a78f3e3e6eea3b912290292b8b9f4b6e794d737cbe956db56a1",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__e9457bc5a0295a78f3e3e6eea3b912290292b8b9f4b6e794d737cbe956db56a1",
+ "generic://sha256:9a089c30baaeff315db8bff38e1ebe785cd3710719cc64c0f6654bdbb3b656d6/sha256__9a089c30baaeff315db8bff38e1ebe785cd3710719cc64c0f6654bdbb3b656d6.tar.gz",
+ "alpine://3.13:libssh2:1.9.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__e9457bc5a0295a78f3e3e6eea3b912290292b8b9f4b6e794d737cbe956db56a1/",
+ "fixed_versions": [],
+ "published": "2020-08-13T00:54:38+10:00",
+ "artifact_scan_time": "2021-02-19T17:57:53+11:00",
+ "issue_id": "XRAY-117890",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "libssh2 contains an out-of-bounds read flaw in the packet_queue_listener() function in packet.c that is triggered as certain input in SSH packets is not properly validated. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://github.com/libssh2/libssh2/commit/f7bc203dbeb1dd9e17beb553c50faeedc5755ead",
+ "https://github.com/libssh2/libssh2/commit/8571ab482d7591be14b47b7065eed689c92cae27",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16865",
+ "https://github.com/libssh2/libssh2/pull/404"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "libssh2 kex.c kex_agree_methods() Function Key Exchange Packet Handling Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:libssh2:1.9.0-r1",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__e9457bc5a0295a78f3e3e6eea3b912290292b8b9f4b6e794d737cbe956db56a1",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__e9457bc5a0295a78f3e3e6eea3b912290292b8b9f4b6e794d737cbe956db56a1",
+ "generic://sha256:9a089c30baaeff315db8bff38e1ebe785cd3710719cc64c0f6654bdbb3b656d6/sha256__9a089c30baaeff315db8bff38e1ebe785cd3710719cc64c0f6654bdbb3b656d6.tar.gz",
+ "alpine://3.13:libssh2:1.9.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__e9457bc5a0295a78f3e3e6eea3b912290292b8b9f4b6e794d737cbe956db56a1/",
+ "fixed_versions": [],
+ "published": "2020-08-13T00:54:38+10:00",
+ "artifact_scan_time": "2021-02-19T17:57:53+11:00",
+ "issue_id": "XRAY-117889",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "libssh2 contains an out-of-bounds read flaw in the kex_agree_methods() function in kex.c that is triggered when handling key exchange packets. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://github.com/libssh2/libssh2/commit/43f24eb152b8ec62473d2de6108d7c0b267b2419",
+ "https://github.com/libssh2/libssh2/commit/d0cb72fb986139f5927af7811dc766261f59f2d9",
+ "https://github.com/libssh2/libssh2/pull/399",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16825",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16823"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 7.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.1,
+ "summary": "libssh2 packet.c packet_x11_open() Function Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:libssh2:1.9.0-r1",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__e9457bc5a0295a78f3e3e6eea3b912290292b8b9f4b6e794d737cbe956db56a1",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__e9457bc5a0295a78f3e3e6eea3b912290292b8b9f4b6e794d737cbe956db56a1",
+ "generic://sha256:9a089c30baaeff315db8bff38e1ebe785cd3710719cc64c0f6654bdbb3b656d6/sha256__9a089c30baaeff315db8bff38e1ebe785cd3710719cc64c0f6654bdbb3b656d6.tar.gz",
+ "alpine://3.13:libssh2:1.9.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__e9457bc5a0295a78f3e3e6eea3b912290292b8b9f4b6e794d737cbe956db56a1/",
+ "fixed_versions": [],
+ "published": "2020-08-13T00:54:38+10:00",
+ "artifact_scan_time": "2021-02-19T17:57:53+11:00",
+ "issue_id": "XRAY-117891",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "libssh2 contains an out-of-bounds read flaw in the packet_x11_open() function in packet.c. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://github.com/libssh2/libssh2/commit/bcb7c92d543fdff179835e41aaf0afc59ea89f6d",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17095",
+ "https://github.com/libssh2/libssh2/pull/410"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "libssh2 transport.c _libssh2_transport_send() Function Delay-compression NULL Pointer Dereference Remote DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:libssh2:1.9.0-r1",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__e9457bc5a0295a78f3e3e6eea3b912290292b8b9f4b6e794d737cbe956db56a1",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__e9457bc5a0295a78f3e3e6eea3b912290292b8b9f4b6e794d737cbe956db56a1",
+ "generic://sha256:9a089c30baaeff315db8bff38e1ebe785cd3710719cc64c0f6654bdbb3b656d6/sha256__9a089c30baaeff315db8bff38e1ebe785cd3710719cc64c0f6654bdbb3b656d6.tar.gz",
+ "alpine://3.13:libssh2:1.9.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__e9457bc5a0295a78f3e3e6eea3b912290292b8b9f4b6e794d737cbe956db56a1/",
+ "fixed_versions": [],
+ "published": "2020-08-13T00:54:38+10:00",
+ "artifact_scan_time": "2021-02-19T17:57:53+11:00",
+ "issue_id": "XRAY-117893",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "libssh2 contains a NULL pointer dereference flaw in the _libssh2_transport_send() function in transport.c that is triggered when using the delay-compression extensions to renegotiate compression algorithm support. This may allow a remote attacker to crash a process using the library.",
+ "references": [
+ "https://github.com/libssh2/libssh2/commit/03c7c4a351712492969bcc6ca40ca421c8dfe8bc",
+ "https://github.com/libssh2/libssh2/pull/443"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.5,
+ "summary": "Alpine Package Keeper (apk-tools) io.c apk_resolve_[ug]id() Functions Username / Groupname TAR Header Field Handling Out-of-bounds Read DoS Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:apk-tools:2.12.1-r0",
+ "impacted_artifact": "docker://fluxcd/notification-controller:sha256__59cd4aa509acb661a9259e270f3de87f3bc74134326350bcee0606e0d84d39c3",
+ "impact_path": [
+ "docker://fluxcd/notification-controller:sha256__59cd4aa509acb661a9259e270f3de87f3bc74134326350bcee0606e0d84d39c3",
+ "generic://sha256:4c0d98bf9879488e0407f897d9dd4bf758555a78e39675e72b5124ccf12c2580/sha256__4c0d98bf9879488e0407f897d9dd4bf758555a78e39675e72b5124ccf12c2580.tar.gz",
+ "alpine://3.13:apk-tools:2.12.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/notification-controller/sha256__59cd4aa509acb661a9259e270f3de87f3bc74134326350bcee0606e0d84d39c3/",
+ "fixed_versions": [
+ "2.12.5-r0"
+ ],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-02-20T18:25:14+11:00",
+ "issue_id": "XRAY-173006",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Alpine Package Keeper (apk-tools) contains an out-of-bounds read flaw in the apk_resolve_uid() and apk_resolve_gid() functions in io.c that is triggered as username and groupname header fields are not properly checked for string terminators when parsing TAR file headers. This can potentially allow a context-dependent attacker to cause a denial of service.",
+ "references": [
+ "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741",
+ "https://github.com/docker-library/official-images/pull/9982",
+ "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606",
+ "https://github.com/alpinelinux/apk-tools/commit/f7143c1766ae59489ac922e890ffe6d4a61c3b2d",
+ "https://github.com/alpinelinux/aports/commit/aa740eb10ca7b8386cadc8761da1e30ed931486c",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-30139"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3121",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "severity": "High",
+ "vulnerable_component": "go://github.com/gogo/protobuf:1.3.1",
+ "impacted_artifact": "docker://fluxcd/notification-controller:sha256__59cd4aa509acb661a9259e270f3de87f3bc74134326350bcee0606e0d84d39c3",
+ "impact_path": [
+ "docker://fluxcd/notification-controller:sha256__59cd4aa509acb661a9259e270f3de87f3bc74134326350bcee0606e0d84d39c3",
+ "generic://sha256:1855bdf9d3d42181cc1915598705966d3ba8882a8be19325d52ac78504242a53/sha256__1855bdf9d3d42181cc1915598705966d3ba8882a8be19325d52ac78504242a53.tar.gz",
+ "generic://sha256:62879fbf6f3b86c758d10d347fc35a479e155160904c1b24442a18373fa93698/notification-controller",
+ "go://github.com/gogo/protobuf:1.3.1"
+ ],
+ "path": "dockerhub-remote/fluxcd/notification-controller/sha256__59cd4aa509acb661a9259e270f3de87f3bc74134326350bcee0606e0d84d39c3/",
+ "fixed_versions": [
+ "1.3.2"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-02-20T18:25:14+11:00",
+ "issue_id": "XRAY-139136",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "references": [
+ "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E",
+ "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E",
+ "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2",
+ "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "libssh2 userauth.c file_read_publickey() Function Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:libssh2:1.9.0-r1",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__c6515fdb67e7b14a6af2705c7f66026799377b29c2ad7f5dad0ed4724c25ed3b",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__c6515fdb67e7b14a6af2705c7f66026799377b29c2ad7f5dad0ed4724c25ed3b",
+ "generic://sha256:f20e04e497b35ed86ddd654ec80dbedb42c4a03a0924a8d42655caeef75de8bb/sha256__f20e04e497b35ed86ddd654ec80dbedb42c4a03a0924a8d42655caeef75de8bb.tar.gz",
+ "alpine://3.13:libssh2:1.9.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__c6515fdb67e7b14a6af2705c7f66026799377b29c2ad7f5dad0ed4724c25ed3b/",
+ "fixed_versions": [],
+ "published": "2020-08-13T00:54:37+10:00",
+ "artifact_scan_time": "2021-02-18T15:08:53+11:00",
+ "issue_id": "XRAY-117888",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "libssh2 contains an out-of-bounds read flaw in the file_read_publickey() function in userauth.c. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://github.com/libssh2/libssh2/pull/386",
+ "https://github.com/libssh2/libssh2/commit/482055695011fabb55f3cb7598356d47a0429068"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 7.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.1,
+ "summary": "libssh2 packet.c packet_x11_open() Function Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:libssh2:1.9.0-r1",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__c6515fdb67e7b14a6af2705c7f66026799377b29c2ad7f5dad0ed4724c25ed3b",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__c6515fdb67e7b14a6af2705c7f66026799377b29c2ad7f5dad0ed4724c25ed3b",
+ "generic://sha256:f20e04e497b35ed86ddd654ec80dbedb42c4a03a0924a8d42655caeef75de8bb/sha256__f20e04e497b35ed86ddd654ec80dbedb42c4a03a0924a8d42655caeef75de8bb.tar.gz",
+ "alpine://3.13:libssh2:1.9.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__c6515fdb67e7b14a6af2705c7f66026799377b29c2ad7f5dad0ed4724c25ed3b/",
+ "fixed_versions": [],
+ "published": "2020-08-13T00:54:38+10:00",
+ "artifact_scan_time": "2021-02-18T15:08:53+11:00",
+ "issue_id": "XRAY-117891",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "libssh2 contains an out-of-bounds read flaw in the packet_x11_open() function in packet.c. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://github.com/libssh2/libssh2/commit/bcb7c92d543fdff179835e41aaf0afc59ea89f6d",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17095",
+ "https://github.com/libssh2/libssh2/pull/410"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "libssh2 transport.c _libssh2_transport_send() Function Delay-compression NULL Pointer Dereference Remote DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:libssh2:1.9.0-r1",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__c6515fdb67e7b14a6af2705c7f66026799377b29c2ad7f5dad0ed4724c25ed3b",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__c6515fdb67e7b14a6af2705c7f66026799377b29c2ad7f5dad0ed4724c25ed3b",
+ "generic://sha256:f20e04e497b35ed86ddd654ec80dbedb42c4a03a0924a8d42655caeef75de8bb/sha256__f20e04e497b35ed86ddd654ec80dbedb42c4a03a0924a8d42655caeef75de8bb.tar.gz",
+ "alpine://3.13:libssh2:1.9.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__c6515fdb67e7b14a6af2705c7f66026799377b29c2ad7f5dad0ed4724c25ed3b/",
+ "fixed_versions": [],
+ "published": "2020-08-13T00:54:38+10:00",
+ "artifact_scan_time": "2021-02-18T15:08:53+11:00",
+ "issue_id": "XRAY-117893",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "libssh2 contains a NULL pointer dereference flaw in the _libssh2_transport_send() function in transport.c that is triggered when using the delay-compression extensions to renegotiate compression algorithm support. This may allow a remote attacker to crash a process using the library.",
+ "references": [
+ "https://github.com/libssh2/libssh2/commit/03c7c4a351712492969bcc6ca40ca421c8dfe8bc",
+ "https://github.com/libssh2/libssh2/pull/443"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.5,
+ "summary": "Alpine Package Keeper (apk-tools) io.c apk_resolve_[ug]id() Functions Username / Groupname TAR Header Field Handling Out-of-bounds Read DoS Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:apk-tools:2.12.1-r0",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__c6515fdb67e7b14a6af2705c7f66026799377b29c2ad7f5dad0ed4724c25ed3b",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__c6515fdb67e7b14a6af2705c7f66026799377b29c2ad7f5dad0ed4724c25ed3b",
+ "generic://sha256:4c0d98bf9879488e0407f897d9dd4bf758555a78e39675e72b5124ccf12c2580/sha256__4c0d98bf9879488e0407f897d9dd4bf758555a78e39675e72b5124ccf12c2580.tar.gz",
+ "alpine://3.13:apk-tools:2.12.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__c6515fdb67e7b14a6af2705c7f66026799377b29c2ad7f5dad0ed4724c25ed3b/",
+ "fixed_versions": [
+ "2.12.5-r0"
+ ],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-02-18T15:08:53+11:00",
+ "issue_id": "XRAY-173006",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Alpine Package Keeper (apk-tools) contains an out-of-bounds read flaw in the apk_resolve_uid() and apk_resolve_gid() functions in io.c that is triggered as username and groupname header fields are not properly checked for string terminators when parsing TAR file headers. This can potentially allow a context-dependent attacker to cause a denial of service.",
+ "references": [
+ "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741",
+ "https://github.com/docker-library/official-images/pull/9982",
+ "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606",
+ "https://github.com/alpinelinux/apk-tools/commit/f7143c1766ae59489ac922e890ffe6d4a61c3b2d",
+ "https://github.com/alpinelinux/aports/commit/aa740eb10ca7b8386cadc8761da1e30ed931486c",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-30139"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "libssh2 kex.c kex_agree_methods() Function Key Exchange Packet Handling Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:libssh2:1.9.0-r1",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__c6515fdb67e7b14a6af2705c7f66026799377b29c2ad7f5dad0ed4724c25ed3b",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__c6515fdb67e7b14a6af2705c7f66026799377b29c2ad7f5dad0ed4724c25ed3b",
+ "generic://sha256:f20e04e497b35ed86ddd654ec80dbedb42c4a03a0924a8d42655caeef75de8bb/sha256__f20e04e497b35ed86ddd654ec80dbedb42c4a03a0924a8d42655caeef75de8bb.tar.gz",
+ "alpine://3.13:libssh2:1.9.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__c6515fdb67e7b14a6af2705c7f66026799377b29c2ad7f5dad0ed4724c25ed3b/",
+ "fixed_versions": [],
+ "published": "2020-08-13T00:54:38+10:00",
+ "artifact_scan_time": "2021-02-18T15:08:53+11:00",
+ "issue_id": "XRAY-117889",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "libssh2 contains an out-of-bounds read flaw in the kex_agree_methods() function in kex.c that is triggered when handling key exchange packets. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://github.com/libssh2/libssh2/commit/43f24eb152b8ec62473d2de6108d7c0b267b2419",
+ "https://github.com/libssh2/libssh2/commit/d0cb72fb986139f5927af7811dc766261f59f2d9",
+ "https://github.com/libssh2/libssh2/pull/399",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16825",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16823"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "libssh2 packet.c packet_queue_listener() Function SSH Packet Parsing Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:libssh2:1.9.0-r1",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__c6515fdb67e7b14a6af2705c7f66026799377b29c2ad7f5dad0ed4724c25ed3b",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__c6515fdb67e7b14a6af2705c7f66026799377b29c2ad7f5dad0ed4724c25ed3b",
+ "generic://sha256:f20e04e497b35ed86ddd654ec80dbedb42c4a03a0924a8d42655caeef75de8bb/sha256__f20e04e497b35ed86ddd654ec80dbedb42c4a03a0924a8d42655caeef75de8bb.tar.gz",
+ "alpine://3.13:libssh2:1.9.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__c6515fdb67e7b14a6af2705c7f66026799377b29c2ad7f5dad0ed4724c25ed3b/",
+ "fixed_versions": [],
+ "published": "2020-08-13T00:54:38+10:00",
+ "artifact_scan_time": "2021-02-18T15:08:53+11:00",
+ "issue_id": "XRAY-117890",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "libssh2 contains an out-of-bounds read flaw in the packet_queue_listener() function in packet.c that is triggered as certain input in SSH packets is not properly validated. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://github.com/libssh2/libssh2/commit/f7bc203dbeb1dd9e17beb553c50faeedc5755ead",
+ "https://github.com/libssh2/libssh2/commit/8571ab482d7591be14b47b7065eed689c92cae27",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16865",
+ "https://github.com/libssh2/libssh2/pull/404"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000487",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0.8",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:3.0.8",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:3.0.8"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/3.0.8/plexus-utils-3.0.8.jar",
+ "fixed_versions": [
+ "3.0.16"
+ ],
+ "published": "2019-06-10T18:42:32+10:00",
+ "artifact_scan_time": "2021-03-09T08:42:52+11:00",
+ "issue_id": "XRAY-83897",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1322",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522",
+ "https://www.debian.org/security/2018/dsa-4149",
+ "https://www.debian.org/security/2018/dsa-4146",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "Plexus-utils util/xml/XmlWriterUtil.java XmlWriterUtil::writeComment() Function Comment String Escape XML Injection Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0.8",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:3.0.8",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:3.0.8"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/3.0.8/plexus-utils-3.0.8.jar",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-09-15T21:14:39+10:00",
+ "artifact_scan_time": "2021-03-09T08:42:52+11:00",
+ "issue_id": "XRAY-88166",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils contains a flaw in the XmlWriterUtil::writeComment() function in util/xml/XmlWriterUtil.java that is triggered as comment strings are not properly sanitized. This may allow a context-dependent attacker to inject unexpected content through XML code and have an unspecified impact.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/issues/3",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Apache Commons Compress archivers/zip/ZipFile.java ZipFile::readCentralDirectoryEntry() Function Uncaught Exception DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.commons:commons-compress:1.9",
+ "impacted_artifact": "gav://org.apache.commons:commons-compress:1.9",
+ "impact_path": [
+ "gav://org.apache.commons:commons-compress:1.9"
+ ],
+ "path": "mavencentral-remote/org/apache/commons/commons-compress/1.9/commons-compress-1.9.jar",
+ "fixed_versions": [],
+ "published": "2021-05-18T20:57:33+10:00",
+ "artifact_scan_time": "2021-03-09T08:43:53+11:00",
+ "issue_id": "XRAY-175855",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons Compress contains a flaw in the ZipFile::readCentralDirectoryEntry() function in main/java/org/apache/commons/compress/archivers/zip/ZipFile.java related to an uncaught exception. This may allow a context-dependent attacker to crash a process linked against the library.",
+ "references": [
+ "https://github.com/apache/commons-compress/commit/26924e96c7730db014c310757e11c9359db07f3e",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33786",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33507",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33462",
+ "https://github.com/apache/commons-compress/commit/882c6dd12473d7b615d503e08fd6b866d0f866d5"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "Apache Maven External Repository Validation Failure Arbitrary Code Execution",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.maven:maven-core:3.3.9",
+ "impacted_artifact": "gav://org.apache.maven:maven-core:3.3.9",
+ "impact_path": [
+ "gav://org.apache.maven:maven-core:3.3.9"
+ ],
+ "path": "mavencentral-remote/org/apache/maven/maven-core/3.3.9/maven-core-3.3.9.jar",
+ "fixed_versions": [
+ "3.8.1"
+ ],
+ "published": "2021-04-14T16:59:26+10:00",
+ "artifact_scan_time": "2021-03-09T08:44:52+11:00",
+ "issue_id": "XRAY-172725",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Maven contains a flaw that is triggered as the program insecurely uses material from an insecure external repository by default. This may allow a remote attacker with control of a repository that is in use, to potentially inject and execute malicious code.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-26291",
+ "http://maven.apache.org/docs/3.8.1/release-notes.html",
+ "http://mail-archives.apache.org/mod_mbox/maven-announce/202104.mbox/%3CMailbird-0918dc43-dc18-4008-b83b-8bc8b1528177%40apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "summary": "Apache Commons Codec org.apache.commons.codec.language.Soundex.US_ENGLISH_MAPPING Missing MS_PKGPROTECT Field Manipulation Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-codec:commons-codec:1.3",
+ "impacted_artifact": "gav://commons-codec:commons-codec:1.3",
+ "impact_path": [
+ "gav://commons-codec:commons-codec:1.3"
+ ],
+ "path": "mavencentral-remote/commons-codec/commons-codec/1.3/commons-codec-1.3.jar",
+ "fixed_versions": [
+ "1.5"
+ ],
+ "published": "2019-09-04T01:31:03+10:00",
+ "artifact_scan_time": "2021-03-09T08:46:52+11:00",
+ "issue_id": "XRAY-87377",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons Codec contains a flaw related to org.apache.commons.codec.language.Soundex.US_ENGLISH_MAPPING not being package protected via MS_PKGPROTECT. This may allow an attacker to manipulate a mutable static field and have an unspecified impact.",
+ "references": [
+ "http://commons.apache.org/",
+ "https://issues.apache.org/jira/browse/CODEC-114"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "summary": "Apache Commons Codec org.apache.commons.codec.net.URLCodec Fields Missing 'final' Thread-safety Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-codec:commons-codec:1.3",
+ "impacted_artifact": "gav://commons-codec:commons-codec:1.3",
+ "impact_path": [
+ "gav://commons-codec:commons-codec:1.3"
+ ],
+ "path": "mavencentral-remote/commons-codec/commons-codec/1.3/commons-codec-1.3.jar",
+ "fixed_versions": [
+ "1.4"
+ ],
+ "published": "2019-09-04T01:31:03+10:00",
+ "artifact_scan_time": "2021-03-09T08:46:52+11:00",
+ "issue_id": "XRAY-87378",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons Codec contains an unspecified flaw that is due to org.apache.commons.codec.net.URLCodec fields missing 'final' thread-safety. This may allow an attacker to have an unspecified impact. No further details have been provided by the bug reporter.",
+ "references": [
+ "http://commons.apache.org/proper/commons-codec/",
+ "https://issues.apache.org/jira/browse/CODEC-70"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2009-4611",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "summary": "Mort Bay Jetty 6.x and 7.0.0 writes backtrace data without sanitizing non-printable characters, which might allow remote attackers to modify a window?s title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator, related to (1) a string value in the Age parameter to the default URI for the Cookie Dump Servlet in test-jetty-webapp/src/main/java/com/acme/CookieDump.java under cookie/, (2) an alphabetic value in the A parameter to jsp/expr.jsp, or (3) an alphabetic value in the Content-Length HTTP header to an arbitrary application.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.mortbay.jetty:jetty:6.1.25",
+ "impacted_artifact": "gav://org.mortbay.jetty:jetty:6.1.25",
+ "impact_path": [
+ "gav://org.mortbay.jetty:jetty:6.1.25"
+ ],
+ "path": "mavencentral-remote/org/mortbay/jetty/jetty/6.1.25/jetty-6.1.25.jar",
+ "fixed_versions": [],
+ "published": "2017-07-05T21:31:06+10:00",
+ "artifact_scan_time": "2021-03-09T08:46:52+11:00",
+ "issue_id": "XRAY-55464",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Mort Bay Jetty 6.x and 7.0.0 writes backtrace data without sanitizing non-printable characters, which might allow remote attackers to modify a window?s title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator, related to (1) a string value in the Age parameter to the default URI for the Cookie Dump Servlet in test-jetty-webapp/src/main/java/com/acme/CookieDump.java under cookie/, (2) an alphabetic value in the A parameter to jsp/expr.jsp, or (3) an alphabetic value in the Content-Length HTTP header to an arbitrary application.",
+ "references": [
+ "http://www.ush.it/team/ush/hack_httpd_escape/adv.txt",
+ "http://www.ush.it/team/ush/hack-jetty6x7x/jetty-adv.txt",
+ "http://www.securityfocus.com/archive/1/archive/1/508830/100/0/threaded"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "BusyBox archival/libarchive/decompress_bunzip2.c get_next_block() Function Selectors Handling Out-of-bounds Write DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:ssl_client:1.31.1-r19",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "generic://sha256:188c0c94c7c576fff0792aca7ec73d67a2f7f4cb3a6e53a84559337260b36964/sha256__188c0c94c7c576fff0792aca7ec73d67a2f7f4cb3a6e53a84559337260b36964.tar.gz",
+ "alpine://3.12:ssl_client:1.31.1-r19"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a/",
+ "fixed_versions": [],
+ "published": "2020-10-07T02:24:17+11:00",
+ "artifact_scan_time": "2021-03-11T10:22:54+11:00",
+ "issue_id": "XRAY-125951",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "BusyBox contains an out-of-bounds write flaw in the get_next_block() function in archival/libarchive/decompress_bunzip2.c that is triggered when handling a large number of selectors while decompressing BZIP2 files. This may allow a context-dependent attacker to cause a crash.",
+ "references": [
+ "https://bugs.buildroot.org/show_bug.cgi?id=12916"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-14343",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 9.8,
+ "summary": "A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747.",
+ "severity": "High",
+ "vulnerable_component": "pypi://PyYAML:5.3.1",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "generic://sha256:8a6f612c0b4b4649e0b21f4c0e712fedb3fc29592cb50a5946a7948591e80534/sha256__8a6f612c0b4b4649e0b21f4c0e712fedb3fc29592cb50a5946a7948591e80534.tar.gz",
+ "pypi://PyYAML:5.3.1"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a/",
+ "fixed_versions": [
+ "5.4b1"
+ ],
+ "published": "2021-02-10T20:41:09+11:00",
+ "artifact_scan_time": "2021-03-11T10:22:54+11:00",
+ "issue_id": "XRAY-140308",
+ "package_type": "pypi",
+ "provider": "JFrog",
+ "description": "A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747.",
+ "references": [
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1860466"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite sqliteInt.h sqlite3ExpandSubquery() Function Declaration Unspecified Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:sqlite-libs:3.32.1-r0",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "generic://sha256:3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e/sha256__3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e.tar.gz",
+ "alpine://3.12:sqlite-libs:3.32.1-r0"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a/",
+ "fixed_versions": [],
+ "published": "2021-03-15T04:32:05+11:00",
+ "artifact_scan_time": "2021-03-11T10:22:54+11:00",
+ "issue_id": "XRAY-146201",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains an unspecified flaw in sqliteInt.h as the sqlite3ExpandSubquery() function is not declared for SQLITE_OMIT_WINDOWFUNC builds. This may allow an attacker to have an unspecified impact. No further details have been provided.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/7225bfef164bced949c0ba98436b1fa104546493",
+ "https://www.sqlite.org/src/info/9587fa8b29fc2f91",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/8162d64e702214e8cb12078f387e4278a3302d16",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/d9581878fcf81ec8beda15b079726edaddd775bb",
+ "https://chromium.googlesource.com/chromium/src/+/b8631d09aaba64ee30d492e47e6ccf43860e0cac",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1183883",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1161048",
+ "https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "OpenSSL crypto/rc5/rc5_skey.c RC5_32_set_key() Function Key Initialization Stack Buffer Overflow",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:libcrypto1.1:1.1.1g-r0",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "generic://sha256:188c0c94c7c576fff0792aca7ec73d67a2f7f4cb3a6e53a84559337260b36964/sha256__188c0c94c7c576fff0792aca7ec73d67a2f7f4cb3a6e53a84559337260b36964.tar.gz",
+ "alpine://3.12:libcrypto1.1:1.1.1g-r0"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a/",
+ "fixed_versions": [],
+ "published": "2020-09-10T01:18:57+10:00",
+ "artifact_scan_time": "2021-03-11T10:22:54+11:00",
+ "issue_id": "XRAY-124116",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "OpenSSL contains an overflow condition in the RC5_32_set_key() function in crypto/rc5/rc5_skey.c that is triggered as certain input is not properly validated when initializing encryption or decryption keys. This may allow a context-dependent attacker to cause a stack-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.",
+ "references": [
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17173"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.5,
+ "summary": "Alpine Package Keeper (apk-tools) io.c apk_resolve_[ug]id() Functions Username / Groupname TAR Header Field Handling Out-of-bounds Read DoS Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:apk-tools:2.10.5-r1",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "generic://sha256:188c0c94c7c576fff0792aca7ec73d67a2f7f4cb3a6e53a84559337260b36964/sha256__188c0c94c7c576fff0792aca7ec73d67a2f7f4cb3a6e53a84559337260b36964.tar.gz",
+ "alpine://3.12:apk-tools:2.10.5-r1"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a/",
+ "fixed_versions": [
+ "2.10.6-r0"
+ ],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-03-11T10:22:54+11:00",
+ "issue_id": "XRAY-173006",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Alpine Package Keeper (apk-tools) contains an out-of-bounds read flaw in the apk_resolve_uid() and apk_resolve_gid() functions in io.c that is triggered as username and groupname header fields are not properly checked for string terminators when parsing TAR file headers. This can potentially allow a context-dependent attacker to cause a denial of service.",
+ "references": [
+ "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741",
+ "https://github.com/docker-library/official-images/pull/9982",
+ "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606",
+ "https://github.com/alpinelinux/apk-tools/commit/f7143c1766ae59489ac922e890ffe6d4a61c3b2d",
+ "https://github.com/alpinelinux/aports/commit/aa740eb10ca7b8386cadc8761da1e30ed931486c",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-30139"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "OpenSSL crypto/rc5/rc5_skey.c RC5_32_set_key() Function Key Initialization Stack Buffer Overflow",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:libssl1.1:1.1.1g-r0",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "generic://sha256:188c0c94c7c576fff0792aca7ec73d67a2f7f4cb3a6e53a84559337260b36964/sha256__188c0c94c7c576fff0792aca7ec73d67a2f7f4cb3a6e53a84559337260b36964.tar.gz",
+ "alpine://3.12:libssl1.1:1.1.1g-r0"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a/",
+ "fixed_versions": [],
+ "published": "2020-09-10T01:18:57+10:00",
+ "artifact_scan_time": "2021-03-11T10:22:54+11:00",
+ "issue_id": "XRAY-124116",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "OpenSSL contains an overflow condition in the RC5_32_set_key() function in crypto/rc5/rc5_skey.c that is triggered as certain input is not properly validated when initializing encryption or decryption keys. This may allow a context-dependent attacker to cause a stack-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.",
+ "references": [
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17173"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "BusyBox archival/libarchive/decompress_bunzip2.c get_next_block() Function Selectors Handling Out-of-bounds Write DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:busybox:1.31.1-r19",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "generic://sha256:188c0c94c7c576fff0792aca7ec73d67a2f7f4cb3a6e53a84559337260b36964/sha256__188c0c94c7c576fff0792aca7ec73d67a2f7f4cb3a6e53a84559337260b36964.tar.gz",
+ "alpine://3.12:busybox:1.31.1-r19"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a/",
+ "fixed_versions": [],
+ "published": "2020-10-07T02:24:17+11:00",
+ "artifact_scan_time": "2021-03-11T10:22:54+11:00",
+ "issue_id": "XRAY-125951",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "BusyBox contains an out-of-bounds write flaw in the get_next_block() function in archival/libarchive/decompress_bunzip2.c that is triggered when handling a large number of selectors while decompressing BZIP2 files. This may allow a context-dependent attacker to cause a crash.",
+ "references": [
+ "https://bugs.buildroot.org/show_bug.cgi?id=12916"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "GNU dbm (GDBM) gdbmopen.c gdbm_avail_block_validate() Function Block Validation Out-of-bounds Read DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:gdbm:1.13-r1",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "generic://sha256:3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e/sha256__3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e.tar.gz",
+ "alpine://3.12:gdbm:1.13-r1"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a/",
+ "fixed_versions": [],
+ "published": "2021-03-19T02:44:49+11:00",
+ "artifact_scan_time": "2021-03-11T10:22:54+11:00",
+ "issue_id": "XRAY-147947",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU dbm (GDBM) contains an out-of-bounds read flaw in the gdbm_avail_block_validate() function in gdbmopen.c that is triggered when validating available blocks. This may allow a context-dependent attacker to crash a process linked against the library.",
+ "references": [
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=9405ce2373ae5d64fc370c8b5ff280a92f15d01f",
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=4fe603315b4e5189ff5ba31fb9ef0bedd625202a",
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=7011ecbaf12a07f912eaf1b3ed6d3a528cefc7ad",
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=fd5cf245ea6d3e2f36dc349d8013ef62f4a9d532",
+ "/vulnerabilities/251922",
+ "https://puszcza.gnu.org.ua/bugs/?501",
+ "https://puszcza.gnu.org.ua/bugs/?503"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "GNU dbm (GDBM) bucket.c _gdbm_get_bucket() Function Improper Bucket Re-initialization Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:gdbm:1.13-r1",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "generic://sha256:3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e/sha256__3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e.tar.gz",
+ "alpine://3.12:gdbm:1.13-r1"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a/",
+ "fixed_versions": [],
+ "published": "2021-03-19T00:44:44+11:00",
+ "artifact_scan_time": "2021-03-11T10:22:54+11:00",
+ "issue_id": "XRAY-147853",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU dbm (GDBM) contains an out-of-bounds read flaw in the _gdbm_get_bucket() function in bucket.c that is triggered as buckets are not properly re-initialized when a failure occurs. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=40a464d322c720c88a50c3eb0a8c1d87e6079f89",
+ "/vulnerabilities/251924",
+ "https://puszcza.gnu.org.ua/bugs/?501"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite pcache1.c pcache1AllocPage() Function Uninitialized Memory Use Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:sqlite-libs:3.32.1-r0",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "generic://sha256:3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e/sha256__3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e.tar.gz",
+ "alpine://3.12:sqlite-libs:3.32.1-r0"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a/",
+ "fixed_versions": [],
+ "published": "2021-04-20T00:31:27+10:00",
+ "artifact_scan_time": "2021-03-11T10:22:54+11:00",
+ "issue_id": "XRAY-172950",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains a flaw in the pcache1AllocPage() function in pcache1.c related to use of uninitialized memory. The issue is triggered when handling specially crafted database files. This may allow a context-dependent attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/1e06c70eb073a92e683c55ffb8471301db999b75",
+ "https://github.com/sqlite/sqlite/commit/1f9f5766954d250a00da59f7f7c1fc57d9032a6e",
+ "https://www.sqlite.org/src/info/39c8686cabe6c437",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/60efbb3584af2ba05e1935b3e07d3a861841db7c",
+ "https://github.com/chromium/chromium/commit/78157c349734be628ac9eef25a897a50bd31b8cd",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1175522",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1181276",
+ "https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1198709"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "SQLite select.c havingToWhereExprCb() Function Sub-query WHERE / HAVING Clause Use-after-free Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:sqlite-libs:3.32.1-r0",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "generic://sha256:3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e/sha256__3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e.tar.gz",
+ "alpine://3.12:sqlite-libs:3.32.1-r0"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a/",
+ "fixed_versions": [],
+ "published": "2021-01-25T01:49:19+11:00",
+ "artifact_scan_time": "2021-03-11T10:22:54+11:00",
+ "issue_id": "XRAY-138828",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains a use-after-free error in the havingToWhereExprCb() function in select.c that is triggered when handling sub-queries with a WHERE and \"HAVING 0\" clause and where the parent query is an aggregate. This may allow a context-dependent attacker to dereference already freed memory and have an unspecified impact.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/f39168e468af3b1d6b6d37efdcb081eced6724b2",
+ "https://www.sqlite.org/src/info/30a4c323650cc949",
+ "http://www.sqlite.org/changes.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite btree.c balance_nonroot() Function Database File Handling Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:sqlite-libs:3.32.1-r0",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "generic://sha256:3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e/sha256__3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e.tar.gz",
+ "alpine://3.12:sqlite-libs:3.32.1-r0"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a/",
+ "fixed_versions": [],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-03-11T10:22:54+11:00",
+ "issue_id": "XRAY-173004",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains a flaw in the balance_nonroot() function in btree.c that is triggered when handling a specially crafted database file. This may allow a context-dependent attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/1e06c70eb073a92e683c55ffb8471301db999b75",
+ "https://github.com/sqlite/sqlite/commit/1f9f5766954d250a00da59f7f7c1fc57d9032a6e",
+ "https://www.sqlite.org/src/info/39c8686cabe6c437",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/60efbb3584af2ba05e1935b3e07d3a861841db7c",
+ "https://github.com/chromium/chromium/commit/78157c349734be628ac9eef25a897a50bd31b8cd",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1175522",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1181276",
+ "https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1198709"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc6:2.28-10",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced/sha256__6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced.tar.gz",
+ "deb://debian:buster:libc6:2.28-10"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc-bin:2.28-10",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced/sha256__6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced.tar.gz",
+ "deb://debian:buster:libc-bin:2.28-10"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "Plexus-utils util/xml/XmlWriterUtil.java XmlWriterUtil::writeComment() Function Comment String Escape XML Injection Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0.8",
+ "impacted_artifact": "gav://org.apache.maven.surefire:surefire-api:2.12.4",
+ "impact_path": [
+ "gav://org.apache.maven.surefire:surefire-api:2.12.4",
+ "gav://org.codehaus.plexus:plexus-utils:3.0.8"
+ ],
+ "path": "mavencentral-remote/org/apache/maven/surefire/surefire-api/2.12.4/surefire-api-2.12.4.jar",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-09-15T21:14:39+10:00",
+ "artifact_scan_time": "2021-03-09T08:42:52+11:00",
+ "issue_id": "XRAY-88166",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils contains a flaw in the XmlWriterUtil::writeComment() function in util/xml/XmlWriterUtil.java that is triggered as comment strings are not properly sanitized. This may allow a context-dependent attacker to inject unexpected content through XML code and have an unspecified impact.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/issues/3",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000487",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0.8",
+ "impacted_artifact": "gav://org.apache.maven.surefire:surefire-api:2.12.4",
+ "impact_path": [
+ "gav://org.apache.maven.surefire:surefire-api:2.12.4",
+ "gav://org.codehaus.plexus:plexus-utils:3.0.8"
+ ],
+ "path": "mavencentral-remote/org/apache/maven/surefire/surefire-api/2.12.4/surefire-api-2.12.4.jar",
+ "fixed_versions": [
+ "3.0.16"
+ ],
+ "published": "2019-06-10T18:42:32+10:00",
+ "artifact_scan_time": "2021-03-09T08:42:52+11:00",
+ "issue_id": "XRAY-83897",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1322",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522",
+ "https://www.debian.org/security/2018/dsa-4149",
+ "https://www.debian.org/security/2018/dsa-4146",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "Apache Maven External Repository Validation Failure Arbitrary Code Execution",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.maven:maven-settings:3.3.9",
+ "impacted_artifact": "gav://org.apache.maven:maven-settings:3.3.9",
+ "impact_path": [
+ "gav://org.apache.maven:maven-settings:3.3.9"
+ ],
+ "path": "mavencentral-remote/org/apache/maven/maven-settings/3.3.9/maven-settings-3.3.9.jar",
+ "fixed_versions": [
+ "3.8.1"
+ ],
+ "published": "2021-04-14T16:59:26+10:00",
+ "artifact_scan_time": "2021-03-09T08:44:52+11:00",
+ "issue_id": "XRAY-172725",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Maven contains a flaw that is triggered as the program insecurely uses material from an insecure external repository by default. This may allow a remote attacker with control of a repository that is in use, to potentially inject and execute malicious code.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-26291",
+ "http://maven.apache.org/docs/3.8.1/release-notes.html",
+ "http://mail-archives.apache.org/mod_mbox/maven-announce/202104.mbox/%3CMailbird-0918dc43-dc18-4008-b83b-8bc8b1528177%40apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "Plexus-utils util/xml/XmlWriterUtil.java XmlWriterUtil::writeComment() Function Comment String Escape XML Injection Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:1.5.10",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:1.5.10",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:1.5.10"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/1.5.10/plexus-utils-1.5.10.jar",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-09-15T21:14:39+10:00",
+ "artifact_scan_time": "2021-03-09T08:46:53+11:00",
+ "issue_id": "XRAY-88166",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils contains a flaw in the XmlWriterUtil::writeComment() function in util/xml/XmlWriterUtil.java that is triggered as comment strings are not properly sanitized. This may allow a context-dependent attacker to inject unexpected content through XML code and have an unspecified impact.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/issues/3",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000487",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:1.5.10",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:1.5.10",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:1.5.10"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/1.5.10/plexus-utils-1.5.10.jar",
+ "fixed_versions": [
+ "3.0.16"
+ ],
+ "published": "2019-06-10T18:42:32+10:00",
+ "artifact_scan_time": "2021-03-09T08:46:53+11:00",
+ "issue_id": "XRAY-83897",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1322",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522",
+ "https://www.debian.org/security/2018/dsa-4149",
+ "https://www.debian.org/security/2018/dsa-4146",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3449",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).",
+ "severity": "High",
+ "vulnerable_component": "deb://ubuntu:bionic:openssl:1.1.1-1ubuntu2.1~18.04.8",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:bed7676d225b62a075a14ea55d481ef16be8268da0f422058156eb58843a0852/sha256__bed7676d225b62a075a14ea55d481ef16be8268da0f422058156eb58843a0852.tar.gz",
+ "deb://ubuntu:bionic:openssl:1.1.1-1ubuntu2.1~18.04.8"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "≥ 1.1.1-1ubuntu2.1~18.04.9"
+ ],
+ "published": "2021-04-06T14:40:46+10:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-168853",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449",
+ "https://www.openssl.org/news/secadv/20210325.txt",
+ "https://usn.ubuntu.com/usn/usn-4891-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3449",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).",
+ "severity": "High",
+ "vulnerable_component": "deb://ubuntu:bionic:libssl1.1:1.1.1-1ubuntu2.1~18.04.8",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:bed7676d225b62a075a14ea55d481ef16be8268da0f422058156eb58843a0852/sha256__bed7676d225b62a075a14ea55d481ef16be8268da0f422058156eb58843a0852.tar.gz",
+ "deb://ubuntu:bionic:libssl1.1:1.1.1-1ubuntu2.1~18.04.8"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [],
+ "published": "2021-04-06T14:40:46+10:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-168853",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449",
+ "https://www.openssl.org/news/secadv/20210325.txt",
+ "https://usn.ubuntu.com/usn/usn-4891-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "GNU Libtasn1 lib/int.h ETYPE_OK Macro ASN.1 Type Encoding Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:libtasn1:4.16.0-r1",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "generic://sha256:b631c872dd0c171fca133bcd7481ac18f009dac211834de6dca4bc494421796e/sha256__b631c872dd0c171fca133bcd7481ac18f009dac211834de6dca4bc494421796e.tar.gz",
+ "alpine://3.13:libtasn1:4.16.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412/",
+ "fixed_versions": [],
+ "published": "2021-02-10T04:07:40+11:00",
+ "artifact_scan_time": "2021-03-18T13:05:27+11:00",
+ "issue_id": "XRAY-140262",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU Libtasn1 contains an out-of-bounds read flaw in the ETYPE_OK() macro in lib/int.h that is triggered when encoding ASN.1 types. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://gitlab.com/gnutls/libtasn1/-/issues/32"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:C",
+ "cvss_v3_score": 9.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 9.1,
+ "summary": "Nettle ECDSA Signature Verification Functions Out-of-range Scalar Handling Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:nettle:3.7-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "generic://sha256:b631c872dd0c171fca133bcd7481ac18f009dac211834de6dca4bc494421796e/sha256__b631c872dd0c171fca133bcd7481ac18f009dac211834de6dca4bc494421796e.tar.gz",
+ "alpine://3.13:nettle:3.7-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412/",
+ "fixed_versions": [],
+ "published": "2021-03-29T21:10:59+11:00",
+ "artifact_scan_time": "2021-03-18T13:05:27+11:00",
+ "issue_id": "XRAY-159091",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Nettle contains a flaw in ECDSA signature verification functions that is triggered when handling out-of-range scalars. With a specially crafted signature, a context-dependent attacker can cause an assertion failure, resulting in a denial of service, or potentially forge a valid signature.",
+ "references": [
+ "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009458.html",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/b30e0ca6d2b41579a5b6a010fc54065d790e8d55",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/63f222c60b03470c0005aa9bc4296fbf585f68b9",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/d9b564e4b3b3a5691afb9328c7342b3f7ca64288",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/ae3801a0e5cce276c270973214385c86048d5f7b",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/fbaefb64b90cb45b7075a0ed72a92f2a1fbcd2ab",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/401c8d53d8a8cf1e79980e62bda3f946f8e07c14",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/c24b36160dc5303f7541dd9da1429c4046f27398",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/51f643eee00e2caa65c8a2f5857f49acdf3ef1ce",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/2397757b3f95fcae1e2d3011bf99ca5b5438378f",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/74ee0e82b6891e090f20723750faeb19064e31b2",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/5b7608fde3a6d2ab82bffb35db1e4e330927c906",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/971bed6ab4b27014eb23085e8176917e1a096fd5",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/a63893791280d441c713293491da97c79c0950fe",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/2bf497ba4d6acc6f352bca015837fad33008565c",
+ "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1942533"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite pcache1.c pcache1AllocPage() Function Uninitialized Memory Use Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:sqlite-libs:3.34.1-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "generic://sha256:b631c872dd0c171fca133bcd7481ac18f009dac211834de6dca4bc494421796e/sha256__b631c872dd0c171fca133bcd7481ac18f009dac211834de6dca4bc494421796e.tar.gz",
+ "alpine://3.13:sqlite-libs:3.34.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412/",
+ "fixed_versions": [],
+ "published": "2021-04-20T00:31:27+10:00",
+ "artifact_scan_time": "2021-03-18T13:05:27+11:00",
+ "issue_id": "XRAY-172950",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains a flaw in the pcache1AllocPage() function in pcache1.c related to use of uninitialized memory. The issue is triggered when handling specially crafted database files. This may allow a context-dependent attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/1e06c70eb073a92e683c55ffb8471301db999b75",
+ "https://github.com/sqlite/sqlite/commit/1f9f5766954d250a00da59f7f7c1fc57d9032a6e",
+ "https://www.sqlite.org/src/info/39c8686cabe6c437",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/60efbb3584af2ba05e1935b3e07d3a861841db7c",
+ "https://github.com/chromium/chromium/commit/78157c349734be628ac9eef25a897a50bd31b8cd",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1175522",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1181276",
+ "https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1198709"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "GNU dbm (GDBM) bucket.c _gdbm_get_bucket() Function Improper Bucket Re-initialization Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:gdbm:1.19-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "generic://sha256:b631c872dd0c171fca133bcd7481ac18f009dac211834de6dca4bc494421796e/sha256__b631c872dd0c171fca133bcd7481ac18f009dac211834de6dca4bc494421796e.tar.gz",
+ "alpine://3.13:gdbm:1.19-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412/",
+ "fixed_versions": [],
+ "published": "2021-03-19T00:44:44+11:00",
+ "artifact_scan_time": "2021-03-18T13:05:27+11:00",
+ "issue_id": "XRAY-147853",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU dbm (GDBM) contains an out-of-bounds read flaw in the _gdbm_get_bucket() function in bucket.c that is triggered as buckets are not properly re-initialized when a failure occurs. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=40a464d322c720c88a50c3eb0a8c1d87e6079f89",
+ "/vulnerabilities/251924",
+ "https://puszcza.gnu.org.ua/bugs/?501"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 8.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 8.5,
+ "cvss3_max_score": 8.2,
+ "summary": "Git fsmonitor.c fsmonitor_is_trivial_response() Function Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:git:2.30.1-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "generic://sha256:b631c872dd0c171fca133bcd7481ac18f009dac211834de6dca4bc494421796e/sha256__b631c872dd0c171fca133bcd7481ac18f009dac211834de6dca4bc494421796e.tar.gz",
+ "alpine://3.13:git:2.30.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412/",
+ "fixed_versions": [],
+ "published": "2021-04-21T02:31:31+10:00",
+ "artifact_scan_time": "2021-03-18T13:05:27+11:00",
+ "issue_id": "XRAY-173164",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Git contains an out-of-bounds read flaw in the fsmonitor_is_trivial_response() function in fsmonitor.c that is triggered when handling input passed via 'query_result' values. This may allow an attacker to cause a denial of service or potentially disclose memory contents.",
+ "references": [
+ "https://lore.kernel.org/git/27cc2d6b-834f-e34b-0949-561b575544da@gmail.com/#r",
+ "https://lore.kernel.org/git/pull.904.git.1615826363431.gitgitgadget@gmail.com/",
+ "https://github.com/gitgitgadget/git/commit/8779c141da62d66be5d420b94d506636006a7901",
+ "https://github.com/gitgitgadget/git/pull/904"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite sqliteInt.h sqlite3ExpandSubquery() Function Declaration Unspecified Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:sqlite-libs:3.34.1-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "generic://sha256:b631c872dd0c171fca133bcd7481ac18f009dac211834de6dca4bc494421796e/sha256__b631c872dd0c171fca133bcd7481ac18f009dac211834de6dca4bc494421796e.tar.gz",
+ "alpine://3.13:sqlite-libs:3.34.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412/",
+ "fixed_versions": [],
+ "published": "2021-03-15T04:32:05+11:00",
+ "artifact_scan_time": "2021-03-18T13:05:27+11:00",
+ "issue_id": "XRAY-146201",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains an unspecified flaw in sqliteInt.h as the sqlite3ExpandSubquery() function is not declared for SQLITE_OMIT_WINDOWFUNC builds. This may allow an attacker to have an unspecified impact. No further details have been provided.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/7225bfef164bced949c0ba98436b1fa104546493",
+ "https://www.sqlite.org/src/info/9587fa8b29fc2f91",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/8162d64e702214e8cb12078f387e4278a3302d16",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/d9581878fcf81ec8beda15b079726edaddd775bb",
+ "https://chromium.googlesource.com/chromium/src/+/b8631d09aaba64ee30d492e47e6ccf43860e0cac",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1183883",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1161048",
+ "https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite btree.c balance_nonroot() Function Database File Handling Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:sqlite-libs:3.34.1-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "generic://sha256:b631c872dd0c171fca133bcd7481ac18f009dac211834de6dca4bc494421796e/sha256__b631c872dd0c171fca133bcd7481ac18f009dac211834de6dca4bc494421796e.tar.gz",
+ "alpine://3.13:sqlite-libs:3.34.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412/",
+ "fixed_versions": [],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-03-18T13:05:27+11:00",
+ "issue_id": "XRAY-173004",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains a flaw in the balance_nonroot() function in btree.c that is triggered when handling a specially crafted database file. This may allow a context-dependent attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/1e06c70eb073a92e683c55ffb8471301db999b75",
+ "https://github.com/sqlite/sqlite/commit/1f9f5766954d250a00da59f7f7c1fc57d9032a6e",
+ "https://www.sqlite.org/src/info/39c8686cabe6c437",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/60efbb3584af2ba05e1935b3e07d3a861841db7c",
+ "https://github.com/chromium/chromium/commit/78157c349734be628ac9eef25a897a50bd31b8cd",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1175522",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1181276",
+ "https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1198709"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "GNU dbm (GDBM) gdbmopen.c gdbm_avail_block_validate() Function Block Validation Out-of-bounds Read DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:gdbm:1.19-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "generic://sha256:b631c872dd0c171fca133bcd7481ac18f009dac211834de6dca4bc494421796e/sha256__b631c872dd0c171fca133bcd7481ac18f009dac211834de6dca4bc494421796e.tar.gz",
+ "alpine://3.13:gdbm:1.19-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412/",
+ "fixed_versions": [],
+ "published": "2021-03-19T02:44:49+11:00",
+ "artifact_scan_time": "2021-03-18T13:05:27+11:00",
+ "issue_id": "XRAY-147947",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU dbm (GDBM) contains an out-of-bounds read flaw in the gdbm_avail_block_validate() function in gdbmopen.c that is triggered when validating available blocks. This may allow a context-dependent attacker to crash a process linked against the library.",
+ "references": [
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=9405ce2373ae5d64fc370c8b5ff280a92f15d01f",
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=4fe603315b4e5189ff5ba31fb9ef0bedd625202a",
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=7011ecbaf12a07f912eaf1b3ed6d3a528cefc7ad",
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=fd5cf245ea6d3e2f36dc349d8013ef62f4a9d532",
+ "/vulnerabilities/251922",
+ "https://puszcza.gnu.org.ua/bugs/?501",
+ "https://puszcza.gnu.org.ua/bugs/?503"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3121",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "severity": "High",
+ "vulnerable_component": "go://github.com/gogo/protobuf:1.3.1",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "generic://sha256:dea0207275e948d0460c89f6f118965e30d3310c19bacdf116090038a6ce687c/sha256__dea0207275e948d0460c89f6f118965e30d3310c19bacdf116090038a6ce687c.tar.gz",
+ "generic://sha256:783c7d3b26de469151b40de20677b8721678a081ac12ff93f3daab0a4238dcc5/kustomize-controller",
+ "go://github.com/gogo/protobuf:1.3.1"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412/",
+ "fixed_versions": [
+ "1.3.2"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-03-18T13:05:27+11:00",
+ "issue_id": "XRAY-139136",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "references": [
+ "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E",
+ "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E",
+ "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2",
+ "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3345",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "_gcry_md_block_write in cipher/hash-common.c in Libgcrypt before 1.9.1 has a heap-based buffer overflow when the digest final function sets a large count value.",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:libgcrypt:1.8.7-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "generic://sha256:b631c872dd0c171fca133bcd7481ac18f009dac211834de6dca4bc494421796e/sha256__b631c872dd0c171fca133bcd7481ac18f009dac211834de6dca4bc494421796e.tar.gz",
+ "alpine://3.13:libgcrypt:1.8.7-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412/",
+ "fixed_versions": [],
+ "published": "2021-02-02T04:46:15+11:00",
+ "artifact_scan_time": "2021-03-18T13:05:27+11:00",
+ "issue_id": "XRAY-139180",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "_gcry_md_block_write in cipher/hash-common.c in Libgcrypt before 1.9.1 has a heap-based buffer overflow when the digest final function sets a large count value.",
+ "references": [
+ "https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000456.html",
+ "https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000455.html",
+ "https://gnupg.org",
+ "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=512c0c75276949f13b6373b5c04f7065af750b08",
+ "https://bugs.gentoo.org/show_bug.cgi?id=767814"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.5,
+ "summary": "Alpine Package Keeper (apk-tools) io.c apk_resolve_[ug]id() Functions Username / Groupname TAR Header Field Handling Out-of-bounds Read DoS Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:apk-tools:2.12.1-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "generic://sha256:ba3557a56b150f9b813f9d02274d62914fd8fce120dd374d9ee17b87cf1d277d/sha256__ba3557a56b150f9b813f9d02274d62914fd8fce120dd374d9ee17b87cf1d277d.tar.gz",
+ "alpine://3.13:apk-tools:2.12.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412/",
+ "fixed_versions": [
+ "2.12.5-r0"
+ ],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-03-18T13:05:27+11:00",
+ "issue_id": "XRAY-173006",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Alpine Package Keeper (apk-tools) contains an out-of-bounds read flaw in the apk_resolve_uid() and apk_resolve_gid() functions in io.c that is triggered as username and groupname header fields are not properly checked for string terminators when parsing TAR file headers. This can potentially allow a context-dependent attacker to cause a denial of service.",
+ "references": [
+ "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741",
+ "https://github.com/docker-library/official-images/pull/9982",
+ "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606",
+ "https://github.com/alpinelinux/apk-tools/commit/f7143c1766ae59489ac922e890ffe6d4a61c3b2d",
+ "https://github.com/alpinelinux/aports/commit/aa740eb10ca7b8386cadc8761da1e30ed931486c",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-30139"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000487",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0.8",
+ "impacted_artifact": "gav://org.apache.maven.surefire:maven-surefire-common:2.12.4",
+ "impact_path": [
+ "gav://org.apache.maven.surefire:maven-surefire-common:2.12.4",
+ "gav://org.codehaus.plexus:plexus-utils:3.0.8"
+ ],
+ "path": "mavencentral-remote/org/apache/maven/surefire/maven-surefire-common/2.12.4/maven-surefire-common-2.12.4.jar",
+ "fixed_versions": [
+ "3.0.16"
+ ],
+ "published": "2019-06-10T18:42:32+10:00",
+ "artifact_scan_time": "2021-03-09T08:42:52+11:00",
+ "issue_id": "XRAY-83897",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1322",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522",
+ "https://www.debian.org/security/2018/dsa-4149",
+ "https://www.debian.org/security/2018/dsa-4146",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "Plexus-utils util/xml/XmlWriterUtil.java XmlWriterUtil::writeComment() Function Comment String Escape XML Injection Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0.8",
+ "impacted_artifact": "gav://org.apache.maven.surefire:maven-surefire-common:2.12.4",
+ "impact_path": [
+ "gav://org.apache.maven.surefire:maven-surefire-common:2.12.4",
+ "gav://org.codehaus.plexus:plexus-utils:3.0.8"
+ ],
+ "path": "mavencentral-remote/org/apache/maven/surefire/maven-surefire-common/2.12.4/maven-surefire-common-2.12.4.jar",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-09-15T21:14:39+10:00",
+ "artifact_scan_time": "2021-03-09T08:42:52+11:00",
+ "issue_id": "XRAY-88166",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils contains a flaw in the XmlWriterUtil::writeComment() function in util/xml/XmlWriterUtil.java that is triggered as comment strings are not properly sanitized. This may allow a context-dependent attacker to inject unexpected content through XML code and have an unspecified impact.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/issues/3",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2015-3253",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized object.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.groovy:groovy-all:1.7.6",
+ "impacted_artifact": "gav://org.codehaus.groovy:groovy-all:1.7.6",
+ "impact_path": [
+ "gav://org.codehaus.groovy:groovy-all:1.7.6"
+ ],
+ "path": "mavencentral-remote/org/codehaus/groovy/groovy-all/1.7.6/groovy-all-1.7.6.jar",
+ "fixed_versions": [
+ "2.4.4"
+ ],
+ "published": "2017-07-05T21:31:12+10:00",
+ "artifact_scan_time": "2021-03-09T08:45:52+11:00",
+ "issue_id": "XRAY-55823",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized object.",
+ "references": [
+ "http://rhn.redhat.com/errata/RHSA-2016-0066.html",
+ "http://www.zerodayinitiative.com/advisories/ZDI-15-365/",
+ "http://packetstormsecurity.com/files/132714/Apache-Groovy-2.4.3-Code-Execution.html",
+ "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755",
+ "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
+ "http://groovy-lang.org/security.html",
+ "http://www.securityfocus.com/archive/1/archive/1/536012/100/0/threaded",
+ "http://www.securityfocus.com/bid/91787",
+ "http://www.securityfocus.com/bid/75919"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-6814",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it was possible for an attacker to bake a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects were subject to this vulnerability.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.groovy:groovy-all:1.7.6",
+ "impacted_artifact": "gav://org.codehaus.groovy:groovy-all:1.7.6",
+ "impact_path": [
+ "gav://org.codehaus.groovy:groovy-all:1.7.6"
+ ],
+ "path": "mavencentral-remote/org/codehaus/groovy/groovy-all/1.7.6/groovy-all-1.7.6.jar",
+ "fixed_versions": [
+ "2.4.8"
+ ],
+ "published": "2018-03-12T23:28:18+11:00",
+ "artifact_scan_time": "2021-03-09T08:45:52+11:00",
+ "issue_id": "XRAY-64722",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it was possible for an attacker to bake a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects were subject to this vulnerability.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2017:2596",
+ "https://access.redhat.com/errata/RHSA-2017:2486",
+ "https://access.redhat.com/errata/RHSA-2017:0868",
+ "http://www.securitytracker.com/id/1039600",
+ "http://www.securityfocus.com/bid/95429",
+ "http://rhn.redhat.com/errata/RHSA-2017-0272.html",
+ "http://mail-archives.apache.org/mod_mbox/www-announce/201701.mbox/%3CCADRx3PMZ2hBCGDTY35zYXFGaDnjAs0tc5-upaVs6QN2sYUejyA%40mail.gmail.com%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "Plexus-utils util/xml/XmlWriterUtil.java XmlWriterUtil::writeComment() Function Comment String Escape XML Injection Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0.22",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:3.0.22",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:3.0.22"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/3.0.22/plexus-utils-3.0.22.jar",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-09-15T21:14:39+10:00",
+ "artifact_scan_time": "2021-03-09T08:43:53+11:00",
+ "issue_id": "XRAY-88166",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils contains a flaw in the XmlWriterUtil::writeComment() function in util/xml/XmlWriterUtil.java that is triggered as comment strings are not properly sanitized. This may allow a context-dependent attacker to inject unexpected content through XML code and have an unspecified impact.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/issues/3",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "Plexus-utils util/xml/XmlWriterUtil.java XmlWriterUtil::writeComment() Function Comment String Escape XML Injection Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0.5",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:3.0.5",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:3.0.5"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/3.0.5/plexus-utils-3.0.5.jar",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-09-15T21:14:39+10:00",
+ "artifact_scan_time": "2021-03-09T08:46:51+11:00",
+ "issue_id": "XRAY-88166",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils contains a flaw in the XmlWriterUtil::writeComment() function in util/xml/XmlWriterUtil.java that is triggered as comment strings are not properly sanitized. This may allow a context-dependent attacker to inject unexpected content through XML code and have an unspecified impact.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/issues/3",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000487",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0.5",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:3.0.5",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:3.0.5"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/3.0.5/plexus-utils-3.0.5.jar",
+ "fixed_versions": [
+ "3.0.16"
+ ],
+ "published": "2019-06-10T18:42:32+10:00",
+ "artifact_scan_time": "2021-03-09T08:46:51+11:00",
+ "issue_id": "XRAY-83897",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1322",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522",
+ "https://www.debian.org/security/2018/dsa-4149",
+ "https://www.debian.org/security/2018/dsa-4146",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3449",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).",
+ "severity": "High",
+ "vulnerable_component": "deb://ubuntu:bionic:libssl1.1:1.1.1-1ubuntu2.1~18.04.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:06e2d54757a5b0c81dcbc423ed468c533b04e1c8a69debe60ed90bde3e2ffd52/sha256__06e2d54757a5b0c81dcbc423ed468c533b04e1c8a69debe60ed90bde3e2ffd52.tar.gz",
+ "deb://ubuntu:bionic:libssl1.1:1.1.1-1ubuntu2.1~18.04.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-04-06T14:40:46+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-168853",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449",
+ "https://www.openssl.org/news/secadv/20210325.txt",
+ "https://usn.ubuntu.com/usn/usn-4891-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-1971",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the \"-crl_download\" option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w).",
+ "severity": "High",
+ "vulnerable_component": "deb://ubuntu:bionic:openssl:1.1.1-1ubuntu2.1~18.04.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:06e2d54757a5b0c81dcbc423ed468c533b04e1c8a69debe60ed90bde3e2ffd52/sha256__06e2d54757a5b0c81dcbc423ed468c533b04e1c8a69debe60ed90bde3e2ffd52.tar.gz",
+ "deb://ubuntu:bionic:openssl:1.1.1-1ubuntu2.1~18.04.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "≥ 1.1.1-1ubuntu2.1~18.04.7"
+ ],
+ "published": "2020-12-25T15:28:59+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-137237",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the \"-crl_download\" option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w).",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4745-1",
+ "https://usn.ubuntu.com/usn/usn-4662-1",
+ "https://www.openssl.org/news/secadv/20201208.txt",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3449",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).",
+ "severity": "High",
+ "vulnerable_component": "deb://ubuntu:bionic:openssl:1.1.1-1ubuntu2.1~18.04.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:06e2d54757a5b0c81dcbc423ed468c533b04e1c8a69debe60ed90bde3e2ffd52/sha256__06e2d54757a5b0c81dcbc423ed468c533b04e1c8a69debe60ed90bde3e2ffd52.tar.gz",
+ "deb://ubuntu:bionic:openssl:1.1.1-1ubuntu2.1~18.04.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "≥ 1.1.1-1ubuntu2.1~18.04.9"
+ ],
+ "published": "2021-04-06T14:40:46+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-168853",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3449",
+ "https://www.openssl.org/news/secadv/20210325.txt",
+ "https://usn.ubuntu.com/usn/usn-4891-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-1971",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the \"-crl_download\" option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w).",
+ "severity": "High",
+ "vulnerable_component": "deb://ubuntu:bionic:libssl1.1:1.1.1-1ubuntu2.1~18.04.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:06e2d54757a5b0c81dcbc423ed468c533b04e1c8a69debe60ed90bde3e2ffd52/sha256__06e2d54757a5b0c81dcbc423ed468c533b04e1c8a69debe60ed90bde3e2ffd52.tar.gz",
+ "deb://ubuntu:bionic:libssl1.1:1.1.1-1ubuntu2.1~18.04.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2020-12-25T15:28:59+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-137237",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the \"-crl_download\" option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w).",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4745-1",
+ "https://usn.ubuntu.com/usn/usn-4662-1",
+ "https://www.openssl.org/news/secadv/20201208.txt",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc-bin:2.28-10",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed/sha256__45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed.tar.gz",
+ "deb://debian:buster:libc-bin:2.28-10"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc6:2.28-10",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed/sha256__45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed.tar.gz",
+ "deb://debian:buster:libc6:2.28-10"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "Plexus-utils util/xml/XmlWriterUtil.java XmlWriterUtil::writeComment() Function Comment String Escape XML Injection Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0.20",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:3.0.20",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:3.0.20"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/3.0.20/plexus-utils-3.0.20.jar",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-09-15T21:14:39+10:00",
+ "artifact_scan_time": "2021-03-09T08:43:53+11:00",
+ "issue_id": "XRAY-88166",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils contains a flaw in the XmlWriterUtil::writeComment() function in util/xml/XmlWriterUtil.java that is triggered as comment strings are not properly sanitized. This may allow a context-dependent attacker to inject unexpected content through XML code and have an unspecified impact.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/issues/3",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000487",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:1.5.6",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:1.5.6",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:1.5.6"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/1.5.6/plexus-utils-1.5.6.jar",
+ "fixed_versions": [
+ "3.0.16"
+ ],
+ "published": "2019-06-10T18:42:32+10:00",
+ "artifact_scan_time": "2021-03-09T08:44:52+11:00",
+ "issue_id": "XRAY-83897",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1322",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522",
+ "https://www.debian.org/security/2018/dsa-4149",
+ "https://www.debian.org/security/2018/dsa-4146",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "Plexus-utils util/xml/XmlWriterUtil.java XmlWriterUtil::writeComment() Function Comment String Escape XML Injection Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:1.5.6",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:1.5.6",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:1.5.6"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/1.5.6/plexus-utils-1.5.6.jar",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-09-15T21:14:39+10:00",
+ "artifact_scan_time": "2021-03-09T08:44:52+11:00",
+ "issue_id": "XRAY-88166",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils contains a flaw in the XmlWriterUtil::writeComment() function in util/xml/XmlWriterUtil.java that is triggered as comment strings are not properly sanitized. This may allow a context-dependent attacker to inject unexpected content through XML code and have an unspecified impact.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/issues/3",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3121",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "severity": "High",
+ "vulnerable_component": "go://github.com/gogo/protobuf:1.3.1",
+ "impacted_artifact": "docker://fluxcd/notification-controller:sha256__65bc6b79fddd41ef5794fb89647881639befecf5c6745ceb6a3aa6d932cad890",
+ "impact_path": [
+ "docker://fluxcd/notification-controller:sha256__65bc6b79fddd41ef5794fb89647881639befecf5c6745ceb6a3aa6d932cad890",
+ "generic://sha256:24b88d89334511f34288adf56a6e6460ff94c27904873444f07d5bff1ceffb4e/sha256__24b88d89334511f34288adf56a6e6460ff94c27904873444f07d5bff1ceffb4e.tar.gz",
+ "generic://sha256:95372b996520b38450ca909782bbd7f71bf6be1be984c19ace8ec82346c187bb/notification-controller",
+ "go://github.com/gogo/protobuf:1.3.1"
+ ],
+ "path": "dockerhub-remote/fluxcd/notification-controller/sha256__65bc6b79fddd41ef5794fb89647881639befecf5c6745ceb6a3aa6d932cad890/",
+ "fixed_versions": [
+ "1.3.2"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-05-11T10:00:55+10:00",
+ "issue_id": "XRAY-139136",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "references": [
+ "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E",
+ "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E",
+ "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2",
+ "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-14363",
+ "cvss_v2_score": 4.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.6,
+ "cvss3_max_score": 7.8,
+ "summary": "CVE-2020-14363 libX11: integer overflow leads to double free in locale handling (important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:libX11:0:1.6.8-4.el8",
+ "impacted_artifact": "rpm://8:libX11:0:1.6.8-4.el8",
+ "impact_path": [
+ "rpm://8:libX11:0:1.6.8-4.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/l/libX11-1.6.8-4.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T16:18:32+11:00",
+ "artifact_scan_time": "2021-05-20T14:20:12+10:00",
+ "issue_id": "XRAY-134873",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to confidentiality, integrity as well as system availability. STATEMENT: Xorg server does not run with root privileges in Red Hat Enterprise Linux 8. Therefore this flaw has been rated as having a moderate impact for Red Hat Enterprise Linux 8.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-14363"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2012-0881",
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.5,
+ "summary": "Apache Xerces2 Java allows remote attackers to cause a denial of service (CPU consumption) via a crafted message to an XML service, which triggers hash table collisions.",
+ "severity": "High",
+ "vulnerable_component": "gav://xerces:xercesImpl:2.9.1",
+ "impacted_artifact": "gav://xerces:xercesImpl:2.9.1",
+ "impact_path": [
+ "gav://xerces:xercesImpl:2.9.1"
+ ],
+ "path": "mavencentral-remote/xerces/xercesImpl/2.9.1/xercesImpl-2.9.1.jar",
+ "fixed_versions": [
+ "2.12.0"
+ ],
+ "published": "2017-12-12T20:50:15+11:00",
+ "artifact_scan_time": "2021-03-09T08:46:52+11:00",
+ "issue_id": "XRAY-60232",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Xerces2 Java allows remote attackers to cause a denial of service (CPU consumption) via a crafted message to an XML service, which triggers hash table collisions.",
+ "references": [
+ "https://bugzilla.redhat.com/show_bug.cgi?id=787104",
+ "http://www.openwall.com/lists/oss-security/2014/07/08/11"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2013-4002",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "summary": "XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names.",
+ "severity": "High",
+ "vulnerable_component": "gav://xerces:xercesImpl:2.9.1",
+ "impacted_artifact": "gav://xerces:xercesImpl:2.9.1",
+ "impact_path": [
+ "gav://xerces:xercesImpl:2.9.1"
+ ],
+ "path": "mavencentral-remote/xerces/xercesImpl/2.9.1/xercesImpl-2.9.1.jar",
+ "fixed_versions": [
+ "2.12.0"
+ ],
+ "published": "2018-12-24T02:18:38+11:00",
+ "artifact_scan_time": "2021-03-09T08:46:52+11:00",
+ "issue_id": "XRAY-74392",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names.",
+ "references": [
+ "https://exchange.xforce.ibmcloud.com/vulnerabilities/85260",
+ "http://www.ubuntu.com/usn/USN-2089-1",
+ "http://www.ubuntu.com/usn/USN-2033-1",
+ "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html",
+ "http://secunia.com/advisories/56257",
+ "http://rhn.redhat.com/errata/RHSA-2015-0773.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-0765.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-0720.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-0675.html",
+ "http://rhn.redhat.com/errata/RHSA-2014-1823.html",
+ "http://rhn.redhat.com/errata/RHSA-2014-1822.html",
+ "http://rhn.redhat.com/errata/RHSA-2014-1821.html",
+ "http://rhn.redhat.com/errata/RHSA-2014-1818.html",
+ "https://access.redhat.com/errata/RHSA-2014:0414",
+ "http://rhn.redhat.com/errata/RHSA-2013-1505.html",
+ "http://rhn.redhat.com/errata/RHSA-2013-1451.html",
+ "http://rhn.redhat.com/errata/RHSA-2013-1447.html",
+ "http://rhn.redhat.com/errata/RHSA-2013-1440.html",
+ "http://rhn.redhat.com/errata/RHSA-2013-1081.html",
+ "http://rhn.redhat.com/errata/RHSA-2013-1060.html",
+ "http://rhn.redhat.com/errata/RHSA-2013-1059.html",
+ "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73@%3Cj-users.xerces.apache.org%3E",
+ "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013",
+ "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2",
+ "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2",
+ "http://security.gentoo.org/glsa/glsa-201406-32.xml",
+ "https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
+ "https://issues.apache.org/jira/browse/XERCESJ-1679",
+ "http://www.ibm.com/support/docview.wss?uid=swg21648172",
+ "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002",
+ "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21657539",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21653371",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21644197",
+ "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch",
+ "http://support.apple.com/kb/HT5982",
+ "http://www.securityfocus.com/bid/61310",
+ "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "summary": "Apache Xerces2 Java Parser Hash Collision Form Parameter Parsing Remote DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://xerces:xercesImpl:2.9.1",
+ "impacted_artifact": "gav://xerces:xercesImpl:2.9.1",
+ "impact_path": [
+ "gav://xerces:xercesImpl:2.9.1"
+ ],
+ "path": "mavencentral-remote/xerces/xercesImpl/2.9.1/xercesImpl-2.9.1.jar",
+ "fixed_versions": [
+ "2.12.0"
+ ],
+ "published": "2019-08-26T22:47:02+10:00",
+ "artifact_scan_time": "2021-03-09T08:46:52+11:00",
+ "issue_id": "XRAY-87173",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Xerces2 Java contains a flaw in the JAXP parser feature that is due to the program failing to compare hash values properly during the parsing of the 'Form' parameter. This may allow a remote attacker to cause a denial of service.",
+ "references": [
+ "https://cryptanalysis.eu/blog/2011/12/28/effective-dos-attacks-against-web-application-plattforms-hashdos/",
+ "https://issues.apache.org/jira/browse/XERCESJ-1547",
+ "http://xerces.apache.org/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc6:2.28-10",
+ "impacted_artifact": "docker://library/httpd:sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2",
+ "impact_path": [
+ "docker://library/httpd:sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2",
+ "generic://sha256:69692152171afee1fd341febc390747cfca2ff302f2881d8b394e786af605696/sha256__69692152171afee1fd341febc390747cfca2ff302f2881d8b394e786af605696.tar.gz",
+ "deb://debian:buster:libc6:2.28-10"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-05-13T10:57:41+10:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc-bin:2.28-10",
+ "impacted_artifact": "docker://library/httpd:sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2",
+ "impact_path": [
+ "docker://library/httpd:sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2",
+ "generic://sha256:69692152171afee1fd341febc390747cfca2ff302f2881d8b394e786af605696/sha256__69692152171afee1fd341febc390747cfca2ff302f2881d8b394e786af605696.tar.gz",
+ "deb://debian:buster:libc-bin:2.28-10"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-05-13T10:57:41+10:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc6:2.28-10",
+ "impacted_artifact": "docker://library/httpd:sha256__67648227220cc36466fc706a8ccb910a7b2832c3aa76884a88dc0938d1986d40",
+ "impact_path": [
+ "docker://library/httpd:sha256__67648227220cc36466fc706a8ccb910a7b2832c3aa76884a88dc0938d1986d40",
+ "generic://sha256:f7ec5a41d630a33a2d1db59b95d89d93de7ae5a619a3a8571b78457e48266eba/sha256__f7ec5a41d630a33a2d1db59b95d89d93de7ae5a619a3a8571b78457e48266eba.tar.gz",
+ "deb://debian:buster:libc6:2.28-10"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__67648227220cc36466fc706a8ccb910a7b2832c3aa76884a88dc0938d1986d40/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-05-05T09:51:34+10:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc-bin:2.28-10",
+ "impacted_artifact": "docker://library/httpd:sha256__67648227220cc36466fc706a8ccb910a7b2832c3aa76884a88dc0938d1986d40",
+ "impact_path": [
+ "docker://library/httpd:sha256__67648227220cc36466fc706a8ccb910a7b2832c3aa76884a88dc0938d1986d40",
+ "generic://sha256:f7ec5a41d630a33a2d1db59b95d89d93de7ae5a619a3a8571b78457e48266eba/sha256__f7ec5a41d630a33a2d1db59b95d89d93de7ae5a619a3a8571b78457e48266eba.tar.gz",
+ "deb://debian:buster:libc-bin:2.28-10"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__67648227220cc36466fc706a8ccb910a7b2832c3aa76884a88dc0938d1986d40/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-05-05T09:51:34+10:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-14363",
+ "cvss_v2_score": 4.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.6,
+ "cvss3_max_score": 7.8,
+ "summary": "CVE-2020-14363 libX11: integer overflow leads to double free in locale handling (important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:libX11-xcb:0:1.6.8-4.el8",
+ "impacted_artifact": "rpm://8:libX11-xcb:0:1.6.8-4.el8",
+ "impact_path": [
+ "rpm://8:libX11-xcb:0:1.6.8-4.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/l/libX11-xcb-1.6.8-4.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T16:18:32+11:00",
+ "artifact_scan_time": "2021-05-21T08:33:12+10:00",
+ "issue_id": "XRAY-134873",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to confidentiality, integrity as well as system availability. STATEMENT: Xorg server does not run with root privileges in Red Hat Enterprise Linux 8. Therefore this flaw has been rated as having a moderate impact for Red Hat Enterprise Linux 8.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-14363"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "libssh2 packet.c packet_queue_listener() Function SSH Packet Parsing Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:libssh2:1.9.0-r1",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__32369baf214b42419332803b3ca58ef1b7ccf70f8398ebfac85ed69cf976b0f3",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__32369baf214b42419332803b3ca58ef1b7ccf70f8398ebfac85ed69cf976b0f3",
+ "generic://sha256:939879ddcf7b85cb48a33a66197b6cf4c93ba8b34ec0fb91e9d156e208999b7a/sha256__939879ddcf7b85cb48a33a66197b6cf4c93ba8b34ec0fb91e9d156e208999b7a.tar.gz",
+ "alpine://3.13:libssh2:1.9.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__32369baf214b42419332803b3ca58ef1b7ccf70f8398ebfac85ed69cf976b0f3/",
+ "fixed_versions": [],
+ "published": "2020-08-13T00:54:38+10:00",
+ "artifact_scan_time": "2021-05-11T10:01:07+10:00",
+ "issue_id": "XRAY-117890",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "libssh2 contains an out-of-bounds read flaw in the packet_queue_listener() function in packet.c that is triggered as certain input in SSH packets is not properly validated. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://github.com/libssh2/libssh2/commit/f7bc203dbeb1dd9e17beb553c50faeedc5755ead",
+ "https://github.com/libssh2/libssh2/commit/8571ab482d7591be14b47b7065eed689c92cae27",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16865",
+ "https://github.com/libssh2/libssh2/pull/404"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 7.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.1,
+ "summary": "libssh2 packet.c packet_x11_open() Function Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:libssh2:1.9.0-r1",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__32369baf214b42419332803b3ca58ef1b7ccf70f8398ebfac85ed69cf976b0f3",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__32369baf214b42419332803b3ca58ef1b7ccf70f8398ebfac85ed69cf976b0f3",
+ "generic://sha256:939879ddcf7b85cb48a33a66197b6cf4c93ba8b34ec0fb91e9d156e208999b7a/sha256__939879ddcf7b85cb48a33a66197b6cf4c93ba8b34ec0fb91e9d156e208999b7a.tar.gz",
+ "alpine://3.13:libssh2:1.9.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__32369baf214b42419332803b3ca58ef1b7ccf70f8398ebfac85ed69cf976b0f3/",
+ "fixed_versions": [],
+ "published": "2020-08-13T00:54:38+10:00",
+ "artifact_scan_time": "2021-05-11T10:01:07+10:00",
+ "issue_id": "XRAY-117891",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "libssh2 contains an out-of-bounds read flaw in the packet_x11_open() function in packet.c. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://github.com/libssh2/libssh2/commit/bcb7c92d543fdff179835e41aaf0afc59ea89f6d",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17095",
+ "https://github.com/libssh2/libssh2/pull/410"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "libssh2 transport.c _libssh2_transport_send() Function Delay-compression NULL Pointer Dereference Remote DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:libssh2:1.9.0-r1",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__32369baf214b42419332803b3ca58ef1b7ccf70f8398ebfac85ed69cf976b0f3",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__32369baf214b42419332803b3ca58ef1b7ccf70f8398ebfac85ed69cf976b0f3",
+ "generic://sha256:939879ddcf7b85cb48a33a66197b6cf4c93ba8b34ec0fb91e9d156e208999b7a/sha256__939879ddcf7b85cb48a33a66197b6cf4c93ba8b34ec0fb91e9d156e208999b7a.tar.gz",
+ "alpine://3.13:libssh2:1.9.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__32369baf214b42419332803b3ca58ef1b7ccf70f8398ebfac85ed69cf976b0f3/",
+ "fixed_versions": [],
+ "published": "2020-08-13T00:54:38+10:00",
+ "artifact_scan_time": "2021-05-11T10:01:07+10:00",
+ "issue_id": "XRAY-117893",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "libssh2 contains a NULL pointer dereference flaw in the _libssh2_transport_send() function in transport.c that is triggered when using the delay-compression extensions to renegotiate compression algorithm support. This may allow a remote attacker to crash a process using the library.",
+ "references": [
+ "https://github.com/libssh2/libssh2/commit/03c7c4a351712492969bcc6ca40ca421c8dfe8bc",
+ "https://github.com/libssh2/libssh2/pull/443"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "libssh2 userauth.c file_read_publickey() Function Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:libssh2:1.9.0-r1",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__32369baf214b42419332803b3ca58ef1b7ccf70f8398ebfac85ed69cf976b0f3",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__32369baf214b42419332803b3ca58ef1b7ccf70f8398ebfac85ed69cf976b0f3",
+ "generic://sha256:939879ddcf7b85cb48a33a66197b6cf4c93ba8b34ec0fb91e9d156e208999b7a/sha256__939879ddcf7b85cb48a33a66197b6cf4c93ba8b34ec0fb91e9d156e208999b7a.tar.gz",
+ "alpine://3.13:libssh2:1.9.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__32369baf214b42419332803b3ca58ef1b7ccf70f8398ebfac85ed69cf976b0f3/",
+ "fixed_versions": [],
+ "published": "2020-08-13T00:54:37+10:00",
+ "artifact_scan_time": "2021-05-11T10:01:07+10:00",
+ "issue_id": "XRAY-117888",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "libssh2 contains an out-of-bounds read flaw in the file_read_publickey() function in userauth.c. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://github.com/libssh2/libssh2/pull/386",
+ "https://github.com/libssh2/libssh2/commit/482055695011fabb55f3cb7598356d47a0429068"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "libssh2 kex.c kex_agree_methods() Function Key Exchange Packet Handling Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:libssh2:1.9.0-r1",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__32369baf214b42419332803b3ca58ef1b7ccf70f8398ebfac85ed69cf976b0f3",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__32369baf214b42419332803b3ca58ef1b7ccf70f8398ebfac85ed69cf976b0f3",
+ "generic://sha256:939879ddcf7b85cb48a33a66197b6cf4c93ba8b34ec0fb91e9d156e208999b7a/sha256__939879ddcf7b85cb48a33a66197b6cf4c93ba8b34ec0fb91e9d156e208999b7a.tar.gz",
+ "alpine://3.13:libssh2:1.9.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__32369baf214b42419332803b3ca58ef1b7ccf70f8398ebfac85ed69cf976b0f3/",
+ "fixed_versions": [],
+ "published": "2020-08-13T00:54:38+10:00",
+ "artifact_scan_time": "2021-05-11T10:01:07+10:00",
+ "issue_id": "XRAY-117889",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "libssh2 contains an out-of-bounds read flaw in the kex_agree_methods() function in kex.c that is triggered when handling key exchange packets. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://github.com/libssh2/libssh2/commit/43f24eb152b8ec62473d2de6108d7c0b267b2419",
+ "https://github.com/libssh2/libssh2/commit/d0cb72fb986139f5927af7811dc766261f59f2d9",
+ "https://github.com/libssh2/libssh2/pull/399",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16825",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16823"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "GNU dbm (GDBM) gdbmopen.c gdbm_avail_block_validate() Function Block Validation Out-of-bounds Read DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:gdbm:1.19-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19",
+ "generic://sha256:1c867954d5aff64e884bfc58571f2c2c347e5b0ee9b1c8e8e671ccd7980ed2ac/sha256__1c867954d5aff64e884bfc58571f2c2c347e5b0ee9b1c8e8e671ccd7980ed2ac.tar.gz",
+ "alpine://3.13:gdbm:1.19-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19/",
+ "fixed_versions": [],
+ "published": "2021-03-19T02:44:49+11:00",
+ "artifact_scan_time": "2021-05-11T10:01:50+10:00",
+ "issue_id": "XRAY-147947",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU dbm (GDBM) contains an out-of-bounds read flaw in the gdbm_avail_block_validate() function in gdbmopen.c that is triggered when validating available blocks. This may allow a context-dependent attacker to crash a process linked against the library.",
+ "references": [
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=9405ce2373ae5d64fc370c8b5ff280a92f15d01f",
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=4fe603315b4e5189ff5ba31fb9ef0bedd625202a",
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=7011ecbaf12a07f912eaf1b3ed6d3a528cefc7ad",
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=fd5cf245ea6d3e2f36dc349d8013ef62f4a9d532",
+ "/vulnerabilities/251922",
+ "https://puszcza.gnu.org.ua/bugs/?501",
+ "https://puszcza.gnu.org.ua/bugs/?503"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 8.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 8.5,
+ "cvss3_max_score": 8.2,
+ "summary": "Git fsmonitor.c fsmonitor_is_trivial_response() Function Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:git:2.30.2-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19",
+ "generic://sha256:1c867954d5aff64e884bfc58571f2c2c347e5b0ee9b1c8e8e671ccd7980ed2ac/sha256__1c867954d5aff64e884bfc58571f2c2c347e5b0ee9b1c8e8e671ccd7980ed2ac.tar.gz",
+ "alpine://3.13:git:2.30.2-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19/",
+ "fixed_versions": [],
+ "published": "2021-04-21T02:31:31+10:00",
+ "artifact_scan_time": "2021-05-11T10:01:50+10:00",
+ "issue_id": "XRAY-173164",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Git contains an out-of-bounds read flaw in the fsmonitor_is_trivial_response() function in fsmonitor.c that is triggered when handling input passed via 'query_result' values. This may allow an attacker to cause a denial of service or potentially disclose memory contents.",
+ "references": [
+ "https://lore.kernel.org/git/27cc2d6b-834f-e34b-0949-561b575544da@gmail.com/#r",
+ "https://lore.kernel.org/git/pull.904.git.1615826363431.gitgitgadget@gmail.com/",
+ "https://github.com/gitgitgadget/git/commit/8779c141da62d66be5d420b94d506636006a7901",
+ "https://github.com/gitgitgadget/git/pull/904"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3121",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "severity": "High",
+ "vulnerable_component": "go://github.com/gogo/protobuf:1.3.1",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19",
+ "generic://sha256:b84ef41d3c1475030530e35d53f1fd66ed6c387ee1b44e386c7268ba59734c8c/sha256__b84ef41d3c1475030530e35d53f1fd66ed6c387ee1b44e386c7268ba59734c8c.tar.gz",
+ "generic://sha256:de68e31ea1e17d9f30885760ff9713f903bd9df50c034ca13ea83da8e4cf20f2/kustomize-controller",
+ "go://github.com/gogo/protobuf:1.3.1"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19/",
+ "fixed_versions": [
+ "1.3.2"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-05-11T10:01:50+10:00",
+ "issue_id": "XRAY-139136",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "references": [
+ "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E",
+ "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E",
+ "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2",
+ "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite sqliteInt.h sqlite3ExpandSubquery() Function Declaration Unspecified Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:sqlite-libs:3.34.1-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19",
+ "generic://sha256:1c867954d5aff64e884bfc58571f2c2c347e5b0ee9b1c8e8e671ccd7980ed2ac/sha256__1c867954d5aff64e884bfc58571f2c2c347e5b0ee9b1c8e8e671ccd7980ed2ac.tar.gz",
+ "alpine://3.13:sqlite-libs:3.34.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19/",
+ "fixed_versions": [],
+ "published": "2021-03-15T04:32:05+11:00",
+ "artifact_scan_time": "2021-05-11T10:01:50+10:00",
+ "issue_id": "XRAY-146201",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains an unspecified flaw in sqliteInt.h as the sqlite3ExpandSubquery() function is not declared for SQLITE_OMIT_WINDOWFUNC builds. This may allow an attacker to have an unspecified impact. No further details have been provided.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/7225bfef164bced949c0ba98436b1fa104546493",
+ "https://www.sqlite.org/src/info/9587fa8b29fc2f91",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/8162d64e702214e8cb12078f387e4278a3302d16",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/d9581878fcf81ec8beda15b079726edaddd775bb",
+ "https://chromium.googlesource.com/chromium/src/+/b8631d09aaba64ee30d492e47e6ccf43860e0cac",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1183883",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1161048",
+ "https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "GNU Libtasn1 lib/int.h ETYPE_OK Macro ASN.1 Type Encoding Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:libtasn1:4.16.0-r1",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19",
+ "generic://sha256:1c867954d5aff64e884bfc58571f2c2c347e5b0ee9b1c8e8e671ccd7980ed2ac/sha256__1c867954d5aff64e884bfc58571f2c2c347e5b0ee9b1c8e8e671ccd7980ed2ac.tar.gz",
+ "alpine://3.13:libtasn1:4.16.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19/",
+ "fixed_versions": [],
+ "published": "2021-02-10T04:07:40+11:00",
+ "artifact_scan_time": "2021-05-11T10:01:50+10:00",
+ "issue_id": "XRAY-140262",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU Libtasn1 contains an out-of-bounds read flaw in the ETYPE_OK() macro in lib/int.h that is triggered when encoding ASN.1 types. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://gitlab.com/gnutls/libtasn1/-/issues/32"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "GNU dbm (GDBM) bucket.c _gdbm_get_bucket() Function Improper Bucket Re-initialization Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:gdbm:1.19-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19",
+ "generic://sha256:1c867954d5aff64e884bfc58571f2c2c347e5b0ee9b1c8e8e671ccd7980ed2ac/sha256__1c867954d5aff64e884bfc58571f2c2c347e5b0ee9b1c8e8e671ccd7980ed2ac.tar.gz",
+ "alpine://3.13:gdbm:1.19-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19/",
+ "fixed_versions": [],
+ "published": "2021-03-19T00:44:44+11:00",
+ "artifact_scan_time": "2021-05-11T10:01:50+10:00",
+ "issue_id": "XRAY-147853",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU dbm (GDBM) contains an out-of-bounds read flaw in the _gdbm_get_bucket() function in bucket.c that is triggered as buckets are not properly re-initialized when a failure occurs. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=40a464d322c720c88a50c3eb0a8c1d87e6079f89",
+ "/vulnerabilities/251924",
+ "https://puszcza.gnu.org.ua/bugs/?501"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite btree.c balance_nonroot() Function Database File Handling Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:sqlite-libs:3.34.1-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19",
+ "generic://sha256:1c867954d5aff64e884bfc58571f2c2c347e5b0ee9b1c8e8e671ccd7980ed2ac/sha256__1c867954d5aff64e884bfc58571f2c2c347e5b0ee9b1c8e8e671ccd7980ed2ac.tar.gz",
+ "alpine://3.13:sqlite-libs:3.34.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19/",
+ "fixed_versions": [],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-05-11T10:01:50+10:00",
+ "issue_id": "XRAY-173004",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains a flaw in the balance_nonroot() function in btree.c that is triggered when handling a specially crafted database file. This may allow a context-dependent attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/1e06c70eb073a92e683c55ffb8471301db999b75",
+ "https://github.com/sqlite/sqlite/commit/1f9f5766954d250a00da59f7f7c1fc57d9032a6e",
+ "https://www.sqlite.org/src/info/39c8686cabe6c437",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/60efbb3584af2ba05e1935b3e07d3a861841db7c",
+ "https://github.com/chromium/chromium/commit/78157c349734be628ac9eef25a897a50bd31b8cd",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1175522",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1181276",
+ "https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1198709"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3345",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "_gcry_md_block_write in cipher/hash-common.c in Libgcrypt before 1.9.1 has a heap-based buffer overflow when the digest final function sets a large count value.",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:libgcrypt:1.8.7-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19",
+ "generic://sha256:1c867954d5aff64e884bfc58571f2c2c347e5b0ee9b1c8e8e671ccd7980ed2ac/sha256__1c867954d5aff64e884bfc58571f2c2c347e5b0ee9b1c8e8e671ccd7980ed2ac.tar.gz",
+ "alpine://3.13:libgcrypt:1.8.7-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19/",
+ "fixed_versions": [],
+ "published": "2021-02-02T04:46:15+11:00",
+ "artifact_scan_time": "2021-05-11T10:01:50+10:00",
+ "issue_id": "XRAY-139180",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "_gcry_md_block_write in cipher/hash-common.c in Libgcrypt before 1.9.1 has a heap-based buffer overflow when the digest final function sets a large count value.",
+ "references": [
+ "https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000456.html",
+ "https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000455.html",
+ "https://gnupg.org",
+ "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=512c0c75276949f13b6373b5c04f7065af750b08",
+ "https://bugs.gentoo.org/show_bug.cgi?id=767814"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite pcache1.c pcache1AllocPage() Function Uninitialized Memory Use Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:sqlite-libs:3.34.1-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19",
+ "generic://sha256:1c867954d5aff64e884bfc58571f2c2c347e5b0ee9b1c8e8e671ccd7980ed2ac/sha256__1c867954d5aff64e884bfc58571f2c2c347e5b0ee9b1c8e8e671ccd7980ed2ac.tar.gz",
+ "alpine://3.13:sqlite-libs:3.34.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__a77cb044143754676a9ef1a506a5c2372a7ea008ab0995e5c400abd275bc4b19/",
+ "fixed_versions": [],
+ "published": "2021-04-20T00:31:27+10:00",
+ "artifact_scan_time": "2021-05-11T10:01:50+10:00",
+ "issue_id": "XRAY-172950",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains a flaw in the pcache1AllocPage() function in pcache1.c related to use of uninitialized memory. The issue is triggered when handling specially crafted database files. This may allow a context-dependent attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/1e06c70eb073a92e683c55ffb8471301db999b75",
+ "https://github.com/sqlite/sqlite/commit/1f9f5766954d250a00da59f7f7c1fc57d9032a6e",
+ "https://www.sqlite.org/src/info/39c8686cabe6c437",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/60efbb3584af2ba05e1935b3e07d3a861841db7c",
+ "https://github.com/chromium/chromium/commit/78157c349734be628ac9eef25a897a50bd31b8cd",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1175522",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1181276",
+ "https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1198709"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-14363",
+ "cvss_v2_score": 4.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.6,
+ "cvss3_max_score": 7.8,
+ "summary": "CVE-2020-14363 libX11: integer overflow leads to double free in locale handling (important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:libX11:0:1.6.8-3.el8",
+ "impacted_artifact": "rpm://8:libX11:0:1.6.8-3.el8",
+ "impact_path": [
+ "rpm://8:libX11:0:1.6.8-3.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/l/libX11-1.6.8-3.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T16:18:32+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:40+11:00",
+ "issue_id": "XRAY-134873",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to confidentiality, integrity as well as system availability. STATEMENT: Xorg server does not run with root privileges in Red Hat Enterprise Linux 8. Therefore this flaw has been rated as having a moderate impact for Red Hat Enterprise Linux 8.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-14363"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "GNU dbm (GDBM) bucket.c _gdbm_get_bucket() Function Improper Bucket Re-initialization Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:gdbm:1.13-r1",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b",
+ "generic://sha256:3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e/sha256__3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e.tar.gz",
+ "alpine://3.12:gdbm:1.13-r1"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b/",
+ "fixed_versions": [],
+ "published": "2021-03-19T00:44:44+11:00",
+ "artifact_scan_time": "2021-05-04T23:25:34+10:00",
+ "issue_id": "XRAY-147853",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU dbm (GDBM) contains an out-of-bounds read flaw in the _gdbm_get_bucket() function in bucket.c that is triggered as buckets are not properly re-initialized when a failure occurs. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=40a464d322c720c88a50c3eb0a8c1d87e6079f89",
+ "/vulnerabilities/251924",
+ "https://puszcza.gnu.org.ua/bugs/?501"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.5,
+ "summary": "Alpine Package Keeper (apk-tools) io.c apk_resolve_[ug]id() Functions Username / Groupname TAR Header Field Handling Out-of-bounds Read DoS Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:apk-tools:2.10.5-r1",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b",
+ "generic://sha256:188c0c94c7c576fff0792aca7ec73d67a2f7f4cb3a6e53a84559337260b36964/sha256__188c0c94c7c576fff0792aca7ec73d67a2f7f4cb3a6e53a84559337260b36964.tar.gz",
+ "alpine://3.12:apk-tools:2.10.5-r1"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b/",
+ "fixed_versions": [
+ "2.10.6-r0"
+ ],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-05-04T23:25:34+10:00",
+ "issue_id": "XRAY-173006",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Alpine Package Keeper (apk-tools) contains an out-of-bounds read flaw in the apk_resolve_uid() and apk_resolve_gid() functions in io.c that is triggered as username and groupname header fields are not properly checked for string terminators when parsing TAR file headers. This can potentially allow a context-dependent attacker to cause a denial of service.",
+ "references": [
+ "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741",
+ "https://github.com/docker-library/official-images/pull/9982",
+ "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606",
+ "https://github.com/alpinelinux/apk-tools/commit/f7143c1766ae59489ac922e890ffe6d4a61c3b2d",
+ "https://github.com/alpinelinux/aports/commit/aa740eb10ca7b8386cadc8761da1e30ed931486c",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-30139"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite pcache1.c pcache1AllocPage() Function Uninitialized Memory Use Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:sqlite-libs:3.32.1-r0",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b",
+ "generic://sha256:3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e/sha256__3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e.tar.gz",
+ "alpine://3.12:sqlite-libs:3.32.1-r0"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b/",
+ "fixed_versions": [],
+ "published": "2021-04-20T00:31:27+10:00",
+ "artifact_scan_time": "2021-05-04T23:25:34+10:00",
+ "issue_id": "XRAY-172950",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains a flaw in the pcache1AllocPage() function in pcache1.c related to use of uninitialized memory. The issue is triggered when handling specially crafted database files. This may allow a context-dependent attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/1e06c70eb073a92e683c55ffb8471301db999b75",
+ "https://github.com/sqlite/sqlite/commit/1f9f5766954d250a00da59f7f7c1fc57d9032a6e",
+ "https://www.sqlite.org/src/info/39c8686cabe6c437",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/60efbb3584af2ba05e1935b3e07d3a861841db7c",
+ "https://github.com/chromium/chromium/commit/78157c349734be628ac9eef25a897a50bd31b8cd",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1175522",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1181276",
+ "https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1198709"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-14343",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 9.8,
+ "summary": "A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747.",
+ "severity": "High",
+ "vulnerable_component": "pypi://PyYAML:5.3.1",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b",
+ "generic://sha256:183d4d258a7b496e1387f9f2f0d99edbfca485924f66f2d754bed343570963f1/sha256__183d4d258a7b496e1387f9f2f0d99edbfca485924f66f2d754bed343570963f1.tar.gz",
+ "pypi://PyYAML:5.3.1"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b/",
+ "fixed_versions": [
+ "5.4b1"
+ ],
+ "published": "2021-02-10T20:41:09+11:00",
+ "artifact_scan_time": "2021-05-04T23:25:34+10:00",
+ "issue_id": "XRAY-140308",
+ "package_type": "pypi",
+ "provider": "JFrog",
+ "description": "A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747.",
+ "references": [
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1860466"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "OpenSSL crypto/rc5/rc5_skey.c RC5_32_set_key() Function Key Initialization Stack Buffer Overflow",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:libssl1.1:1.1.1g-r0",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b",
+ "generic://sha256:188c0c94c7c576fff0792aca7ec73d67a2f7f4cb3a6e53a84559337260b36964/sha256__188c0c94c7c576fff0792aca7ec73d67a2f7f4cb3a6e53a84559337260b36964.tar.gz",
+ "alpine://3.12:libssl1.1:1.1.1g-r0"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b/",
+ "fixed_versions": [],
+ "published": "2020-09-10T01:18:57+10:00",
+ "artifact_scan_time": "2021-05-04T23:25:34+10:00",
+ "issue_id": "XRAY-124116",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "OpenSSL contains an overflow condition in the RC5_32_set_key() function in crypto/rc5/rc5_skey.c that is triggered as certain input is not properly validated when initializing encryption or decryption keys. This may allow a context-dependent attacker to cause a stack-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.",
+ "references": [
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17173"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite sqliteInt.h sqlite3ExpandSubquery() Function Declaration Unspecified Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:sqlite-libs:3.32.1-r0",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b",
+ "generic://sha256:3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e/sha256__3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e.tar.gz",
+ "alpine://3.12:sqlite-libs:3.32.1-r0"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b/",
+ "fixed_versions": [],
+ "published": "2021-03-15T04:32:05+11:00",
+ "artifact_scan_time": "2021-05-04T23:25:34+10:00",
+ "issue_id": "XRAY-146201",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains an unspecified flaw in sqliteInt.h as the sqlite3ExpandSubquery() function is not declared for SQLITE_OMIT_WINDOWFUNC builds. This may allow an attacker to have an unspecified impact. No further details have been provided.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/7225bfef164bced949c0ba98436b1fa104546493",
+ "https://www.sqlite.org/src/info/9587fa8b29fc2f91",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/8162d64e702214e8cb12078f387e4278a3302d16",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/d9581878fcf81ec8beda15b079726edaddd775bb",
+ "https://chromium.googlesource.com/chromium/src/+/b8631d09aaba64ee30d492e47e6ccf43860e0cac",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1183883",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1161048",
+ "https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "BusyBox archival/libarchive/decompress_bunzip2.c get_next_block() Function Selectors Handling Out-of-bounds Write DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:ssl_client:1.31.1-r19",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b",
+ "generic://sha256:188c0c94c7c576fff0792aca7ec73d67a2f7f4cb3a6e53a84559337260b36964/sha256__188c0c94c7c576fff0792aca7ec73d67a2f7f4cb3a6e53a84559337260b36964.tar.gz",
+ "alpine://3.12:ssl_client:1.31.1-r19"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b/",
+ "fixed_versions": [],
+ "published": "2020-10-07T02:24:17+11:00",
+ "artifact_scan_time": "2021-05-04T23:25:34+10:00",
+ "issue_id": "XRAY-125951",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "BusyBox contains an out-of-bounds write flaw in the get_next_block() function in archival/libarchive/decompress_bunzip2.c that is triggered when handling a large number of selectors while decompressing BZIP2 files. This may allow a context-dependent attacker to cause a crash.",
+ "references": [
+ "https://bugs.buildroot.org/show_bug.cgi?id=12916"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "SQLite select.c havingToWhereExprCb() Function Sub-query WHERE / HAVING Clause Use-after-free Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:sqlite-libs:3.32.1-r0",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b",
+ "generic://sha256:3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e/sha256__3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e.tar.gz",
+ "alpine://3.12:sqlite-libs:3.32.1-r0"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b/",
+ "fixed_versions": [],
+ "published": "2021-01-25T01:49:19+11:00",
+ "artifact_scan_time": "2021-05-04T23:25:34+10:00",
+ "issue_id": "XRAY-138828",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains a use-after-free error in the havingToWhereExprCb() function in select.c that is triggered when handling sub-queries with a WHERE and \"HAVING 0\" clause and where the parent query is an aggregate. This may allow a context-dependent attacker to dereference already freed memory and have an unspecified impact.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/f39168e468af3b1d6b6d37efdcb081eced6724b2",
+ "https://www.sqlite.org/src/info/30a4c323650cc949",
+ "http://www.sqlite.org/changes.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "GNU dbm (GDBM) gdbmopen.c gdbm_avail_block_validate() Function Block Validation Out-of-bounds Read DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:gdbm:1.13-r1",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b",
+ "generic://sha256:3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e/sha256__3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e.tar.gz",
+ "alpine://3.12:gdbm:1.13-r1"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b/",
+ "fixed_versions": [],
+ "published": "2021-03-19T02:44:49+11:00",
+ "artifact_scan_time": "2021-05-04T23:25:34+10:00",
+ "issue_id": "XRAY-147947",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU dbm (GDBM) contains an out-of-bounds read flaw in the gdbm_avail_block_validate() function in gdbmopen.c that is triggered when validating available blocks. This may allow a context-dependent attacker to crash a process linked against the library.",
+ "references": [
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=9405ce2373ae5d64fc370c8b5ff280a92f15d01f",
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=4fe603315b4e5189ff5ba31fb9ef0bedd625202a",
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=7011ecbaf12a07f912eaf1b3ed6d3a528cefc7ad",
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=fd5cf245ea6d3e2f36dc349d8013ef62f4a9d532",
+ "/vulnerabilities/251922",
+ "https://puszcza.gnu.org.ua/bugs/?501",
+ "https://puszcza.gnu.org.ua/bugs/?503"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite btree.c balance_nonroot() Function Database File Handling Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:sqlite-libs:3.32.1-r0",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b",
+ "generic://sha256:3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e/sha256__3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e.tar.gz",
+ "alpine://3.12:sqlite-libs:3.32.1-r0"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b/",
+ "fixed_versions": [],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-05-04T23:25:34+10:00",
+ "issue_id": "XRAY-173004",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains a flaw in the balance_nonroot() function in btree.c that is triggered when handling a specially crafted database file. This may allow a context-dependent attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/1e06c70eb073a92e683c55ffb8471301db999b75",
+ "https://github.com/sqlite/sqlite/commit/1f9f5766954d250a00da59f7f7c1fc57d9032a6e",
+ "https://www.sqlite.org/src/info/39c8686cabe6c437",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/60efbb3584af2ba05e1935b3e07d3a861841db7c",
+ "https://github.com/chromium/chromium/commit/78157c349734be628ac9eef25a897a50bd31b8cd",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1175522",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1181276",
+ "https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1198709"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "OpenSSL crypto/rc5/rc5_skey.c RC5_32_set_key() Function Key Initialization Stack Buffer Overflow",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:libcrypto1.1:1.1.1g-r0",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b",
+ "generic://sha256:188c0c94c7c576fff0792aca7ec73d67a2f7f4cb3a6e53a84559337260b36964/sha256__188c0c94c7c576fff0792aca7ec73d67a2f7f4cb3a6e53a84559337260b36964.tar.gz",
+ "alpine://3.12:libcrypto1.1:1.1.1g-r0"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b/",
+ "fixed_versions": [],
+ "published": "2020-09-10T01:18:57+10:00",
+ "artifact_scan_time": "2021-05-04T23:25:34+10:00",
+ "issue_id": "XRAY-124116",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "OpenSSL contains an overflow condition in the RC5_32_set_key() function in crypto/rc5/rc5_skey.c that is triggered as certain input is not properly validated when initializing encryption or decryption keys. This may allow a context-dependent attacker to cause a stack-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.",
+ "references": [
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17173"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "BusyBox archival/libarchive/decompress_bunzip2.c get_next_block() Function Selectors Handling Out-of-bounds Write DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:busybox:1.31.1-r19",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b",
+ "generic://sha256:188c0c94c7c576fff0792aca7ec73d67a2f7f4cb3a6e53a84559337260b36964/sha256__188c0c94c7c576fff0792aca7ec73d67a2f7f4cb3a6e53a84559337260b36964.tar.gz",
+ "alpine://3.12:busybox:1.31.1-r19"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__7cba93c3dde21c78fe07ee3f8ed8d82d05bf00415392606401df8a7d72057b5b/",
+ "fixed_versions": [],
+ "published": "2020-10-07T02:24:17+11:00",
+ "artifact_scan_time": "2021-05-04T23:25:34+10:00",
+ "issue_id": "XRAY-125951",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "BusyBox contains an out-of-bounds write flaw in the get_next_block() function in archival/libarchive/decompress_bunzip2.c that is triggered when handling a large number of selectors while decompressing BZIP2 files. This may allow a context-dependent attacker to cause a crash.",
+ "references": [
+ "https://bugs.buildroot.org/show_bug.cgi?id=12916"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-14363",
+ "cvss_v2_score": 4.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.6,
+ "cvss3_max_score": 7.8,
+ "summary": "CVE-2020-14363 libX11: integer overflow leads to double free in locale handling (important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:libX11-common:0:1.6.8-4.el8",
+ "impacted_artifact": "rpm://8:libX11-common:0:1.6.8-4.el8",
+ "impact_path": [
+ "rpm://8:libX11-common:0:1.6.8-4.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/l/libX11-common-1.6.8-4.el8.noarch.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T16:18:32+11:00",
+ "artifact_scan_time": "2021-05-20T14:20:12+10:00",
+ "issue_id": "XRAY-134873",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to confidentiality, integrity as well as system availability. STATEMENT: Xorg server does not run with root privileges in Red Hat Enterprise Linux 8. Therefore this flaw has been rated as having a moderate impact for Red Hat Enterprise Linux 8.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-14363"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-25014",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss3_max_score": 9.8,
+ "summary": "CVE-2018-25014 libwebp: use of uninitialized value in ReadSymbol() (important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:libwebp:0:1.0.0-1.el8",
+ "impacted_artifact": "rpm://8:libwebp:0:1.0.0-1.el8",
+ "impact_path": [
+ "rpm://8:libwebp:0:1.0.0-1.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/l/libwebp-1.0.0-1.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2021-05-19T19:27:06+10:00",
+ "artifact_scan_time": "2021-01-27T22:02:38+11:00",
+ "issue_id": "XRAY-175978",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in libwebp. An unitialized variable is used in function ReadSymbol. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. STATEMENT: This issue did not affect the versions of Firefox and Thunderbird as shipped with Red Hat Enterprise Linux 7, and 8 as they embed the fixed version of libwebp.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2018-25014"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-25011",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss3_max_score": 9.8,
+ "summary": "CVE-2018-25011 libwebp: heap-based buffer overflow in PutLE16() (important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:libwebp:0:1.0.0-1.el8",
+ "impacted_artifact": "rpm://8:libwebp:0:1.0.0-1.el8",
+ "impact_path": [
+ "rpm://8:libwebp:0:1.0.0-1.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/l/libwebp-1.0.0-1.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2021-05-19T19:27:29+10:00",
+ "artifact_scan_time": "2021-01-27T22:02:38+11:00",
+ "issue_id": "XRAY-175982",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in libwebp. A heap-based buffer overflow was found in PutLE16(). The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. STATEMENT: This issue did not affect the versions of Firefox and Thunderbird as shipped with Red Hat Enterprise Linux 7, and 8 as they embed the fixed version of libwebp.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2018-25011"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-36328",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss3_max_score": 9.8,
+ "summary": "CVE-2020-36328 libwebp: heap-based buffer overflow in WebPDecode*Into functions (important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:libwebp:0:1.0.0-1.el8",
+ "impacted_artifact": "rpm://8:libwebp:0:1.0.0-1.el8",
+ "impact_path": [
+ "rpm://8:libwebp:0:1.0.0-1.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/l/libwebp-1.0.0-1.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2021-05-14T19:28:05+10:00",
+ "artifact_scan_time": "2021-01-27T22:02:38+11:00",
+ "issue_id": "XRAY-175527",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in libwebp. A heap-based buffer overflow in functions WebPDecode*Into is possible due to an invalid check for buffer size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. STATEMENT: This issue did not affect the versions of Firefox and Thunderbird as shipped with Red Hat Enterprise Linux 7, and 8 as they embed the fixed version of libwebp.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-36328"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-36329",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss3_max_score": 9.8,
+ "summary": "CVE-2020-36329 libwebp: use-after-free in EmitFancyRGB() in dec/io_dec.c (important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:libwebp:0:1.0.0-1.el8",
+ "impacted_artifact": "rpm://8:libwebp:0:1.0.0-1.el8",
+ "impact_path": [
+ "rpm://8:libwebp:0:1.0.0-1.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/l/libwebp-1.0.0-1.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2021-05-14T19:28:05+10:00",
+ "artifact_scan_time": "2021-01-27T22:02:38+11:00",
+ "issue_id": "XRAY-175528",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in libwebp. A use-after-free was found due to a thread being killed too early. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. STATEMENT: This issue did not affect the versions of Firefox and Thunderbird as shipped with Red Hat Enterprise Linux 7, and 8 as they embed the fixed version of libwebp.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-36329"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "BusyBox archival/libarchive/decompress_bunzip2.c get_next_block() Function Selectors Handling Out-of-bounds Write DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:busybox:1.31.1-r19",
+ "impacted_artifact": "docker://fluxcd/image-reflector-controller:sha256__e4563b1d9be6346b81b71f27869efa0a7f34f3d91da9713630852a4bc04ec2bf",
+ "impact_path": [
+ "docker://fluxcd/image-reflector-controller:sha256__e4563b1d9be6346b81b71f27869efa0a7f34f3d91da9713630852a4bc04ec2bf",
+ "generic://sha256:801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea/sha256__801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea.tar.gz",
+ "alpine://3.12:busybox:1.31.1-r19"
+ ],
+ "path": "dockerhub-remote/fluxcd/image-reflector-controller/sha256__e4563b1d9be6346b81b71f27869efa0a7f34f3d91da9713630852a4bc04ec2bf/",
+ "fixed_versions": [],
+ "published": "2020-10-07T02:24:17+11:00",
+ "artifact_scan_time": "2021-02-02T11:34:41+11:00",
+ "issue_id": "XRAY-125951",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "BusyBox contains an out-of-bounds write flaw in the get_next_block() function in archival/libarchive/decompress_bunzip2.c that is triggered when handling a large number of selectors while decompressing BZIP2 files. This may allow a context-dependent attacker to cause a crash.",
+ "references": [
+ "https://bugs.buildroot.org/show_bug.cgi?id=12916"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "BusyBox archival/libarchive/decompress_bunzip2.c get_next_block() Function Selectors Handling Out-of-bounds Write DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:ssl_client:1.31.1-r19",
+ "impacted_artifact": "docker://fluxcd/image-reflector-controller:sha256__e4563b1d9be6346b81b71f27869efa0a7f34f3d91da9713630852a4bc04ec2bf",
+ "impact_path": [
+ "docker://fluxcd/image-reflector-controller:sha256__e4563b1d9be6346b81b71f27869efa0a7f34f3d91da9713630852a4bc04ec2bf",
+ "generic://sha256:801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea/sha256__801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea.tar.gz",
+ "alpine://3.12:ssl_client:1.31.1-r19"
+ ],
+ "path": "dockerhub-remote/fluxcd/image-reflector-controller/sha256__e4563b1d9be6346b81b71f27869efa0a7f34f3d91da9713630852a4bc04ec2bf/",
+ "fixed_versions": [],
+ "published": "2020-10-07T02:24:17+11:00",
+ "artifact_scan_time": "2021-02-02T11:34:41+11:00",
+ "issue_id": "XRAY-125951",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "BusyBox contains an out-of-bounds write flaw in the get_next_block() function in archival/libarchive/decompress_bunzip2.c that is triggered when handling a large number of selectors while decompressing BZIP2 files. This may allow a context-dependent attacker to cause a crash.",
+ "references": [
+ "https://bugs.buildroot.org/show_bug.cgi?id=12916"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.5,
+ "summary": "Alpine Package Keeper (apk-tools) io.c apk_resolve_[ug]id() Functions Username / Groupname TAR Header Field Handling Out-of-bounds Read DoS Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:apk-tools:2.10.5-r1",
+ "impacted_artifact": "docker://fluxcd/image-reflector-controller:sha256__e4563b1d9be6346b81b71f27869efa0a7f34f3d91da9713630852a4bc04ec2bf",
+ "impact_path": [
+ "docker://fluxcd/image-reflector-controller:sha256__e4563b1d9be6346b81b71f27869efa0a7f34f3d91da9713630852a4bc04ec2bf",
+ "generic://sha256:801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea/sha256__801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea.tar.gz",
+ "alpine://3.12:apk-tools:2.10.5-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/image-reflector-controller/sha256__e4563b1d9be6346b81b71f27869efa0a7f34f3d91da9713630852a4bc04ec2bf/",
+ "fixed_versions": [
+ "2.10.6-r0"
+ ],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-02-02T11:34:41+11:00",
+ "issue_id": "XRAY-173006",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Alpine Package Keeper (apk-tools) contains an out-of-bounds read flaw in the apk_resolve_uid() and apk_resolve_gid() functions in io.c that is triggered as username and groupname header fields are not properly checked for string terminators when parsing TAR file headers. This can potentially allow a context-dependent attacker to cause a denial of service.",
+ "references": [
+ "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741",
+ "https://github.com/docker-library/official-images/pull/9982",
+ "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606",
+ "https://github.com/alpinelinux/apk-tools/commit/f7143c1766ae59489ac922e890ffe6d4a61c3b2d",
+ "https://github.com/alpinelinux/aports/commit/aa740eb10ca7b8386cadc8761da1e30ed931486c",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-30139"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3121",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "severity": "High",
+ "vulnerable_component": "go://github.com/gogo/protobuf:1.3.1",
+ "impacted_artifact": "docker://fluxcd/image-reflector-controller:sha256__e4563b1d9be6346b81b71f27869efa0a7f34f3d91da9713630852a4bc04ec2bf",
+ "impact_path": [
+ "docker://fluxcd/image-reflector-controller:sha256__e4563b1d9be6346b81b71f27869efa0a7f34f3d91da9713630852a4bc04ec2bf",
+ "generic://sha256:d4a67df5ac35a821db126dff0661a2132e9a185fe932a26fc689131c1a716772/sha256__d4a67df5ac35a821db126dff0661a2132e9a185fe932a26fc689131c1a716772.tar.gz",
+ "generic://sha256:4c80217616bc74ee2f25529617ca5b34889a981c0d011f5e2aaae1d97e6c2852/image-reflector-controller",
+ "go://github.com/gogo/protobuf:1.3.1"
+ ],
+ "path": "dockerhub-remote/fluxcd/image-reflector-controller/sha256__e4563b1d9be6346b81b71f27869efa0a7f34f3d91da9713630852a4bc04ec2bf/",
+ "fixed_versions": [
+ "1.3.2"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-02-02T11:34:41+11:00",
+ "issue_id": "XRAY-139136",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "references": [
+ "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E",
+ "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E",
+ "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2",
+ "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite sqliteInt.h sqlite3ExpandSubquery() Function Declaration Unspecified Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:sqlite-libs:3.34.1-r0",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__510a3ad08b8d9c244b640704cad79ccc177c2ae10412ba2f7c92c62ce5070148",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__510a3ad08b8d9c244b640704cad79ccc177c2ae10412ba2f7c92c62ce5070148",
+ "generic://sha256:079acc430bf9db22a2159b57ce704265070f563573f494369721f7753444f923/sha256__079acc430bf9db22a2159b57ce704265070f563573f494369721f7753444f923.tar.gz",
+ "alpine://3.13:sqlite-libs:3.34.1-r0"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__510a3ad08b8d9c244b640704cad79ccc177c2ae10412ba2f7c92c62ce5070148/",
+ "fixed_versions": [],
+ "published": "2021-03-15T04:32:05+11:00",
+ "artifact_scan_time": "2021-02-12T11:47:49+11:00",
+ "issue_id": "XRAY-146201",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains an unspecified flaw in sqliteInt.h as the sqlite3ExpandSubquery() function is not declared for SQLITE_OMIT_WINDOWFUNC builds. This may allow an attacker to have an unspecified impact. No further details have been provided.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/7225bfef164bced949c0ba98436b1fa104546493",
+ "https://www.sqlite.org/src/info/9587fa8b29fc2f91",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/8162d64e702214e8cb12078f387e4278a3302d16",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/d9581878fcf81ec8beda15b079726edaddd775bb",
+ "https://chromium.googlesource.com/chromium/src/+/b8631d09aaba64ee30d492e47e6ccf43860e0cac",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1183883",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1161048",
+ "https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "GNU dbm (GDBM) gdbmopen.c gdbm_avail_block_validate() Function Block Validation Out-of-bounds Read DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:gdbm:1.19-r0",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__510a3ad08b8d9c244b640704cad79ccc177c2ae10412ba2f7c92c62ce5070148",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__510a3ad08b8d9c244b640704cad79ccc177c2ae10412ba2f7c92c62ce5070148",
+ "generic://sha256:079acc430bf9db22a2159b57ce704265070f563573f494369721f7753444f923/sha256__079acc430bf9db22a2159b57ce704265070f563573f494369721f7753444f923.tar.gz",
+ "alpine://3.13:gdbm:1.19-r0"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__510a3ad08b8d9c244b640704cad79ccc177c2ae10412ba2f7c92c62ce5070148/",
+ "fixed_versions": [],
+ "published": "2021-03-19T02:44:49+11:00",
+ "artifact_scan_time": "2021-02-12T11:47:49+11:00",
+ "issue_id": "XRAY-147947",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU dbm (GDBM) contains an out-of-bounds read flaw in the gdbm_avail_block_validate() function in gdbmopen.c that is triggered when validating available blocks. This may allow a context-dependent attacker to crash a process linked against the library.",
+ "references": [
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=9405ce2373ae5d64fc370c8b5ff280a92f15d01f",
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=4fe603315b4e5189ff5ba31fb9ef0bedd625202a",
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=7011ecbaf12a07f912eaf1b3ed6d3a528cefc7ad",
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=fd5cf245ea6d3e2f36dc349d8013ef62f4a9d532",
+ "/vulnerabilities/251922",
+ "https://puszcza.gnu.org.ua/bugs/?501",
+ "https://puszcza.gnu.org.ua/bugs/?503"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite pcache1.c pcache1AllocPage() Function Uninitialized Memory Use Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:sqlite-libs:3.34.1-r0",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__510a3ad08b8d9c244b640704cad79ccc177c2ae10412ba2f7c92c62ce5070148",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__510a3ad08b8d9c244b640704cad79ccc177c2ae10412ba2f7c92c62ce5070148",
+ "generic://sha256:079acc430bf9db22a2159b57ce704265070f563573f494369721f7753444f923/sha256__079acc430bf9db22a2159b57ce704265070f563573f494369721f7753444f923.tar.gz",
+ "alpine://3.13:sqlite-libs:3.34.1-r0"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__510a3ad08b8d9c244b640704cad79ccc177c2ae10412ba2f7c92c62ce5070148/",
+ "fixed_versions": [],
+ "published": "2021-04-20T00:31:27+10:00",
+ "artifact_scan_time": "2021-02-12T11:47:49+11:00",
+ "issue_id": "XRAY-172950",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains a flaw in the pcache1AllocPage() function in pcache1.c related to use of uninitialized memory. The issue is triggered when handling specially crafted database files. This may allow a context-dependent attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/1e06c70eb073a92e683c55ffb8471301db999b75",
+ "https://github.com/sqlite/sqlite/commit/1f9f5766954d250a00da59f7f7c1fc57d9032a6e",
+ "https://www.sqlite.org/src/info/39c8686cabe6c437",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/60efbb3584af2ba05e1935b3e07d3a861841db7c",
+ "https://github.com/chromium/chromium/commit/78157c349734be628ac9eef25a897a50bd31b8cd",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1175522",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1181276",
+ "https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1198709"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.5,
+ "summary": "Alpine Package Keeper (apk-tools) io.c apk_resolve_[ug]id() Functions Username / Groupname TAR Header Field Handling Out-of-bounds Read DoS Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:apk-tools:2.12.1-r0",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__510a3ad08b8d9c244b640704cad79ccc177c2ae10412ba2f7c92c62ce5070148",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__510a3ad08b8d9c244b640704cad79ccc177c2ae10412ba2f7c92c62ce5070148",
+ "generic://sha256:4c0d98bf9879488e0407f897d9dd4bf758555a78e39675e72b5124ccf12c2580/sha256__4c0d98bf9879488e0407f897d9dd4bf758555a78e39675e72b5124ccf12c2580.tar.gz",
+ "alpine://3.13:apk-tools:2.12.1-r0"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__510a3ad08b8d9c244b640704cad79ccc177c2ae10412ba2f7c92c62ce5070148/",
+ "fixed_versions": [
+ "2.12.5-r0"
+ ],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-02-12T11:47:49+11:00",
+ "issue_id": "XRAY-173006",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Alpine Package Keeper (apk-tools) contains an out-of-bounds read flaw in the apk_resolve_uid() and apk_resolve_gid() functions in io.c that is triggered as username and groupname header fields are not properly checked for string terminators when parsing TAR file headers. This can potentially allow a context-dependent attacker to cause a denial of service.",
+ "references": [
+ "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741",
+ "https://github.com/docker-library/official-images/pull/9982",
+ "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606",
+ "https://github.com/alpinelinux/apk-tools/commit/f7143c1766ae59489ac922e890ffe6d4a61c3b2d",
+ "https://github.com/alpinelinux/aports/commit/aa740eb10ca7b8386cadc8761da1e30ed931486c",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-30139"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "GNU dbm (GDBM) bucket.c _gdbm_get_bucket() Function Improper Bucket Re-initialization Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:gdbm:1.19-r0",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__510a3ad08b8d9c244b640704cad79ccc177c2ae10412ba2f7c92c62ce5070148",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__510a3ad08b8d9c244b640704cad79ccc177c2ae10412ba2f7c92c62ce5070148",
+ "generic://sha256:079acc430bf9db22a2159b57ce704265070f563573f494369721f7753444f923/sha256__079acc430bf9db22a2159b57ce704265070f563573f494369721f7753444f923.tar.gz",
+ "alpine://3.13:gdbm:1.19-r0"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__510a3ad08b8d9c244b640704cad79ccc177c2ae10412ba2f7c92c62ce5070148/",
+ "fixed_versions": [],
+ "published": "2021-03-19T00:44:44+11:00",
+ "artifact_scan_time": "2021-02-12T11:47:49+11:00",
+ "issue_id": "XRAY-147853",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU dbm (GDBM) contains an out-of-bounds read flaw in the _gdbm_get_bucket() function in bucket.c that is triggered as buckets are not properly re-initialized when a failure occurs. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=40a464d322c720c88a50c3eb0a8c1d87e6079f89",
+ "/vulnerabilities/251924",
+ "https://puszcza.gnu.org.ua/bugs/?501"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite btree.c balance_nonroot() Function Database File Handling Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:sqlite-libs:3.34.1-r0",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__510a3ad08b8d9c244b640704cad79ccc177c2ae10412ba2f7c92c62ce5070148",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__510a3ad08b8d9c244b640704cad79ccc177c2ae10412ba2f7c92c62ce5070148",
+ "generic://sha256:079acc430bf9db22a2159b57ce704265070f563573f494369721f7753444f923/sha256__079acc430bf9db22a2159b57ce704265070f563573f494369721f7753444f923.tar.gz",
+ "alpine://3.13:sqlite-libs:3.34.1-r0"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__510a3ad08b8d9c244b640704cad79ccc177c2ae10412ba2f7c92c62ce5070148/",
+ "fixed_versions": [],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-02-12T11:47:49+11:00",
+ "issue_id": "XRAY-173004",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains a flaw in the balance_nonroot() function in btree.c that is triggered when handling a specially crafted database file. This may allow a context-dependent attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/1e06c70eb073a92e683c55ffb8471301db999b75",
+ "https://github.com/sqlite/sqlite/commit/1f9f5766954d250a00da59f7f7c1fc57d9032a6e",
+ "https://www.sqlite.org/src/info/39c8686cabe6c437",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/60efbb3584af2ba05e1935b3e07d3a861841db7c",
+ "https://github.com/chromium/chromium/commit/78157c349734be628ac9eef25a897a50bd31b8cd",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1175522",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1181276",
+ "https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1198709"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "libssh2 userauth.c file_read_publickey() Function Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:libssh2:1.9.0-r1",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__5d2476f73090647afdc51019c410557cc91ce5cf060dca9977a2ee3ada5c1072",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__5d2476f73090647afdc51019c410557cc91ce5cf060dca9977a2ee3ada5c1072",
+ "generic://sha256:822cd606a4acdc3b0535ad9c4c0a1db1261c43b1ae4ccc2ac4bb72af9ba9e480/sha256__822cd606a4acdc3b0535ad9c4c0a1db1261c43b1ae4ccc2ac4bb72af9ba9e480.tar.gz",
+ "alpine://3.12:libssh2:1.9.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__5d2476f73090647afdc51019c410557cc91ce5cf060dca9977a2ee3ada5c1072/",
+ "fixed_versions": [],
+ "published": "2020-08-13T00:54:37+10:00",
+ "artifact_scan_time": "2021-02-02T11:36:04+11:00",
+ "issue_id": "XRAY-117888",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "libssh2 contains an out-of-bounds read flaw in the file_read_publickey() function in userauth.c. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://github.com/libssh2/libssh2/pull/386",
+ "https://github.com/libssh2/libssh2/commit/482055695011fabb55f3cb7598356d47a0429068"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "libssh2 transport.c _libssh2_transport_send() Function Delay-compression NULL Pointer Dereference Remote DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:libssh2:1.9.0-r1",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__5d2476f73090647afdc51019c410557cc91ce5cf060dca9977a2ee3ada5c1072",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__5d2476f73090647afdc51019c410557cc91ce5cf060dca9977a2ee3ada5c1072",
+ "generic://sha256:822cd606a4acdc3b0535ad9c4c0a1db1261c43b1ae4ccc2ac4bb72af9ba9e480/sha256__822cd606a4acdc3b0535ad9c4c0a1db1261c43b1ae4ccc2ac4bb72af9ba9e480.tar.gz",
+ "alpine://3.12:libssh2:1.9.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__5d2476f73090647afdc51019c410557cc91ce5cf060dca9977a2ee3ada5c1072/",
+ "fixed_versions": [],
+ "published": "2020-08-13T00:54:38+10:00",
+ "artifact_scan_time": "2021-02-02T11:36:04+11:00",
+ "issue_id": "XRAY-117893",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "libssh2 contains a NULL pointer dereference flaw in the _libssh2_transport_send() function in transport.c that is triggered when using the delay-compression extensions to renegotiate compression algorithm support. This may allow a remote attacker to crash a process using the library.",
+ "references": [
+ "https://github.com/libssh2/libssh2/commit/03c7c4a351712492969bcc6ca40ca421c8dfe8bc",
+ "https://github.com/libssh2/libssh2/pull/443"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "BusyBox archival/libarchive/decompress_bunzip2.c get_next_block() Function Selectors Handling Out-of-bounds Write DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:busybox:1.31.1-r19",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__5d2476f73090647afdc51019c410557cc91ce5cf060dca9977a2ee3ada5c1072",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__5d2476f73090647afdc51019c410557cc91ce5cf060dca9977a2ee3ada5c1072",
+ "generic://sha256:801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea/sha256__801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea.tar.gz",
+ "alpine://3.12:busybox:1.31.1-r19"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__5d2476f73090647afdc51019c410557cc91ce5cf060dca9977a2ee3ada5c1072/",
+ "fixed_versions": [],
+ "published": "2020-10-07T02:24:17+11:00",
+ "artifact_scan_time": "2021-02-02T11:36:04+11:00",
+ "issue_id": "XRAY-125951",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "BusyBox contains an out-of-bounds write flaw in the get_next_block() function in archival/libarchive/decompress_bunzip2.c that is triggered when handling a large number of selectors while decompressing BZIP2 files. This may allow a context-dependent attacker to cause a crash.",
+ "references": [
+ "https://bugs.buildroot.org/show_bug.cgi?id=12916"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "libssh2 kex.c kex_agree_methods() Function Key Exchange Packet Handling Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:libssh2:1.9.0-r1",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__5d2476f73090647afdc51019c410557cc91ce5cf060dca9977a2ee3ada5c1072",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__5d2476f73090647afdc51019c410557cc91ce5cf060dca9977a2ee3ada5c1072",
+ "generic://sha256:822cd606a4acdc3b0535ad9c4c0a1db1261c43b1ae4ccc2ac4bb72af9ba9e480/sha256__822cd606a4acdc3b0535ad9c4c0a1db1261c43b1ae4ccc2ac4bb72af9ba9e480.tar.gz",
+ "alpine://3.12:libssh2:1.9.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__5d2476f73090647afdc51019c410557cc91ce5cf060dca9977a2ee3ada5c1072/",
+ "fixed_versions": [],
+ "published": "2020-08-13T00:54:38+10:00",
+ "artifact_scan_time": "2021-02-02T11:36:04+11:00",
+ "issue_id": "XRAY-117889",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "libssh2 contains an out-of-bounds read flaw in the kex_agree_methods() function in kex.c that is triggered when handling key exchange packets. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://github.com/libssh2/libssh2/commit/43f24eb152b8ec62473d2de6108d7c0b267b2419",
+ "https://github.com/libssh2/libssh2/commit/d0cb72fb986139f5927af7811dc766261f59f2d9",
+ "https://github.com/libssh2/libssh2/pull/399",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16825",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16823"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "libssh2 packet.c packet_queue_listener() Function SSH Packet Parsing Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:libssh2:1.9.0-r1",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__5d2476f73090647afdc51019c410557cc91ce5cf060dca9977a2ee3ada5c1072",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__5d2476f73090647afdc51019c410557cc91ce5cf060dca9977a2ee3ada5c1072",
+ "generic://sha256:822cd606a4acdc3b0535ad9c4c0a1db1261c43b1ae4ccc2ac4bb72af9ba9e480/sha256__822cd606a4acdc3b0535ad9c4c0a1db1261c43b1ae4ccc2ac4bb72af9ba9e480.tar.gz",
+ "alpine://3.12:libssh2:1.9.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__5d2476f73090647afdc51019c410557cc91ce5cf060dca9977a2ee3ada5c1072/",
+ "fixed_versions": [],
+ "published": "2020-08-13T00:54:38+10:00",
+ "artifact_scan_time": "2021-02-02T11:36:04+11:00",
+ "issue_id": "XRAY-117890",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "libssh2 contains an out-of-bounds read flaw in the packet_queue_listener() function in packet.c that is triggered as certain input in SSH packets is not properly validated. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://github.com/libssh2/libssh2/commit/f7bc203dbeb1dd9e17beb553c50faeedc5755ead",
+ "https://github.com/libssh2/libssh2/commit/8571ab482d7591be14b47b7065eed689c92cae27",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16865",
+ "https://github.com/libssh2/libssh2/pull/404"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 7.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.1,
+ "summary": "libssh2 packet.c packet_x11_open() Function Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:libssh2:1.9.0-r1",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__5d2476f73090647afdc51019c410557cc91ce5cf060dca9977a2ee3ada5c1072",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__5d2476f73090647afdc51019c410557cc91ce5cf060dca9977a2ee3ada5c1072",
+ "generic://sha256:822cd606a4acdc3b0535ad9c4c0a1db1261c43b1ae4ccc2ac4bb72af9ba9e480/sha256__822cd606a4acdc3b0535ad9c4c0a1db1261c43b1ae4ccc2ac4bb72af9ba9e480.tar.gz",
+ "alpine://3.12:libssh2:1.9.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__5d2476f73090647afdc51019c410557cc91ce5cf060dca9977a2ee3ada5c1072/",
+ "fixed_versions": [],
+ "published": "2020-08-13T00:54:38+10:00",
+ "artifact_scan_time": "2021-02-02T11:36:04+11:00",
+ "issue_id": "XRAY-117891",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "libssh2 contains an out-of-bounds read flaw in the packet_x11_open() function in packet.c. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://github.com/libssh2/libssh2/commit/bcb7c92d543fdff179835e41aaf0afc59ea89f6d",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17095",
+ "https://github.com/libssh2/libssh2/pull/410"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "BusyBox archival/libarchive/decompress_bunzip2.c get_next_block() Function Selectors Handling Out-of-bounds Write DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:ssl_client:1.31.1-r19",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__5d2476f73090647afdc51019c410557cc91ce5cf060dca9977a2ee3ada5c1072",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__5d2476f73090647afdc51019c410557cc91ce5cf060dca9977a2ee3ada5c1072",
+ "generic://sha256:801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea/sha256__801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea.tar.gz",
+ "alpine://3.12:ssl_client:1.31.1-r19"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__5d2476f73090647afdc51019c410557cc91ce5cf060dca9977a2ee3ada5c1072/",
+ "fixed_versions": [],
+ "published": "2020-10-07T02:24:17+11:00",
+ "artifact_scan_time": "2021-02-02T11:36:04+11:00",
+ "issue_id": "XRAY-125951",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "BusyBox contains an out-of-bounds write flaw in the get_next_block() function in archival/libarchive/decompress_bunzip2.c that is triggered when handling a large number of selectors while decompressing BZIP2 files. This may allow a context-dependent attacker to cause a crash.",
+ "references": [
+ "https://bugs.buildroot.org/show_bug.cgi?id=12916"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.5,
+ "summary": "Alpine Package Keeper (apk-tools) io.c apk_resolve_[ug]id() Functions Username / Groupname TAR Header Field Handling Out-of-bounds Read DoS Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:apk-tools:2.10.5-r1",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__5d2476f73090647afdc51019c410557cc91ce5cf060dca9977a2ee3ada5c1072",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__5d2476f73090647afdc51019c410557cc91ce5cf060dca9977a2ee3ada5c1072",
+ "generic://sha256:801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea/sha256__801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea.tar.gz",
+ "alpine://3.12:apk-tools:2.10.5-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__5d2476f73090647afdc51019c410557cc91ce5cf060dca9977a2ee3ada5c1072/",
+ "fixed_versions": [
+ "2.10.6-r0"
+ ],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-02-02T11:36:04+11:00",
+ "issue_id": "XRAY-173006",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Alpine Package Keeper (apk-tools) contains an out-of-bounds read flaw in the apk_resolve_uid() and apk_resolve_gid() functions in io.c that is triggered as username and groupname header fields are not properly checked for string terminators when parsing TAR file headers. This can potentially allow a context-dependent attacker to cause a denial of service.",
+ "references": [
+ "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741",
+ "https://github.com/docker-library/official-images/pull/9982",
+ "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606",
+ "https://github.com/alpinelinux/apk-tools/commit/f7143c1766ae59489ac922e890ffe6d4a61c3b2d",
+ "https://github.com/alpinelinux/aports/commit/aa740eb10ca7b8386cadc8761da1e30ed931486c",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-30139"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-8088",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.1,
+ "summary": "CVE-2018-8088 slf4j: Deserialisation vulnerability in EventData constructor can allow for arbitrary code execution (important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://slf4j:0:1.7.25-4.module+el8+2452+b359bfcd",
+ "impacted_artifact": "rpm://slf4j:0:1.7.25-4.module+el8+2452+b359bfcd",
+ "impact_path": [
+ "rpm://slf4j:0:1.7.25-4.module+el8+2452+b359bfcd"
+ ],
+ "path": "ubi8-appstream-remote/Packages/s/slf4j-1.7.25-4.module+el8+2452+b359bfcd.noarch.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:05+11:00",
+ "artifact_scan_time": "2021-01-27T22:19:38+11:00",
+ "issue_id": "XRAY-133110",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: An XML deserialization vulnerability was discovered in slf4j's EventData, which accepts an XML serialized string and can lead to arbitrary code execution. STATEMENT: Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Important, and is not currently planned to be addressed in future updates.This issue did not affect the versions of Candlepin as shipped with Red Hat Satellite 6 as Candlepin uses slf4j-api and not the affected slf4j-ext (which is not on the Candlepin classpath).Red Hat Enterprise Virtualization Manager 4.1 is affected by this issue. Updated packages that address this issue are available through the Red Hat Enterprise Linux Server channels. Virtualization Manager hosts should be subscribed to these channels and obtain the updates via `yum update`.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2018-8088"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-11784",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
+ },
+ {
+ "cve": "CVE-2018-8037",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 9.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"
+ },
+ {
+ "cve": "CVE-2018-8034",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 4.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"
+ },
+ {
+ "cve": "CVE-2018-8014",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.7,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.1,
+ "summary": "RHSA-2019:1529: pki-deps:10.6 security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://slf4j:0:1.7.25-4.module+el8+2452+b359bfcd",
+ "impacted_artifact": "rpm://slf4j:0:1.7.25-4.module+el8+2452+b359bfcd",
+ "impact_path": [
+ "rpm://slf4j:0:1.7.25-4.module+el8+2452+b359bfcd"
+ ],
+ "path": "ubi8-appstream-remote/Packages/s/slf4j-1.7.25-4.module+el8+2452+b359bfcd.noarch.rpm",
+ "fixed_versions": [
+ "≥ 0:1.7.25-4.module+el8.0.0+3248+9d514f3b"
+ ],
+ "published": "2019-07-24T13:44:38+10:00",
+ "artifact_scan_time": "2021-01-27T22:19:38+11:00",
+ "issue_id": "XRAY-85223",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "The Public Key Infrastructure (PKI) Deps module contains fundamental packages required as dependencies for the pki-core module by Red Hat Certificate System.Security Fix(es):* tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up (CVE-2018-8037)* tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins (CVE-2018-8014)* tomcat: Open redirect in default servlet (CVE-2018-11784)* tomcat: Host name verification missing in WebSocket client (CVE-2018-8034)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2018-8037",
+ "https://access.redhat.com/security/cve/CVE-2018-8034",
+ "https://access.redhat.com/security/cve/CVE-2018-8014",
+ "https://access.redhat.com/security/cve/CVE-2018-11784",
+ "https://access.redhat.com/errata/RHSA-2019:1529"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-12384",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 8.1,
+ "summary": "RHSA-2019:2720: pki-deps:10.6 security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://slf4j:0:1.7.25-4.module+el8+2452+b359bfcd",
+ "impacted_artifact": "rpm://slf4j:0:1.7.25-4.module+el8+2452+b359bfcd",
+ "impact_path": [
+ "rpm://slf4j:0:1.7.25-4.module+el8+2452+b359bfcd"
+ ],
+ "path": "ubi8-appstream-remote/Packages/s/slf4j-1.7.25-4.module+el8+2452+b359bfcd.noarch.rpm",
+ "fixed_versions": [
+ "≥ 0:1.7.25-4.module+el8.0.0+3892+c903d3f0"
+ ],
+ "published": "2019-10-06T16:00:47+11:00",
+ "artifact_scan_time": "2021-01-27T22:19:38+11:00",
+ "issue_id": "XRAY-89363",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "The Public Key Infrastructure (PKI) Deps module contains fundamental packages required as dependencies for the pki-core module by Red Hat Certificate System.Security Fix(es):* jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2019-12384",
+ "https://access.redhat.com/errata/RHSA-2019:2720"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary smile/SmileParser.java 7-bit Encoded Binary Data Payload Handling Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee/sha256__9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee.tar.gz",
+ "generic://sha256:06b4a2b2e2751caf3309592e08f38e525c5177eb19dfe1e7b72be67b2111f083/elasticsearch-sql-cli-7.10.2.jar",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-05-05T20:06:23+10:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-174967",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains a flaw in smile/SmileParser.java that is triggered as memory is improperly allocated when handling 7-bit encoded binary data payloads. This may allow a context-dependent attacker to exhaust available memory resources and potentially crash a process linked against the library.",
+ "references": [
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/01b883505389ba693b430da6ccbbc77fb380c462",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/265",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/7229150e6297ad7f33fdce709447160748feec9d"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary smile/SmileParser.java 7-bit Encoded Binary Data Payload Handling Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee/sha256__9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-05-05T20:06:23+10:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-174967",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains a flaw in smile/SmileParser.java that is triggered as memory is improperly allocated when handling 7-bit encoded binary data payloads. This may allow a context-dependent attacker to exhaust available memory resources and potentially crash a process linked against the library.",
+ "references": [
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/01b883505389ba693b430da6ccbbc77fb380c462",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/265",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/7229150e6297ad7f33fdce709447160748feec9d"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3450",
+ "cvss_v2_score": 5.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 7.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"
+ }
+ ],
+ "cvss2_max_score": 5.8,
+ "cvss3_max_score": 7.4,
+ "summary": "CVE-2021-3450 openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:openssl:1:1.1.1g-12.el8_3",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:e736878e27ad128d77fc82ad30fa1b6bb42158f307774ff15ad0677dede41e3a/sha256__e736878e27ad128d77fc82ad30fa1b6bb42158f307774ff15ad0677dede41e3a.tar.gz",
+ "rpm://8:openssl:1:1.1.1g-12.el8_3"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [],
+ "published": "2021-03-26T20:47:16+11:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-158580",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an additional strict check. An error in the implementation of this check meant that the result of a previous check to confirm that certificates in the chain are valid CA certificates was overwritten. This effectively bypasses the check that non-CA certificates must not be able to issue other certificates. If a \"purpose\" has been configured then there is a subsequent opportunity for checks that the certificate is a valid CA. All of the named \"purpose\" values implemented in libcrypto perform this check. Therefore, where a purpose is set the certificate chain will still be rejected even when the strict flag has been used. A purpose is set by default in libssl client and server certificate verification routines, but it can be overridden or removed by an application. In order to be affected, an application must explicitly set the X509_V_FLAG_X509_STRICT verification flag and either not set a purpose for the certificate verification or, in the case of TLS client or server applications, override the default purpose. OpenSSL versions 1.1.1h and newer are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1h-1.1.1j).",
+ "references": [
+ "https://www.openssl.org/news/secadv/20210325.txt"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "RHSA-2021:1246: gnutls and nettle security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:nettle:0:3.4.1-2.el8",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:ddf49b9115d7e21a43e4415beaacd566cc86e1584ec5ae6c78fa4cc9d4b10f66/sha256__ddf49b9115d7e21a43e4415beaacd566cc86e1584ec5ae6c78fa4cc9d4b10f66.tar.gz",
+ "rpm://8:nettle:0:3.4.1-2.el8"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [
+ "≥ 0:3.4.1-2.el8_2"
+ ],
+ "published": "2021-04-22T03:24:20+10:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-173361",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.Security Fix(es):* nettle: Out of bounds memory access in signature verification (CVE-2021-20305)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2021:1246",
+ "https://access.redhat.com/security/cve/CVE-2021-20305"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-5382",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Bouncy Castle BKS version 1 keystore (BKS-V1) files use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS-V1 keystore. All BKS-V1 keystores are vulnerable. Bouncy Castle release 1.47 introduces BKS version 2, which uses a 160-bit MAC.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.netbeans.external:bcprov:RELEASE113",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee/sha256__9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee.tar.gz",
+ "gav://org.netbeans.external:bcprov:RELEASE113"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [
+ "1.47"
+ ],
+ "published": "2018-06-11T18:33:48+10:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-68665",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Bouncy Castle BKS version 1 keystore (BKS-V1) files use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS-V1 keystore. All BKS-V1 keystores are vulnerable. Bouncy Castle release 1.47 introduces BKS version 2, which uses a 160-bit MAC.",
+ "references": [
+ "http://www.securityfocus.com/bid/103453",
+ "https://www.bouncycastle.org/releasenotes.html",
+ "https://www.kb.cert.org/vuls/id/306792"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 8.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 8.5,
+ "cvss3_max_score": 8.2,
+ "summary": "FasterXML jackson-databind ext/DOMDeserializer.java DOMDeserializer Class XML External Entity (XXE) Expansion Remote Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee/sha256__9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [],
+ "published": "2020-10-15T22:39:55+11:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-126663",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains an XXE (Xml eXternal Entity) expansion flaw in the DOMDeserializer class in ext/DOMDeserializer.java that is triggered during the parsing of XML data. The issue is due to an incorrectly configured XML parser accepting XML external entities from an untrusted source. By sending specially crafted XML data, a remote attacker can potentially consume excessive system resources or disclose sensitive information.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-25649",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1887664",
+ "https://github.com/FasterXML/jackson-databind/issues/2589",
+ "https://github.com/FasterXML/jackson-databind/commit/e588f0af61b18576779ffb95a2a689a5eb1f9d15",
+ "https://github.com/FasterXML/jackson-databind/blob/jackson-databind-2.11.0/release-notes/VERSION-2.x",
+ "https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary cbor/CBORParser.java CBORParser::_finishTextToken() Function Integer Overflow Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee/sha256__9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-05-05T20:06:23+10:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-174965",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains an integer overflow condition in the CBORParser::_finishTextToken() function in cbor/CBORParser.java that is triggered as certain input is not properly validated. This may allow a context-dependent attacker to exhaust available memory resources, potentially resulting in a denial of service.",
+ "references": [
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32173",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/259",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/f20cf23f35dd86427d0ef160d4c07c60d9ca7dcd"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary cbor/CBORParser.java CBORParser::_finishTextToken() Function Integer Overflow Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee/sha256__9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee.tar.gz",
+ "generic://sha256:06b4a2b2e2751caf3309592e08f38e525c5177eb19dfe1e7b72be67b2111f083/elasticsearch-sql-cli-7.10.2.jar",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-05-05T20:06:23+10:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-174965",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains an integer overflow condition in the CBORParser::_finishTextToken() function in cbor/CBORParser.java that is triggered as certain input is not properly validated. This may allow a context-dependent attacker to exhaust available memory resources, potentially resulting in a denial of service.",
+ "references": [
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32173",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/259",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/f20cf23f35dd86427d0ef160d4c07c60d9ca7dcd"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "RHSA-2021:1206: gnutls and nettle security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:gnutls:0:3.6.14-7.el8_3",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:e736878e27ad128d77fc82ad30fa1b6bb42158f307774ff15ad0677dede41e3a/sha256__e736878e27ad128d77fc82ad30fa1b6bb42158f307774ff15ad0677dede41e3a.tar.gz",
+ "rpm://8:gnutls:0:3.6.14-7.el8_3"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [
+ "≥ 0:3.6.14-8.el8_3"
+ ],
+ "published": "2021-04-22T04:15:52+10:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-173384",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.Security Fix(es):* nettle: Out of bounds memory access in signature verification (CVE-2021-20305)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2021:1206",
+ "https://access.redhat.com/security/cve/CVE-2021-20305"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformat-cbor CBORParser.java CBORParser::_finishBytes() Function Object Field Name Parsing Memory Allocation Exception DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee/sha256__9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee.tar.gz",
+ "generic://sha256:06b4a2b2e2751caf3309592e08f38e525c5177eb19dfe1e7b72be67b2111f083/elasticsearch-sql-cli-7.10.2.jar",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [],
+ "published": "2021-02-04T03:34:19+11:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-139421",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformat-cbor contains a flaw in the CBORParser::_finishBytes() function in CBORParser.java that is triggered as certain input is not properly validated when allocating memory for object field names. This may allow a context-dependent attacker to cause an out-of-memory exception, potentially resulting in a denial of service.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-28491",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/de072d314af8f5f269c8abec6930652af67bc8e6",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/186"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformat-cbor CBORParser.java CBORParser::_finishBytes() Function Object Field Name Parsing Memory Allocation Exception DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee/sha256__9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [],
+ "published": "2021-02-04T03:34:19+11:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-139421",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformat-cbor contains a flaw in the CBORParser::_finishBytes() function in CBORParser.java that is triggered as certain input is not properly validated when allocating memory for object field names. This may allow a context-dependent attacker to cause an out-of-memory exception, potentially resulting in a denial of service.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-28491",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/de072d314af8f5f269c8abec6930652af67bc8e6",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/186"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "json-smart minidev/json/parser/JSONParserBase.java JSONParserBase::extractFloat() Function Improper Exception Handling DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://net.minidev:json-smart:2.3",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee/sha256__9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee.tar.gz",
+ "gav://net.minidev:json-smart:2.3"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [],
+ "published": "2021-02-24T20:04:52+11:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-141174",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "json-smart contains a flaw in the JSONParserBase::extractFloat() function in minidev/json/parser/JSONParserBase.java that is triggered as a NumberFormatException exception is not properly handled when parsing specially crafted float number values. This may allow a context-dependent attacker to crash a process using the library.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-27568",
+ "https://github.com/netplex/json-smart-v1/issues/7",
+ "https://github.com/netplex/json-smart-v2/issues/60"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "CVE-2021-20305 nettle: Out of bounds memory access in signature verification",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:nettle:0:3.4.1-2.el8",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:ddf49b9115d7e21a43e4415beaacd566cc86e1584ec5ae6c78fa4cc9d4b10f66/sha256__ddf49b9115d7e21a43e4415beaacd566cc86e1584ec5ae6c78fa4cc9d4b10f66.tar.gz",
+ "rpm://8:nettle:0:3.4.1-2.el8"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [],
+ "published": "2021-04-01T21:08:25+11:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-160674",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "references": [
+ "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3450",
+ "cvss_v2_score": 5.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 7.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"
+ },
+ {
+ "cve": "CVE-2021-3449",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.8,
+ "cvss3_max_score": 7.4,
+ "summary": "RHSA-2021:1024: openssl security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:openssl-libs:1:1.1.1g-12.el8_3",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:e736878e27ad128d77fc82ad30fa1b6bb42158f307774ff15ad0677dede41e3a/sha256__e736878e27ad128d77fc82ad30fa1b6bb42158f307774ff15ad0677dede41e3a.tar.gz",
+ "rpm://8:openssl-libs:1:1.1.1g-12.el8_3"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [
+ "≥ 1:1.1.1g-15.el8_3"
+ ],
+ "published": "2021-04-22T04:15:50+10:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-173376",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.Security Fix(es):* openssl: NULL pointer dereference in signature_algorithms processing (CVE-2021-3449)* openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT (CVE-2021-3450)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2021:1024",
+ "https://access.redhat.com/security/cve/CVE-2021-3449",
+ "https://access.redhat.com/security/cve/CVE-2021-3450"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.5,
+ "summary": "Netty AbstractDiskHttpData.delete() Function POST Request Handling File Deletion Memory Exhaustion Remote DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://io.netty:netty-codec-http:4.1.49.Final",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee/sha256__9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee.tar.gz",
+ "gav://io.netty:netty-codec-http:4.1.49.Final"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [
+ "4.1.53.Final"
+ ],
+ "published": "2020-10-28T01:16:36+11:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-127557",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Netty contains a flaw in the AbstractDiskHttpData.delete() function in handler/codec/http/multipart/AbstractDiskHttpData.java that is triggered as temporary file entries are added to the 'DeleteOnExitHook' object but not properly removed when processing POST requests that are 16 kB. This may allow a remote attacker to exhaust available memory resources, potentially resulting in a denial of service.",
+ "references": [
+ "https://github.com/netty/netty/pull/10560",
+ "https://github.com/netty/netty/issues/10351",
+ "https://github.com/netty/netty/commit/95ce1b95ea5679f826cdefcbaabb3b7c2d596100"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3450",
+ "cvss_v2_score": 5.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 7.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"
+ },
+ {
+ "cve": "CVE-2021-3449",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.8,
+ "cvss3_max_score": 7.4,
+ "summary": "RHSA-2021:1024: openssl security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:openssl:1:1.1.1g-12.el8_3",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:e736878e27ad128d77fc82ad30fa1b6bb42158f307774ff15ad0677dede41e3a/sha256__e736878e27ad128d77fc82ad30fa1b6bb42158f307774ff15ad0677dede41e3a.tar.gz",
+ "rpm://8:openssl:1:1.1.1g-12.el8_3"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [
+ "≥ 1:1.1.1g-15.el8_3"
+ ],
+ "published": "2021-04-22T04:15:50+10:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-173376",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.Security Fix(es):* openssl: NULL pointer dereference in signature_algorithms processing (CVE-2021-3449)* openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT (CVE-2021-3450)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2021:1024",
+ "https://access.redhat.com/security/cve/CVE-2021-3449",
+ "https://access.redhat.com/security/cve/CVE-2021-3450"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary smile/SmileParser.java Raw Binary Data Payload Handling Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee/sha256__9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-05-05T20:06:23+10:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-174966",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains a flaw in smile/SmileParser.java that is triggered as memory is improperly allocated when handling raw binary data payloads. This may allow a context-dependent attacker to exhaust available memory resources and potentially crash a process linked against the library.",
+ "references": [
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32180",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/260",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/57400266ce8af0105ed79fb576ac0c9cfe89e37b"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary smile/SmileParser.java Raw Binary Data Payload Handling Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee/sha256__9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee.tar.gz",
+ "generic://sha256:06b4a2b2e2751caf3309592e08f38e525c5177eb19dfe1e7b72be67b2111f083/elasticsearch-sql-cli-7.10.2.jar",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-05-05T20:06:23+10:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-174966",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains a flaw in smile/SmileParser.java that is triggered as memory is improperly allocated when handling raw binary data payloads. This may allow a context-dependent attacker to exhaust available memory resources and potentially crash a process linked against the library.",
+ "references": [
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32180",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/260",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/57400266ce8af0105ed79fb576ac0c9cfe89e37b"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary SmileParser::nextToken() Function Smile Header Marker Recursion Handling Stack Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee/sha256__9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee.tar.gz",
+ "generic://sha256:06b4a2b2e2751caf3309592e08f38e525c5177eb19dfe1e7b72be67b2111f083/elasticsearch-sql-cli-7.10.2.jar",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-04-01T20:39:14+11:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-160666",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains a flaw in the SmileParser::nextToken() function in smile/src/main/java/com/fasterxml/jackson/dataformat/smile/SmileParser.java that is triggered as recursive function calls are not properly handled when processing a sequence or 4-byte Smile header markers. This may allow a context-dependent attacker to exhaust available stack space and crash a process linked against the library.",
+ "references": [
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/87683e346e732204c769c50166d812eaf62b5ed1",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32665",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/268"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary SmileParser::nextToken() Function Smile Header Marker Recursion Handling Stack Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee/sha256__9ccb7e6e1f0c90a0bc3a1907f5741245698221383876ed6adb410c542b4505ee.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-04-01T20:39:14+11:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-160666",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains a flaw in the SmileParser::nextToken() function in smile/src/main/java/com/fasterxml/jackson/dataformat/smile/SmileParser.java that is triggered as recursive function calls are not properly handled when processing a sequence or 4-byte Smile header markers. This may allow a context-dependent attacker to exhaust available stack space and crash a process linked against the library.",
+ "references": [
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/87683e346e732204c769c50166d812eaf62b5ed1",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32665",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/268"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3449",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "CVE-2021-3449 openssl: NULL pointer dereference in signature_algorithms processing",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:openssl:1:1.1.1g-12.el8_3",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:e736878e27ad128d77fc82ad30fa1b6bb42158f307774ff15ad0677dede41e3a/sha256__e736878e27ad128d77fc82ad30fa1b6bb42158f307774ff15ad0677dede41e3a.tar.gz",
+ "rpm://8:openssl:1:1.1.1g-12.el8_3"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [],
+ "published": "2021-03-26T20:47:16+11:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-158581",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack. A server is only vulnerable if it has TLSv1.2 and renegotiation enabled (which is the default configuration). OpenSSL TLS clients are not impacted by this issue. All OpenSSL 1.1.1 versions are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1k. OpenSSL 1.0.2 is not impacted by this issue. Fixed in OpenSSL 1.1.1k (Affected 1.1.1-1.1.1j).",
+ "references": [
+ "https://www.openssl.org/news/secadv/20210325.txt"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27219",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss3_max_score": 9.8,
+ "summary": "CVE-2021-27219 glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:glib2:0:2.56.4-8.el8",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:ddf49b9115d7e21a43e4415beaacd566cc86e1584ec5ae6c78fa4cc9d4b10f66/sha256__ddf49b9115d7e21a43e4415beaacd566cc86e1584ec5ae6c78fa4cc9d4b10f66.tar.gz",
+ "rpm://8:glib2:0:2.56.4-8.el8"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [],
+ "published": "2021-03-17T00:26:15+11:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-146608",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: An integer wraparound was discovered in glib due to passing a 64 bits size value to function g_memdup() which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application linked against glib library uses g_bytes_new() function or possibly other functions that use g_memdup() underneath and accept a 64 bits argument as size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. STATEMENT: Applications that just use GBytes to access the data are affected by this flaw but the highest threat is to data confidentiality and/or the application availability, due to possible out-of-bounds reads. However, if the data in GBytes is taken through functions such as g_bytes_unref_to_data or g_bytes_unref_to_array it might be possible to have out-of-bounds writes due to the wrongly reported size of the buffer.Applications that use g_memdup to duplicate memory with user-controlled sizes should pay extra attention to the fact that g_memdup accepts a guint size instead of gsize. Thus directly passing a gsize value to g_memdup may results in integer truncation, allocating a buffer smaller than expected.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2021-27219"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "CVE-2021-20305 nettle: Out of bounds memory access in signature verification",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:gnutls:0:3.6.14-7.el8_3",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:e736878e27ad128d77fc82ad30fa1b6bb42158f307774ff15ad0677dede41e3a/sha256__e736878e27ad128d77fc82ad30fa1b6bb42158f307774ff15ad0677dede41e3a.tar.gz",
+ "rpm://8:gnutls:0:3.6.14-7.el8_3"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [],
+ "published": "2021-04-01T21:08:25+11:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-160674",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "references": [
+ "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "RHSA-2021:1245: gnutls and nettle security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:nettle:0:3.4.1-2.el8",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:ddf49b9115d7e21a43e4415beaacd566cc86e1584ec5ae6c78fa4cc9d4b10f66/sha256__ddf49b9115d7e21a43e4415beaacd566cc86e1584ec5ae6c78fa4cc9d4b10f66.tar.gz",
+ "rpm://8:nettle:0:3.4.1-2.el8"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [
+ "≥ 0:3.4.1-2.el8_1"
+ ],
+ "published": "2021-04-22T03:06:04+10:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-173345",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.Security Fix(es):* nettle: Out of bounds memory access in signature verification (CVE-2021-20305)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2021:1245",
+ "https://access.redhat.com/security/cve/CVE-2021-20305"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8625",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "RHSA-2021:0670: bind security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:bind-export-libs:32:9.11.20-5.el8",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:ddf49b9115d7e21a43e4415beaacd566cc86e1584ec5ae6c78fa4cc9d4b10f66/sha256__ddf49b9115d7e21a43e4415beaacd566cc86e1584ec5ae6c78fa4cc9d4b10f66.tar.gz",
+ "rpm://8:bind-export-libs:32:9.11.20-5.el8"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [
+ "≥ 32:9.11.20-5.el8_3.1"
+ ],
+ "published": "2021-03-08T15:15:52+11:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-141884",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.Security Fix(es):* bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation (CVE-2020-8625)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2021:0670",
+ "https://access.redhat.com/security/cve/CVE-2020-8625"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "RHSA-2021:1206: gnutls and nettle security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:nettle:0:3.4.1-2.el8",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.10.2-amd64",
+ "generic://sha256:ddf49b9115d7e21a43e4415beaacd566cc86e1584ec5ae6c78fa4cc9d4b10f66/sha256__ddf49b9115d7e21a43e4415beaacd566cc86e1584ec5ae6c78fa4cc9d4b10f66.tar.gz",
+ "rpm://8:nettle:0:3.4.1-2.el8"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.10.2-amd64/",
+ "fixed_versions": [
+ "≥ 0:3.4.1-4.el8_3"
+ ],
+ "published": "2021-04-22T04:15:52+10:00",
+ "artifact_scan_time": "2021-02-03T17:45:30+11:00",
+ "issue_id": "XRAY-173384",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.Security Fix(es):* nettle: Out of bounds memory access in signature verification (CVE-2021-20305)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2021:1206",
+ "https://access.redhat.com/security/cve/CVE-2021-20305"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "GNU dbm (GDBM) gdbmopen.c gdbm_avail_block_validate() Function Block Validation Out-of-bounds Read DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:gdbm:1.19-r0",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__4b5a25c8dbac9637f8e680566959fdccd1a98d74ce2f2746f9b0f9ff6b57d03b",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__4b5a25c8dbac9637f8e680566959fdccd1a98d74ce2f2746f9b0f9ff6b57d03b",
+ "generic://sha256:079acc430bf9db22a2159b57ce704265070f563573f494369721f7753444f923/sha256__079acc430bf9db22a2159b57ce704265070f563573f494369721f7753444f923.tar.gz",
+ "alpine://3.13:gdbm:1.19-r0"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__4b5a25c8dbac9637f8e680566959fdccd1a98d74ce2f2746f9b0f9ff6b57d03b/",
+ "fixed_versions": [],
+ "published": "2021-03-19T02:44:49+11:00",
+ "artifact_scan_time": "2021-02-12T11:48:39+11:00",
+ "issue_id": "XRAY-147947",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU dbm (GDBM) contains an out-of-bounds read flaw in the gdbm_avail_block_validate() function in gdbmopen.c that is triggered when validating available blocks. This may allow a context-dependent attacker to crash a process linked against the library.",
+ "references": [
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=9405ce2373ae5d64fc370c8b5ff280a92f15d01f",
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=4fe603315b4e5189ff5ba31fb9ef0bedd625202a",
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=7011ecbaf12a07f912eaf1b3ed6d3a528cefc7ad",
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=fd5cf245ea6d3e2f36dc349d8013ef62f4a9d532",
+ "/vulnerabilities/251922",
+ "https://puszcza.gnu.org.ua/bugs/?501",
+ "https://puszcza.gnu.org.ua/bugs/?503"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite btree.c balance_nonroot() Function Database File Handling Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:sqlite-libs:3.34.1-r0",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__4b5a25c8dbac9637f8e680566959fdccd1a98d74ce2f2746f9b0f9ff6b57d03b",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__4b5a25c8dbac9637f8e680566959fdccd1a98d74ce2f2746f9b0f9ff6b57d03b",
+ "generic://sha256:079acc430bf9db22a2159b57ce704265070f563573f494369721f7753444f923/sha256__079acc430bf9db22a2159b57ce704265070f563573f494369721f7753444f923.tar.gz",
+ "alpine://3.13:sqlite-libs:3.34.1-r0"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__4b5a25c8dbac9637f8e680566959fdccd1a98d74ce2f2746f9b0f9ff6b57d03b/",
+ "fixed_versions": [],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-02-12T11:48:39+11:00",
+ "issue_id": "XRAY-173004",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains a flaw in the balance_nonroot() function in btree.c that is triggered when handling a specially crafted database file. This may allow a context-dependent attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/1e06c70eb073a92e683c55ffb8471301db999b75",
+ "https://github.com/sqlite/sqlite/commit/1f9f5766954d250a00da59f7f7c1fc57d9032a6e",
+ "https://www.sqlite.org/src/info/39c8686cabe6c437",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/60efbb3584af2ba05e1935b3e07d3a861841db7c",
+ "https://github.com/chromium/chromium/commit/78157c349734be628ac9eef25a897a50bd31b8cd",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1175522",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1181276",
+ "https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1198709"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite sqliteInt.h sqlite3ExpandSubquery() Function Declaration Unspecified Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:sqlite-libs:3.34.1-r0",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__4b5a25c8dbac9637f8e680566959fdccd1a98d74ce2f2746f9b0f9ff6b57d03b",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__4b5a25c8dbac9637f8e680566959fdccd1a98d74ce2f2746f9b0f9ff6b57d03b",
+ "generic://sha256:079acc430bf9db22a2159b57ce704265070f563573f494369721f7753444f923/sha256__079acc430bf9db22a2159b57ce704265070f563573f494369721f7753444f923.tar.gz",
+ "alpine://3.13:sqlite-libs:3.34.1-r0"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__4b5a25c8dbac9637f8e680566959fdccd1a98d74ce2f2746f9b0f9ff6b57d03b/",
+ "fixed_versions": [],
+ "published": "2021-03-15T04:32:05+11:00",
+ "artifact_scan_time": "2021-02-12T11:48:39+11:00",
+ "issue_id": "XRAY-146201",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains an unspecified flaw in sqliteInt.h as the sqlite3ExpandSubquery() function is not declared for SQLITE_OMIT_WINDOWFUNC builds. This may allow an attacker to have an unspecified impact. No further details have been provided.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/7225bfef164bced949c0ba98436b1fa104546493",
+ "https://www.sqlite.org/src/info/9587fa8b29fc2f91",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/8162d64e702214e8cb12078f387e4278a3302d16",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/d9581878fcf81ec8beda15b079726edaddd775bb",
+ "https://chromium.googlesource.com/chromium/src/+/b8631d09aaba64ee30d492e47e6ccf43860e0cac",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1183883",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1161048",
+ "https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "GNU dbm (GDBM) bucket.c _gdbm_get_bucket() Function Improper Bucket Re-initialization Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:gdbm:1.19-r0",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__4b5a25c8dbac9637f8e680566959fdccd1a98d74ce2f2746f9b0f9ff6b57d03b",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__4b5a25c8dbac9637f8e680566959fdccd1a98d74ce2f2746f9b0f9ff6b57d03b",
+ "generic://sha256:079acc430bf9db22a2159b57ce704265070f563573f494369721f7753444f923/sha256__079acc430bf9db22a2159b57ce704265070f563573f494369721f7753444f923.tar.gz",
+ "alpine://3.13:gdbm:1.19-r0"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__4b5a25c8dbac9637f8e680566959fdccd1a98d74ce2f2746f9b0f9ff6b57d03b/",
+ "fixed_versions": [],
+ "published": "2021-03-19T00:44:44+11:00",
+ "artifact_scan_time": "2021-02-12T11:48:39+11:00",
+ "issue_id": "XRAY-147853",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU dbm (GDBM) contains an out-of-bounds read flaw in the _gdbm_get_bucket() function in bucket.c that is triggered as buckets are not properly re-initialized when a failure occurs. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=40a464d322c720c88a50c3eb0a8c1d87e6079f89",
+ "/vulnerabilities/251924",
+ "https://puszcza.gnu.org.ua/bugs/?501"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite pcache1.c pcache1AllocPage() Function Uninitialized Memory Use Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:sqlite-libs:3.34.1-r0",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__4b5a25c8dbac9637f8e680566959fdccd1a98d74ce2f2746f9b0f9ff6b57d03b",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__4b5a25c8dbac9637f8e680566959fdccd1a98d74ce2f2746f9b0f9ff6b57d03b",
+ "generic://sha256:079acc430bf9db22a2159b57ce704265070f563573f494369721f7753444f923/sha256__079acc430bf9db22a2159b57ce704265070f563573f494369721f7753444f923.tar.gz",
+ "alpine://3.13:sqlite-libs:3.34.1-r0"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__4b5a25c8dbac9637f8e680566959fdccd1a98d74ce2f2746f9b0f9ff6b57d03b/",
+ "fixed_versions": [],
+ "published": "2021-04-20T00:31:27+10:00",
+ "artifact_scan_time": "2021-02-12T11:48:39+11:00",
+ "issue_id": "XRAY-172950",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains a flaw in the pcache1AllocPage() function in pcache1.c related to use of uninitialized memory. The issue is triggered when handling specially crafted database files. This may allow a context-dependent attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/1e06c70eb073a92e683c55ffb8471301db999b75",
+ "https://github.com/sqlite/sqlite/commit/1f9f5766954d250a00da59f7f7c1fc57d9032a6e",
+ "https://www.sqlite.org/src/info/39c8686cabe6c437",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/60efbb3584af2ba05e1935b3e07d3a861841db7c",
+ "https://github.com/chromium/chromium/commit/78157c349734be628ac9eef25a897a50bd31b8cd",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1175522",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1181276",
+ "https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1198709"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.5,
+ "summary": "Alpine Package Keeper (apk-tools) io.c apk_resolve_[ug]id() Functions Username / Groupname TAR Header Field Handling Out-of-bounds Read DoS Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:apk-tools:2.12.1-r0",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__4b5a25c8dbac9637f8e680566959fdccd1a98d74ce2f2746f9b0f9ff6b57d03b",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__4b5a25c8dbac9637f8e680566959fdccd1a98d74ce2f2746f9b0f9ff6b57d03b",
+ "generic://sha256:4c0d98bf9879488e0407f897d9dd4bf758555a78e39675e72b5124ccf12c2580/sha256__4c0d98bf9879488e0407f897d9dd4bf758555a78e39675e72b5124ccf12c2580.tar.gz",
+ "alpine://3.13:apk-tools:2.12.1-r0"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__4b5a25c8dbac9637f8e680566959fdccd1a98d74ce2f2746f9b0f9ff6b57d03b/",
+ "fixed_versions": [
+ "2.12.5-r0"
+ ],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-02-12T11:48:39+11:00",
+ "issue_id": "XRAY-173006",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Alpine Package Keeper (apk-tools) contains an out-of-bounds read flaw in the apk_resolve_uid() and apk_resolve_gid() functions in io.c that is triggered as username and groupname header fields are not properly checked for string terminators when parsing TAR file headers. This can potentially allow a context-dependent attacker to cause a denial of service.",
+ "references": [
+ "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741",
+ "https://github.com/docker-library/official-images/pull/9982",
+ "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606",
+ "https://github.com/alpinelinux/apk-tools/commit/f7143c1766ae59489ac922e890ffe6d4a61c3b2d",
+ "https://github.com/alpinelinux/aports/commit/aa740eb10ca7b8386cadc8761da1e30ed931486c",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-30139"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3121",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "severity": "High",
+ "vulnerable_component": "go://github.com/gogo/protobuf:1.3.1",
+ "impacted_artifact": "docker://grafana/grafana:sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530",
+ "impact_path": [
+ "docker://grafana/grafana:sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530",
+ "generic://sha256:692006895fd73b480f90fb4cc5ac0a1d3441c7b042f9543e3b886177ee47d225/sha256__692006895fd73b480f90fb4cc5ac0a1d3441c7b042f9543e3b886177ee47d225.tar.gz",
+ "generic://sha256:daffd3be3b857c0c7cd77df29b63177e5242a11ee39e06495ab8bad4b1e0b0b9/grafana-cli",
+ "go://github.com/gogo/protobuf:1.3.1"
+ ],
+ "path": "dockerhub-remote/grafana/grafana/sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530/",
+ "fixed_versions": [
+ "1.3.2"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-02-15T23:39:47+11:00",
+ "issue_id": "XRAY-139136",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "references": [
+ "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E",
+ "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E",
+ "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2",
+ "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3121",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "severity": "High",
+ "vulnerable_component": "go://github.com/gogo/protobuf:1.3.1",
+ "impacted_artifact": "docker://grafana/grafana:sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530",
+ "impact_path": [
+ "docker://grafana/grafana:sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530",
+ "generic://sha256:692006895fd73b480f90fb4cc5ac0a1d3441c7b042f9543e3b886177ee47d225/sha256__692006895fd73b480f90fb4cc5ac0a1d3441c7b042f9543e3b886177ee47d225.tar.gz",
+ "generic://sha256:b29fab5a9aef6138ddc163e826f337cb089102ac6cc2437c0a53593239a6189f/grafana-server",
+ "go://github.com/gogo/protobuf:1.3.1"
+ ],
+ "path": "dockerhub-remote/grafana/grafana/sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530/",
+ "fixed_versions": [
+ "1.3.2"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-02-15T23:39:47+11:00",
+ "issue_id": "XRAY-139136",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "references": [
+ "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E",
+ "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E",
+ "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2",
+ "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "OpenSSL crypto/rc5/rc5_skey.c RC5_32_set_key() Function Key Initialization Stack Buffer Overflow",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:openssl:1.1.1i-r0",
+ "impacted_artifact": "docker://grafana/grafana:sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530",
+ "impact_path": [
+ "docker://grafana/grafana:sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530",
+ "generic://sha256:ae530cc7a99c324150459b3e0b92211e08c8f1dfcc0f69c5f332cea0d597f2ac/sha256__ae530cc7a99c324150459b3e0b92211e08c8f1dfcc0f69c5f332cea0d597f2ac.tar.gz",
+ "alpine://3.12:openssl:1.1.1i-r0"
+ ],
+ "path": "dockerhub-remote/grafana/grafana/sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530/",
+ "fixed_versions": [],
+ "published": "2020-09-10T01:18:57+10:00",
+ "artifact_scan_time": "2021-02-15T23:39:47+11:00",
+ "issue_id": "XRAY-124116",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "OpenSSL contains an overflow condition in the RC5_32_set_key() function in crypto/rc5/rc5_skey.c that is triggered as certain input is not properly validated when initializing encryption or decryption keys. This may allow a context-dependent attacker to cause a stack-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.",
+ "references": [
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17173"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "OpenSSL signature_algorithms Field Processing NULL Pointer Dereference DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:openssl:1.1.1i-r0",
+ "impacted_artifact": "docker://grafana/grafana:sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530",
+ "impact_path": [
+ "docker://grafana/grafana:sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530",
+ "generic://sha256:ae530cc7a99c324150459b3e0b92211e08c8f1dfcc0f69c5f332cea0d597f2ac/sha256__ae530cc7a99c324150459b3e0b92211e08c8f1dfcc0f69c5f332cea0d597f2ac.tar.gz",
+ "alpine://3.12:openssl:1.1.1i-r0"
+ ],
+ "path": "dockerhub-remote/grafana/grafana/sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530/",
+ "fixed_versions": [
+ "1.1.1k-r0"
+ ],
+ "published": "2021-03-26T03:10:59+11:00",
+ "artifact_scan_time": "2021-02-15T23:39:47+11:00",
+ "issue_id": "XRAY-158318",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "OpenSSL contains a NULL pointer dereference flaw related to signature_algorithms field processing that may allow a context-dependent attacker to crash a process linked against the library. No further details have been provided.",
+ "references": [
+ "https://mta.openssl.org/pipermail/openssl-announce/2021-March/000196.html",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3449",
+ "https://support2.windriver.com/index.php?page=security-notices\u0026on=view\u0026id=7055"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "BusyBox archival/libarchive/decompress_bunzip2.c get_next_block() Function Selectors Handling Out-of-bounds Write DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:ssl_client:1.31.1-r19",
+ "impacted_artifact": "docker://grafana/grafana:sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530",
+ "impact_path": [
+ "docker://grafana/grafana:sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530",
+ "generic://sha256:801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea/sha256__801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea.tar.gz",
+ "alpine://3.12:ssl_client:1.31.1-r19"
+ ],
+ "path": "dockerhub-remote/grafana/grafana/sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530/",
+ "fixed_versions": [],
+ "published": "2020-10-07T02:24:17+11:00",
+ "artifact_scan_time": "2021-02-15T23:39:47+11:00",
+ "issue_id": "XRAY-125951",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "BusyBox contains an out-of-bounds write flaw in the get_next_block() function in archival/libarchive/decompress_bunzip2.c that is triggered when handling a large number of selectors while decompressing BZIP2 files. This may allow a context-dependent attacker to cause a crash.",
+ "references": [
+ "https://bugs.buildroot.org/show_bug.cgi?id=12916"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.5,
+ "summary": "Alpine Package Keeper (apk-tools) io.c apk_resolve_[ug]id() Functions Username / Groupname TAR Header Field Handling Out-of-bounds Read DoS Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:apk-tools:2.10.5-r1",
+ "impacted_artifact": "docker://grafana/grafana:sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530",
+ "impact_path": [
+ "docker://grafana/grafana:sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530",
+ "generic://sha256:801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea/sha256__801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea.tar.gz",
+ "alpine://3.12:apk-tools:2.10.5-r1"
+ ],
+ "path": "dockerhub-remote/grafana/grafana/sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530/",
+ "fixed_versions": [
+ "2.10.6-r0"
+ ],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-02-15T23:39:47+11:00",
+ "issue_id": "XRAY-173006",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Alpine Package Keeper (apk-tools) contains an out-of-bounds read flaw in the apk_resolve_uid() and apk_resolve_gid() functions in io.c that is triggered as username and groupname header fields are not properly checked for string terminators when parsing TAR file headers. This can potentially allow a context-dependent attacker to cause a denial of service.",
+ "references": [
+ "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741",
+ "https://github.com/docker-library/official-images/pull/9982",
+ "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606",
+ "https://github.com/alpinelinux/apk-tools/commit/f7143c1766ae59489ac922e890ffe6d4a61c3b2d",
+ "https://github.com/alpinelinux/aports/commit/aa740eb10ca7b8386cadc8761da1e30ed931486c",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-30139"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "flatbuffers Crate for Rust primitives.rs Follow for bool Implementation Byte Handling Undefined Behavior Unspecified Weakness",
+ "severity": "High",
+ "vulnerable_component": "go://github.com/google/flatbuffers:1.11.0",
+ "impacted_artifact": "docker://grafana/grafana:sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530",
+ "impact_path": [
+ "docker://grafana/grafana:sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530",
+ "generic://sha256:692006895fd73b480f90fb4cc5ac0a1d3441c7b042f9543e3b886177ee47d225/sha256__692006895fd73b480f90fb4cc5ac0a1d3441c7b042f9543e3b886177ee47d225.tar.gz",
+ "generic://sha256:daffd3be3b857c0c7cd77df29b63177e5242a11ee39e06495ab8bad4b1e0b0b9/grafana-cli",
+ "go://github.com/google/flatbuffers:1.11.0"
+ ],
+ "path": "dockerhub-remote/grafana/grafana/sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530/",
+ "fixed_versions": [
+ "1.12.0"
+ ],
+ "published": "2019-10-28T00:23:10+11:00",
+ "artifact_scan_time": "2021-02-15T23:39:47+11:00",
+ "issue_id": "XRAY-90561",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "flatbuffers Crate for Rust contains an undefined behavior condition in the Follow for bool Implementation in primitives.rs that is triggered as bytes are improperly reinterpreted. This may result in violation of requirements for bool types and may allow a context-dependent attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/google/flatbuffers/commit/c66cd3085742c50ae231c77f1bc5b577d0cceb94",
+ "https://github.com/google/flatbuffers/pull/5554",
+ "https://github.com/google/flatbuffers/issues/5530",
+ "https://rustsec.org/advisories/RUSTSEC-2019-0028.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "flatbuffers Crate for Rust primitives.rs Follow for bool Implementation Byte Handling Undefined Behavior Unspecified Weakness",
+ "severity": "High",
+ "vulnerable_component": "go://github.com/google/flatbuffers:1.11.0",
+ "impacted_artifact": "docker://grafana/grafana:sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530",
+ "impact_path": [
+ "docker://grafana/grafana:sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530",
+ "generic://sha256:692006895fd73b480f90fb4cc5ac0a1d3441c7b042f9543e3b886177ee47d225/sha256__692006895fd73b480f90fb4cc5ac0a1d3441c7b042f9543e3b886177ee47d225.tar.gz",
+ "generic://sha256:b29fab5a9aef6138ddc163e826f337cb089102ac6cc2437c0a53593239a6189f/grafana-server",
+ "go://github.com/google/flatbuffers:1.11.0"
+ ],
+ "path": "dockerhub-remote/grafana/grafana/sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530/",
+ "fixed_versions": [
+ "1.12.0"
+ ],
+ "published": "2019-10-28T00:23:10+11:00",
+ "artifact_scan_time": "2021-02-15T23:39:47+11:00",
+ "issue_id": "XRAY-90561",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "flatbuffers Crate for Rust contains an undefined behavior condition in the Follow for bool Implementation in primitives.rs that is triggered as bytes are improperly reinterpreted. This may result in violation of requirements for bool types and may allow a context-dependent attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/google/flatbuffers/commit/c66cd3085742c50ae231c77f1bc5b577d0cceb94",
+ "https://github.com/google/flatbuffers/pull/5554",
+ "https://github.com/google/flatbuffers/issues/5530",
+ "https://rustsec.org/advisories/RUSTSEC-2019-0028.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "BusyBox archival/libarchive/decompress_bunzip2.c get_next_block() Function Selectors Handling Out-of-bounds Write DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:busybox:1.31.1-r19",
+ "impacted_artifact": "docker://grafana/grafana:sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530",
+ "impact_path": [
+ "docker://grafana/grafana:sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530",
+ "generic://sha256:801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea/sha256__801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea.tar.gz",
+ "alpine://3.12:busybox:1.31.1-r19"
+ ],
+ "path": "dockerhub-remote/grafana/grafana/sha256__944fe2dbddc2a4678ab36ac4e9ff03db01c7f1c02311f13cba8c4e8e2b1f7530/",
+ "fixed_versions": [],
+ "published": "2020-10-07T02:24:17+11:00",
+ "artifact_scan_time": "2021-02-15T23:39:47+11:00",
+ "issue_id": "XRAY-125951",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "BusyBox contains an out-of-bounds write flaw in the get_next_block() function in archival/libarchive/decompress_bunzip2.c that is triggered when handling a large number of selectors while decompressing BZIP2 files. This may allow a context-dependent attacker to cause a crash.",
+ "references": [
+ "https://bugs.buildroot.org/show_bug.cgi?id=12916"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27219",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss3_max_score": 9.8,
+ "summary": "CVE-2021-27219 glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:glib2:0:2.56.4-8.el8",
+ "impacted_artifact": "docker://eck/eck-operator:1.3.1",
+ "impact_path": [
+ "docker://eck/eck-operator:1.3.1",
+ "generic://sha256:4753a4528f5f857083f7c31ba761a3ed67c0005660cc488d96b1b80165946a38/sha256__4753a4528f5f857083f7c31ba761a3ed67c0005660cc488d96b1b80165946a38.tar.gz",
+ "rpm://8:glib2:0:2.56.4-8.el8"
+ ],
+ "path": "elastic-docker-remote/eck/eck-operator/1.3.1/",
+ "fixed_versions": [],
+ "published": "2021-03-17T00:26:15+11:00",
+ "artifact_scan_time": "2021-02-03T12:25:34+11:00",
+ "issue_id": "XRAY-146608",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: An integer wraparound was discovered in glib due to passing a 64 bits size value to function g_memdup() which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application linked against glib library uses g_bytes_new() function or possibly other functions that use g_memdup() underneath and accept a 64 bits argument as size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. STATEMENT: Applications that just use GBytes to access the data are affected by this flaw but the highest threat is to data confidentiality and/or the application availability, due to possible out-of-bounds reads. However, if the data in GBytes is taken through functions such as g_bytes_unref_to_data or g_bytes_unref_to_array it might be possible to have out-of-bounds writes due to the wrongly reported size of the buffer.Applications that use g_memdup to duplicate memory with user-controlled sizes should pay extra attention to the fact that g_memdup accepts a guint size instead of gsize. Thus directly passing a gsize value to g_memdup may results in integer truncation, allocating a buffer smaller than expected.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2021-27219"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "RHSA-2021:1245: gnutls and nettle security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:nettle:0:3.4.1-2.el8",
+ "impacted_artifact": "docker://eck/eck-operator:1.3.1",
+ "impact_path": [
+ "docker://eck/eck-operator:1.3.1",
+ "generic://sha256:4753a4528f5f857083f7c31ba761a3ed67c0005660cc488d96b1b80165946a38/sha256__4753a4528f5f857083f7c31ba761a3ed67c0005660cc488d96b1b80165946a38.tar.gz",
+ "rpm://8:nettle:0:3.4.1-2.el8"
+ ],
+ "path": "elastic-docker-remote/eck/eck-operator/1.3.1/",
+ "fixed_versions": [
+ "≥ 0:3.4.1-2.el8_1"
+ ],
+ "published": "2021-04-22T03:06:04+10:00",
+ "artifact_scan_time": "2021-02-03T12:25:34+11:00",
+ "issue_id": "XRAY-173345",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.Security Fix(es):* nettle: Out of bounds memory access in signature verification (CVE-2021-20305)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2021:1245",
+ "https://access.redhat.com/security/cve/CVE-2021-20305"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3121",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "severity": "High",
+ "vulnerable_component": "go://github.com/gogo/protobuf:1.3.1",
+ "impacted_artifact": "docker://eck/eck-operator:1.3.1",
+ "impact_path": [
+ "docker://eck/eck-operator:1.3.1",
+ "generic://sha256:59a5acd698eae3acc9f90aed646022f3048c825566cb98abd54ab85d468ecffd/sha256__59a5acd698eae3acc9f90aed646022f3048c825566cb98abd54ab85d468ecffd.tar.gz",
+ "generic://sha256:1bc36d9bb3143324dce075b8ad4722edc8d2bcc38c76722085a4a7eadd510d5c/elastic-operator",
+ "go://github.com/gogo/protobuf:1.3.1"
+ ],
+ "path": "elastic-docker-remote/eck/eck-operator/1.3.1/",
+ "fixed_versions": [
+ "1.3.2"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-02-03T12:25:34+11:00",
+ "issue_id": "XRAY-139136",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "references": [
+ "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E",
+ "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E",
+ "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2",
+ "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "CVE-2021-20305 nettle: Out of bounds memory access in signature verification",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:gnutls:0:3.6.14-6.el8",
+ "impacted_artifact": "docker://eck/eck-operator:1.3.1",
+ "impact_path": [
+ "docker://eck/eck-operator:1.3.1",
+ "generic://sha256:4753a4528f5f857083f7c31ba761a3ed67c0005660cc488d96b1b80165946a38/sha256__4753a4528f5f857083f7c31ba761a3ed67c0005660cc488d96b1b80165946a38.tar.gz",
+ "rpm://8:gnutls:0:3.6.14-6.el8"
+ ],
+ "path": "elastic-docker-remote/eck/eck-operator/1.3.1/",
+ "fixed_versions": [],
+ "published": "2021-04-01T21:08:25+11:00",
+ "artifact_scan_time": "2021-02-03T12:25:34+11:00",
+ "issue_id": "XRAY-160674",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "references": [
+ "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "RHSA-2021:1206: gnutls and nettle security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:nettle:0:3.4.1-2.el8",
+ "impacted_artifact": "docker://eck/eck-operator:1.3.1",
+ "impact_path": [
+ "docker://eck/eck-operator:1.3.1",
+ "generic://sha256:4753a4528f5f857083f7c31ba761a3ed67c0005660cc488d96b1b80165946a38/sha256__4753a4528f5f857083f7c31ba761a3ed67c0005660cc488d96b1b80165946a38.tar.gz",
+ "rpm://8:nettle:0:3.4.1-2.el8"
+ ],
+ "path": "elastic-docker-remote/eck/eck-operator/1.3.1/",
+ "fixed_versions": [
+ "≥ 0:3.4.1-4.el8_3"
+ ],
+ "published": "2021-04-22T04:15:52+10:00",
+ "artifact_scan_time": "2021-02-03T12:25:34+11:00",
+ "issue_id": "XRAY-173384",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.Security Fix(es):* nettle: Out of bounds memory access in signature verification (CVE-2021-20305)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2021:1206",
+ "https://access.redhat.com/security/cve/CVE-2021-20305"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "RHSA-2021:1206: gnutls and nettle security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:gnutls:0:3.6.14-6.el8",
+ "impacted_artifact": "docker://eck/eck-operator:1.3.1",
+ "impact_path": [
+ "docker://eck/eck-operator:1.3.1",
+ "generic://sha256:4753a4528f5f857083f7c31ba761a3ed67c0005660cc488d96b1b80165946a38/sha256__4753a4528f5f857083f7c31ba761a3ed67c0005660cc488d96b1b80165946a38.tar.gz",
+ "rpm://8:gnutls:0:3.6.14-6.el8"
+ ],
+ "path": "elastic-docker-remote/eck/eck-operator/1.3.1/",
+ "fixed_versions": [
+ "≥ 0:3.6.14-8.el8_3"
+ ],
+ "published": "2021-04-22T04:15:52+10:00",
+ "artifact_scan_time": "2021-02-03T12:25:34+11:00",
+ "issue_id": "XRAY-173384",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.Security Fix(es):* nettle: Out of bounds memory access in signature verification (CVE-2021-20305)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2021:1206",
+ "https://access.redhat.com/security/cve/CVE-2021-20305"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-1971",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "RHSA-2020:5476: openssl security and bug fix update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:openssl-libs:1:1.1.1g-11.el8",
+ "impacted_artifact": "docker://eck/eck-operator:1.3.1",
+ "impact_path": [
+ "docker://eck/eck-operator:1.3.1",
+ "generic://sha256:4753a4528f5f857083f7c31ba761a3ed67c0005660cc488d96b1b80165946a38/sha256__4753a4528f5f857083f7c31ba761a3ed67c0005660cc488d96b1b80165946a38.tar.gz",
+ "rpm://8:openssl-libs:1:1.1.1g-11.el8"
+ ],
+ "path": "elastic-docker-remote/eck/eck-operator/1.3.1/",
+ "fixed_versions": [
+ "≥ 1:1.1.1g-12.el8_3"
+ ],
+ "published": "2020-12-29T09:32:48+11:00",
+ "artifact_scan_time": "2021-02-03T12:25:34+11:00",
+ "issue_id": "XRAY-137550",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.Security Fix(es):* openssl: EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Bug Fix(es):* Reject certificates with explicit EC parameters in strict mode (BZ#1891541)* Add FIPS selftest for HKDF, SSKDF, SSHKDF, and TLS12PRF; add DH_compute_key KAT to DH selftest (BZ#1891542)",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-1971",
+ "https://access.redhat.com/errata/RHSA-2020:5476"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "RHSA-2021:1246: gnutls and nettle security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:nettle:0:3.4.1-2.el8",
+ "impacted_artifact": "docker://eck/eck-operator:1.3.1",
+ "impact_path": [
+ "docker://eck/eck-operator:1.3.1",
+ "generic://sha256:4753a4528f5f857083f7c31ba761a3ed67c0005660cc488d96b1b80165946a38/sha256__4753a4528f5f857083f7c31ba761a3ed67c0005660cc488d96b1b80165946a38.tar.gz",
+ "rpm://8:nettle:0:3.4.1-2.el8"
+ ],
+ "path": "elastic-docker-remote/eck/eck-operator/1.3.1/",
+ "fixed_versions": [
+ "≥ 0:3.4.1-2.el8_2"
+ ],
+ "published": "2021-04-22T03:24:20+10:00",
+ "artifact_scan_time": "2021-02-03T12:25:34+11:00",
+ "issue_id": "XRAY-173361",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.Security Fix(es):* nettle: Out of bounds memory access in signature verification (CVE-2021-20305)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2021:1246",
+ "https://access.redhat.com/security/cve/CVE-2021-20305"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "CVE-2021-20305 nettle: Out of bounds memory access in signature verification",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:nettle:0:3.4.1-2.el8",
+ "impacted_artifact": "docker://eck/eck-operator:1.3.1",
+ "impact_path": [
+ "docker://eck/eck-operator:1.3.1",
+ "generic://sha256:4753a4528f5f857083f7c31ba761a3ed67c0005660cc488d96b1b80165946a38/sha256__4753a4528f5f857083f7c31ba761a3ed67c0005660cc488d96b1b80165946a38.tar.gz",
+ "rpm://8:nettle:0:3.4.1-2.el8"
+ ],
+ "path": "elastic-docker-remote/eck/eck-operator/1.3.1/",
+ "fixed_versions": [],
+ "published": "2021-04-01T21:08:25+11:00",
+ "artifact_scan_time": "2021-02-03T12:25:34+11:00",
+ "issue_id": "XRAY-160674",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "references": [
+ "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3450",
+ "cvss_v2_score": 5.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 7.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"
+ },
+ {
+ "cve": "CVE-2021-3449",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.8,
+ "cvss3_max_score": 7.4,
+ "summary": "RHSA-2021:1024: openssl security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:openssl-libs:1:1.1.1g-11.el8",
+ "impacted_artifact": "docker://eck/eck-operator:1.3.1",
+ "impact_path": [
+ "docker://eck/eck-operator:1.3.1",
+ "generic://sha256:4753a4528f5f857083f7c31ba761a3ed67c0005660cc488d96b1b80165946a38/sha256__4753a4528f5f857083f7c31ba761a3ed67c0005660cc488d96b1b80165946a38.tar.gz",
+ "rpm://8:openssl-libs:1:1.1.1g-11.el8"
+ ],
+ "path": "elastic-docker-remote/eck/eck-operator/1.3.1/",
+ "fixed_versions": [
+ "≥ 1:1.1.1g-15.el8_3"
+ ],
+ "published": "2021-04-22T04:15:50+10:00",
+ "artifact_scan_time": "2021-02-03T12:25:34+11:00",
+ "issue_id": "XRAY-173376",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.Security Fix(es):* openssl: NULL pointer dereference in signature_algorithms processing (CVE-2021-3449)* openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT (CVE-2021-3450)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2021:1024",
+ "https://access.redhat.com/security/cve/CVE-2021-3449",
+ "https://access.redhat.com/security/cve/CVE-2021-3450"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Apache Commons IO input/InfiniteCircularInputStream.java InfiniteCircularInputStream::read() Function Buffer Handling Divide-by-zero DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-io:commons-io:2.6",
+ "impacted_artifact": "rpm://apache-commons-io:1:2.6-3.module+el8+2452+b359bfcd",
+ "impact_path": [
+ "rpm://apache-commons-io:1:2.6-3.module+el8+2452+b359bfcd",
+ "gav://commons-io:commons-io:2.6"
+ ],
+ "path": "ubi8-appstream-remote/Packages/a/apache-commons-io-2.6-3.module+el8+2452+b359bfcd.noarch.rpm",
+ "fixed_versions": [
+ "2.8.0"
+ ],
+ "published": "2020-09-27T18:46:21+10:00",
+ "artifact_scan_time": "2021-01-27T22:18:39+11:00",
+ "issue_id": "XRAY-125253",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons IO contains a divide-by-zero condition in the InfiniteCircularInputStream::read() function in input/InfiniteCircularInputStream.java that is triggered when the input buffer is of size 0. This may allow a context-dependent attacker to crash a process linked against the library.",
+ "references": [
+ "https://github.com/apache/commons-io/commit/0de91c048fb575b9e7906e966a4428574fd03695",
+ "https://github.com/apache/commons-io/commit/97ae01c95837f50a2e9be34c370b271c4d8fc88b",
+ "https://issues.apache.org/jira/browse/IO-675",
+ "https://commons.apache.org/proper/commons-io/changes-report.html#a2.8.0"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000487",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:2.0.1",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:2.0.1",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:2.0.1"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/2.0.1/plexus-utils-2.0.1.jar",
+ "fixed_versions": [
+ "3.0.16"
+ ],
+ "published": "2019-06-10T18:42:32+10:00",
+ "artifact_scan_time": "2021-01-28T14:56:38+11:00",
+ "issue_id": "XRAY-83897",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1322",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522",
+ "https://www.debian.org/security/2018/dsa-4149",
+ "https://www.debian.org/security/2018/dsa-4146",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "Plexus-utils util/xml/XmlWriterUtil.java XmlWriterUtil::writeComment() Function Comment String Escape XML Injection Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:2.0.1",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:2.0.1",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:2.0.1"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/2.0.1/plexus-utils-2.0.1.jar",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-09-15T21:14:39+10:00",
+ "artifact_scan_time": "2021-01-28T14:56:38+11:00",
+ "issue_id": "XRAY-88166",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils contains a flaw in the XmlWriterUtil::writeComment() function in util/xml/XmlWriterUtil.java that is triggered as comment strings are not properly sanitized. This may allow a context-dependent attacker to inject unexpected content through XML code and have an unspecified impact.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/issues/3",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3121",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "severity": "High",
+ "vulnerable_component": "go://github.com/gogo/protobuf:1.3.1",
+ "impacted_artifact": "docker://fluxcd/notification-controller:sha256__b68cc05b4de6fbec6df50e67cd93880c45dae2eea381d461585cc61622508acf",
+ "impact_path": [
+ "docker://fluxcd/notification-controller:sha256__b68cc05b4de6fbec6df50e67cd93880c45dae2eea381d461585cc61622508acf",
+ "generic://sha256:06e88261f0740c8690d41b76b4e9d8e515aa84f4a808e06c9ad855db02e633eb/sha256__06e88261f0740c8690d41b76b4e9d8e515aa84f4a808e06c9ad855db02e633eb.tar.gz",
+ "generic://sha256:03331f93de5db908797adb09f55c8129a48162e63f3c47e73f1b3f2cf2a221a6/notification-controller",
+ "go://github.com/gogo/protobuf:1.3.1"
+ ],
+ "path": "dockerhub-remote/fluxcd/notification-controller/sha256__b68cc05b4de6fbec6df50e67cd93880c45dae2eea381d461585cc61622508acf/",
+ "fixed_versions": [
+ "1.3.2"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-02-02T11:35:15+11:00",
+ "issue_id": "XRAY-139136",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "references": [
+ "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E",
+ "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E",
+ "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2",
+ "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "BusyBox archival/libarchive/decompress_bunzip2.c get_next_block() Function Selectors Handling Out-of-bounds Write DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:ssl_client:1.31.1-r19",
+ "impacted_artifact": "docker://fluxcd/notification-controller:sha256__b68cc05b4de6fbec6df50e67cd93880c45dae2eea381d461585cc61622508acf",
+ "impact_path": [
+ "docker://fluxcd/notification-controller:sha256__b68cc05b4de6fbec6df50e67cd93880c45dae2eea381d461585cc61622508acf",
+ "generic://sha256:801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea/sha256__801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea.tar.gz",
+ "alpine://3.12:ssl_client:1.31.1-r19"
+ ],
+ "path": "dockerhub-remote/fluxcd/notification-controller/sha256__b68cc05b4de6fbec6df50e67cd93880c45dae2eea381d461585cc61622508acf/",
+ "fixed_versions": [],
+ "published": "2020-10-07T02:24:17+11:00",
+ "artifact_scan_time": "2021-02-02T11:35:15+11:00",
+ "issue_id": "XRAY-125951",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "BusyBox contains an out-of-bounds write flaw in the get_next_block() function in archival/libarchive/decompress_bunzip2.c that is triggered when handling a large number of selectors while decompressing BZIP2 files. This may allow a context-dependent attacker to cause a crash.",
+ "references": [
+ "https://bugs.buildroot.org/show_bug.cgi?id=12916"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.5,
+ "summary": "Alpine Package Keeper (apk-tools) io.c apk_resolve_[ug]id() Functions Username / Groupname TAR Header Field Handling Out-of-bounds Read DoS Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:apk-tools:2.10.5-r1",
+ "impacted_artifact": "docker://fluxcd/notification-controller:sha256__b68cc05b4de6fbec6df50e67cd93880c45dae2eea381d461585cc61622508acf",
+ "impact_path": [
+ "docker://fluxcd/notification-controller:sha256__b68cc05b4de6fbec6df50e67cd93880c45dae2eea381d461585cc61622508acf",
+ "generic://sha256:801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea/sha256__801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea.tar.gz",
+ "alpine://3.12:apk-tools:2.10.5-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/notification-controller/sha256__b68cc05b4de6fbec6df50e67cd93880c45dae2eea381d461585cc61622508acf/",
+ "fixed_versions": [
+ "2.10.6-r0"
+ ],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-02-02T11:35:15+11:00",
+ "issue_id": "XRAY-173006",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Alpine Package Keeper (apk-tools) contains an out-of-bounds read flaw in the apk_resolve_uid() and apk_resolve_gid() functions in io.c that is triggered as username and groupname header fields are not properly checked for string terminators when parsing TAR file headers. This can potentially allow a context-dependent attacker to cause a denial of service.",
+ "references": [
+ "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741",
+ "https://github.com/docker-library/official-images/pull/9982",
+ "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606",
+ "https://github.com/alpinelinux/apk-tools/commit/f7143c1766ae59489ac922e890ffe6d4a61c3b2d",
+ "https://github.com/alpinelinux/aports/commit/aa740eb10ca7b8386cadc8761da1e30ed931486c",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-30139"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "BusyBox archival/libarchive/decompress_bunzip2.c get_next_block() Function Selectors Handling Out-of-bounds Write DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:busybox:1.31.1-r19",
+ "impacted_artifact": "docker://fluxcd/notification-controller:sha256__b68cc05b4de6fbec6df50e67cd93880c45dae2eea381d461585cc61622508acf",
+ "impact_path": [
+ "docker://fluxcd/notification-controller:sha256__b68cc05b4de6fbec6df50e67cd93880c45dae2eea381d461585cc61622508acf",
+ "generic://sha256:801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea/sha256__801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea.tar.gz",
+ "alpine://3.12:busybox:1.31.1-r19"
+ ],
+ "path": "dockerhub-remote/fluxcd/notification-controller/sha256__b68cc05b4de6fbec6df50e67cd93880c45dae2eea381d461585cc61622508acf/",
+ "fixed_versions": [],
+ "published": "2020-10-07T02:24:17+11:00",
+ "artifact_scan_time": "2021-02-02T11:35:15+11:00",
+ "issue_id": "XRAY-125951",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "BusyBox contains an out-of-bounds write flaw in the get_next_block() function in archival/libarchive/decompress_bunzip2.c that is triggered when handling a large number of selectors while decompressing BZIP2 files. This may allow a context-dependent attacker to cause a crash.",
+ "references": [
+ "https://bugs.buildroot.org/show_bug.cgi?id=12916"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "Apache Maven External Repository Validation Failure Arbitrary Code Execution",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.maven:maven-settings:3.5.4",
+ "impacted_artifact": "rpm://maven-lib:1:3.5.4-5.module+el8+2452+b359bfcd",
+ "impact_path": [
+ "rpm://maven-lib:1:3.5.4-5.module+el8+2452+b359bfcd",
+ "gav://org.apache.maven:maven-settings:3.5.4"
+ ],
+ "path": "ubi8-appstream-remote/Packages/m/maven-lib-3.5.4-5.module+el8+2452+b359bfcd.noarch.rpm",
+ "fixed_versions": [
+ "3.8.1"
+ ],
+ "published": "2021-04-14T16:59:26+10:00",
+ "artifact_scan_time": "2021-01-27T22:18:40+11:00",
+ "issue_id": "XRAY-172725",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Maven contains a flaw that is triggered as the program insecurely uses material from an insecure external repository by default. This may allow a remote attacker with control of a repository that is in use, to potentially inject and execute malicious code.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-26291",
+ "http://maven.apache.org/docs/3.8.1/release-notes.html",
+ "http://mail-archives.apache.org/mod_mbox/maven-announce/202104.mbox/%3CMailbird-0918dc43-dc18-4008-b83b-8bc8b1528177%40apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "Apache Maven External Repository Validation Failure Arbitrary Code Execution",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.maven:maven-compat:3.5.4",
+ "impacted_artifact": "rpm://maven-lib:1:3.5.4-5.module+el8+2452+b359bfcd",
+ "impact_path": [
+ "rpm://maven-lib:1:3.5.4-5.module+el8+2452+b359bfcd",
+ "gav://org.apache.maven:maven-compat:3.5.4"
+ ],
+ "path": "ubi8-appstream-remote/Packages/m/maven-lib-3.5.4-5.module+el8+2452+b359bfcd.noarch.rpm",
+ "fixed_versions": [
+ "3.8.1"
+ ],
+ "published": "2021-04-14T16:59:26+10:00",
+ "artifact_scan_time": "2021-01-27T22:18:40+11:00",
+ "issue_id": "XRAY-172725",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Maven contains a flaw that is triggered as the program insecurely uses material from an insecure external repository by default. This may allow a remote attacker with control of a repository that is in use, to potentially inject and execute malicious code.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-26291",
+ "http://maven.apache.org/docs/3.8.1/release-notes.html",
+ "http://mail-archives.apache.org/mod_mbox/maven-announce/202104.mbox/%3CMailbird-0918dc43-dc18-4008-b83b-8bc8b1528177%40apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "Apache Maven External Repository Validation Failure Arbitrary Code Execution",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.maven:maven-core:3.5.4",
+ "impacted_artifact": "rpm://maven-lib:1:3.5.4-5.module+el8+2452+b359bfcd",
+ "impact_path": [
+ "rpm://maven-lib:1:3.5.4-5.module+el8+2452+b359bfcd",
+ "gav://org.apache.maven:maven-core:3.5.4"
+ ],
+ "path": "ubi8-appstream-remote/Packages/m/maven-lib-3.5.4-5.module+el8+2452+b359bfcd.noarch.rpm",
+ "fixed_versions": [
+ "3.8.1"
+ ],
+ "published": "2021-04-14T16:59:26+10:00",
+ "artifact_scan_time": "2021-01-27T22:18:40+11:00",
+ "issue_id": "XRAY-172725",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Maven contains a flaw that is triggered as the program insecurely uses material from an insecure external repository by default. This may allow a remote attacker with control of a repository that is in use, to potentially inject and execute malicious code.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-26291",
+ "http://maven.apache.org/docs/3.8.1/release-notes.html",
+ "http://mail-archives.apache.org/mod_mbox/maven-announce/202104.mbox/%3CMailbird-0918dc43-dc18-4008-b83b-8bc8b1528177%40apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-5382",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Bouncy Castle BKS version 1 keystore (BKS-V1) files use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS-V1 keystore. All BKS-V1 keystores are vulnerable. Bouncy Castle release 1.47 introduces BKS version 2, which uses a 160-bit MAC.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.netbeans.external:bcprov:RELEASE113",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2/sha256__0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2.tar.gz",
+ "gav://org.netbeans.external:bcprov:RELEASE113"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [
+ "1.47"
+ ],
+ "published": "2018-06-11T18:33:48+10:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-68665",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Bouncy Castle BKS version 1 keystore (BKS-V1) files use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS-V1 keystore. All BKS-V1 keystores are vulnerable. Bouncy Castle release 1.47 introduces BKS version 2, which uses a 160-bit MAC.",
+ "references": [
+ "http://www.securityfocus.com/bid/103453",
+ "https://www.bouncycastle.org/releasenotes.html",
+ "https://www.kb.cert.org/vuls/id/306792"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-5382",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Bouncy Castle BKS version 1 keystore (BKS-V1) files use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS-V1 keystore. All BKS-V1 keystores are vulnerable. Bouncy Castle release 1.47 introduces BKS version 2, which uses a 160-bit MAC.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.netbeans.external:bcprov:RELEASE113",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:4ccdd8a52dc05e5935acf607b46064583fa65b40d80612891e3a35ff70acf735/sha256__4ccdd8a52dc05e5935acf607b46064583fa65b40d80612891e3a35ff70acf735.tar.gz",
+ "gav://org.netbeans.external:bcprov:RELEASE113"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [
+ "1.47"
+ ],
+ "published": "2018-06-11T18:33:48+10:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-68665",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Bouncy Castle BKS version 1 keystore (BKS-V1) files use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS-V1 keystore. All BKS-V1 keystores are vulnerable. Bouncy Castle release 1.47 introduces BKS version 2, which uses a 160-bit MAC.",
+ "references": [
+ "http://www.securityfocus.com/bid/103453",
+ "https://www.bouncycastle.org/releasenotes.html",
+ "https://www.kb.cert.org/vuls/id/306792"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2013-7338",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "summary": "Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python:7:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python:7:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2019-11-27T22:47:00+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-92223",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.",
+ "references": [
+ "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
+ "http://www.securityfocus.com/bid/65179",
+ "http://bugs.python.org/issue20078",
+ "http://hg.python.org/cpython/rev/79ea4ce431b1",
+ "https://docs.python.org/3.3/whatsnew/changelog.html",
+ "https://support.apple.com/kb/HT205031",
+ "https://security.gentoo.org/glsa/201503-10",
+ "http://seclists.org/oss-sec/2014/q1/592",
+ "http://seclists.org/oss-sec/2014/q1/595",
+ "http://www.securitytracker.com/id/1029973",
+ "http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2013-7338",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "summary": "Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python:7:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python:7:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2019-11-27T22:47:00+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-92223",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.",
+ "references": [
+ "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
+ "http://www.securityfocus.com/bid/65179",
+ "http://bugs.python.org/issue20078",
+ "http://hg.python.org/cpython/rev/79ea4ce431b1",
+ "https://docs.python.org/3.3/whatsnew/changelog.html",
+ "https://support.apple.com/kb/HT205031",
+ "https://security.gentoo.org/glsa/201503-10",
+ "http://seclists.org/oss-sec/2014/q1/592",
+ "http://seclists.org/oss-sec/2014/q1/595",
+ "http://www.securitytracker.com/id/1029973",
+ "http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-1000802",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python:7:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python:7:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2019-11-29T04:40:00+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-92291",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.",
+ "references": [
+ "https://bugs.python.org/issue34540",
+ "https://github.com/python/cpython/pull/8985",
+ "https://github.com/python/cpython/pull/8985/commits/add531a1e55b0a739b0f42582f1c9747e5649ace",
+ "https://www.debian.org/security/2018/dsa-4306",
+ "https://mega.nz/#!JUFiCC4R!mq-jQ8ySFwIhX6WMDujaZuNBfttDVt7DETlfOIQE1ig",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
+ "https://usn.ubuntu.com/3817-1/",
+ "https://usn.ubuntu.com/3817-2/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-1000802",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python:7:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python:7:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2019-11-29T04:40:00+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-92291",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.",
+ "references": [
+ "https://bugs.python.org/issue34540",
+ "https://github.com/python/cpython/pull/8985",
+ "https://github.com/python/cpython/pull/8985/commits/add531a1e55b0a739b0f42582f1c9747e5649ace",
+ "https://www.debian.org/security/2018/dsa-4306",
+ "https://mega.nz/#!JUFiCC4R!mq-jQ8ySFwIhX6WMDujaZuNBfttDVt7DETlfOIQE1ig",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
+ "https://usn.ubuntu.com/3817-1/",
+ "https://usn.ubuntu.com/3817-2/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2014-3215",
+ "cvss_v2_score": 6.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C"
+ }
+ ],
+ "cvss2_max_score": 6.9,
+ "summary": "CVE-2014-3215 policycoreutils: local privilege escalation via seunshare",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:libcap-ng:93:0.7.5-4.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:libcap-ng:93:0.7.5-4.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2020-07-13T04:28:36+10:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-112349",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges by leveraging a program that mistakenly expected that it could permanently drop privileges.",
+ "references": [],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2014-3215",
+ "cvss_v2_score": 6.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C"
+ }
+ ],
+ "cvss2_max_score": 6.9,
+ "summary": "CVE-2014-3215 policycoreutils: local privilege escalation via seunshare",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:libcap-ng:93:0.7.5-4.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:libcap-ng:93:0.7.5-4.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2020-07-13T04:28:36+10:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-112349",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges by leveraging a program that mistakenly expected that it could permanently drop privileges.",
+ "references": [],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-5827",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.8,
+ "summary": "CVE-2019-5827 chromium-browser: out-of-bounds access in SQLite",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:sqlite:19:3.7.17-8.el7_7.1",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:sqlite:19:3.7.17-8.el7_7.1"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2020-07-13T04:04:32+10:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-109517",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
+ "references": [
+ "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-5827",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.8,
+ "summary": "CVE-2019-5827 chromium-browser: out-of-bounds access in SQLite",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:sqlite:19:3.7.17-8.el7_7.1",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:sqlite:19:3.7.17-8.el7_7.1"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2020-07-13T04:04:32+10:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-109517",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
+ "references": [
+ "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27219",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss3_max_score": 9.8,
+ "summary": "CVE-2021-27219 glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:glib2:0:2.56.1-5.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:glib2:0:2.56.1-5.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2021-03-17T00:26:15+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-146608",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: An integer wraparound was discovered in glib due to passing a 64 bits size value to function g_memdup() which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application linked against glib library uses g_bytes_new() function or possibly other functions that use g_memdup() underneath and accept a 64 bits argument as size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. STATEMENT: Applications that just use GBytes to access the data are affected by this flaw but the highest threat is to data confidentiality and/or the application availability, due to possible out-of-bounds reads. However, if the data in GBytes is taken through functions such as g_bytes_unref_to_data or g_bytes_unref_to_array it might be possible to have out-of-bounds writes due to the wrongly reported size of the buffer.Applications that use g_memdup to duplicate memory with user-controlled sizes should pay extra attention to the fact that g_memdup accepts a guint size instead of gsize. Thus directly passing a gsize value to g_memdup may results in integer truncation, allocating a buffer smaller than expected.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2021-27219"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27219",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss3_max_score": 9.8,
+ "summary": "CVE-2021-27219 glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:glib2:0:2.56.1-5.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:glib2:0:2.56.1-5.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2021-03-17T00:26:15+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-146608",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: An integer wraparound was discovered in glib due to passing a 64 bits size value to function g_memdup() which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application linked against glib library uses g_bytes_new() function or possibly other functions that use g_memdup() underneath and accept a 64 bits argument as size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. STATEMENT: Applications that just use GBytes to access the data are affected by this flaw but the highest threat is to data confidentiality and/or the application availability, due to possible out-of-bounds reads. However, if the data in GBytes is taken through functions such as g_bytes_unref_to_data or g_bytes_unref_to_array it might be possible to have out-of-bounds writes due to the wrongly reported size of the buffer.Applications that use g_memdup to duplicate memory with user-controlled sizes should pay extra attention to the fact that g_memdup accepts a guint size instead of gsize. Thus directly passing a gsize value to g_memdup may results in integer truncation, allocating a buffer smaller than expected.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2021-27219"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "json-smart minidev/json/parser/JSONParserBase.java JSONParserBase::extractFloat() Function Improper Exception Handling DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://net.minidev:json-smart:2.3",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:4ccdd8a52dc05e5935acf607b46064583fa65b40d80612891e3a35ff70acf735/sha256__4ccdd8a52dc05e5935acf607b46064583fa65b40d80612891e3a35ff70acf735.tar.gz",
+ "gav://net.minidev:json-smart:2.3"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2021-02-24T20:04:52+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-141174",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "json-smart contains a flaw in the JSONParserBase::extractFloat() function in minidev/json/parser/JSONParserBase.java that is triggered as a NumberFormatException exception is not properly handled when parsing specially crafted float number values. This may allow a context-dependent attacker to crash a process using the library.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-27568",
+ "https://github.com/netplex/json-smart-v1/issues/7",
+ "https://github.com/netplex/json-smart-v2/issues/60"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "json-smart minidev/json/parser/JSONParserBase.java JSONParserBase::extractFloat() Function Improper Exception Handling DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://net.minidev:json-smart:2.3",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2/sha256__0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2.tar.gz",
+ "gav://net.minidev:json-smart:2.3"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2021-02-24T20:04:52+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-141174",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "json-smart contains a flaw in the JSONParserBase::extractFloat() function in minidev/json/parser/JSONParserBase.java that is triggered as a NumberFormatException exception is not properly handled when parsing specially crafted float number values. This may allow a context-dependent attacker to crash a process using the library.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-27568",
+ "https://github.com/netplex/json-smart-v1/issues/7",
+ "https://github.com/netplex/json-smart-v2/issues/60"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8492",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 6.5,
+ "summary": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-libs:1:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python-libs:1:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2020-02-07T18:07:12+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-94468",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
+ "references": [
+ "https://security.netapp.com/advisory/ntap-20200221-0001/",
+ "https://bugs.python.org/issue39503",
+ "https://github.com/python/cpython/pull/18284",
+ "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8492",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 6.5,
+ "summary": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-libs:1:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python-libs:1:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2020-02-07T18:07:12+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-94468",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
+ "references": [
+ "https://security.netapp.com/advisory/ntap-20200221-0001/",
+ "https://bugs.python.org/issue39503",
+ "https://github.com/python/cpython/pull/18284",
+ "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformat-cbor CBORParser.java CBORParser::_finishBytes() Function Object Field Name Parsing Memory Allocation Exception DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:4ccdd8a52dc05e5935acf607b46064583fa65b40d80612891e3a35ff70acf735/sha256__4ccdd8a52dc05e5935acf607b46064583fa65b40d80612891e3a35ff70acf735.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2021-02-04T03:34:19+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-139421",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformat-cbor contains a flaw in the CBORParser::_finishBytes() function in CBORParser.java that is triggered as certain input is not properly validated when allocating memory for object field names. This may allow a context-dependent attacker to cause an out-of-memory exception, potentially resulting in a denial of service.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-28491",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/de072d314af8f5f269c8abec6930652af67bc8e6",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/186"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformat-cbor CBORParser.java CBORParser::_finishBytes() Function Object Field Name Parsing Memory Allocation Exception DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2/sha256__0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2021-02-04T03:34:19+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-139421",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformat-cbor contains a flaw in the CBORParser::_finishBytes() function in CBORParser.java that is triggered as certain input is not properly validated when allocating memory for object field names. This may allow a context-dependent attacker to cause an out-of-memory exception, potentially resulting in a denial of service.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-28491",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/de072d314af8f5f269c8abec6930652af67bc8e6",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/186"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-3191",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 9.8,
+ "summary": "CVE-2016-3191 pcre: workspace overflow for (*ACCEPT) with deeply nested parentheses (8.39/13, 10.22/12)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:glib2:0:2.56.1-5.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:glib2:0:2.56.1-5.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2020-07-13T04:18:05+10:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-111036",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "The compile_branch function in pcre_compile.c in PCRE 8.x before 8.39 and pcre2_compile.c in PCRE2 before 10.22 mishandles patterns containing an (*ACCEPT) substring in conjunction with nested parentheses, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-3542.",
+ "references": [],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-3191",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 9.8,
+ "summary": "CVE-2016-3191 pcre: workspace overflow for (*ACCEPT) with deeply nested parentheses (8.39/13, 10.22/12)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:glib2:0:2.56.1-5.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:glib2:0:2.56.1-5.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2020-07-13T04:18:05+10:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-111036",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "The compile_branch function in pcre_compile.c in PCRE 8.x before 8.39 and pcre2_compile.c in PCRE2 before 10.22 mishandles patterns containing an (*ACCEPT) substring in conjunction with nested parentheses, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-3542.",
+ "references": [],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12049",
+ "cvss_v2_score": 4.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.9,
+ "cvss3_max_score": 6.5,
+ "summary": "RHSA-2020:2894: dbus security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:dbus-libs:0:1.10.24-14.el7_8",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:dbus-libs:0:1.10.24-14.el7_8"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [
+ "≥ 1:1.10.24-14.el7_8"
+ ],
+ "published": "2020-08-25T19:35:04+10:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-119766",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility.Security Fix(es):* dbus: denial of service via file descriptor leak (CVE-2020-12049)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2020:2894",
+ "https://access.redhat.com/security/cve/CVE-2020-12049"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12049",
+ "cvss_v2_score": 4.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.9,
+ "cvss3_max_score": 6.5,
+ "summary": "RHSA-2020:2894: dbus security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:dbus-libs:0:1.10.24-14.el7_8",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:dbus-libs:0:1.10.24-14.el7_8"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [
+ "≥ 1:1.10.24-14.el7_8"
+ ],
+ "published": "2020-08-25T19:35:04+10:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-119766",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility.Security Fix(es):* dbus: denial of service via file descriptor leak (CVE-2020-12049)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2020:2894",
+ "https://access.redhat.com/security/cve/CVE-2020-12049"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 8.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 8.5,
+ "cvss3_max_score": 8.2,
+ "summary": "FasterXML jackson-databind ext/DOMDeserializer.java DOMDeserializer Class XML External Entity (XXE) Expansion Remote Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2/sha256__0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2020-10-15T22:39:55+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-126663",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains an XXE (Xml eXternal Entity) expansion flaw in the DOMDeserializer class in ext/DOMDeserializer.java that is triggered during the parsing of XML data. The issue is due to an incorrectly configured XML parser accepting XML external entities from an untrusted source. By sending specially crafted XML data, a remote attacker can potentially consume excessive system resources or disclose sensitive information.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-25649",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1887664",
+ "https://github.com/FasterXML/jackson-databind/issues/2589",
+ "https://github.com/FasterXML/jackson-databind/commit/e588f0af61b18576779ffb95a2a689a5eb1f9d15",
+ "https://github.com/FasterXML/jackson-databind/blob/jackson-databind-2.11.0/release-notes/VERSION-2.x",
+ "https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 8.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 8.5,
+ "cvss3_max_score": 8.2,
+ "summary": "FasterXML jackson-databind ext/DOMDeserializer.java DOMDeserializer Class XML External Entity (XXE) Expansion Remote Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:4ccdd8a52dc05e5935acf607b46064583fa65b40d80612891e3a35ff70acf735/sha256__4ccdd8a52dc05e5935acf607b46064583fa65b40d80612891e3a35ff70acf735.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2020-10-15T22:39:55+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-126663",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains an XXE (Xml eXternal Entity) expansion flaw in the DOMDeserializer class in ext/DOMDeserializer.java that is triggered during the parsing of XML data. The issue is due to an incorrectly configured XML parser accepting XML external entities from an untrusted source. By sending specially crafted XML data, a remote attacker can potentially consume excessive system resources or disclose sensitive information.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-25649",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1887664",
+ "https://github.com/FasterXML/jackson-databind/issues/2589",
+ "https://github.com/FasterXML/jackson-databind/commit/e588f0af61b18576779ffb95a2a689a5eb1f9d15",
+ "https://github.com/FasterXML/jackson-databind/blob/jackson-databind-2.11.0/release-notes/VERSION-2.x",
+ "https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.5,
+ "summary": "Netty AbstractDiskHttpData.delete() Function POST Request Handling File Deletion Memory Exhaustion Remote DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://io.netty:netty-codec-http:4.1.49.Final",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2/sha256__0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2.tar.gz",
+ "gav://io.netty:netty-codec-http:4.1.49.Final"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [
+ "4.1.53.Final"
+ ],
+ "published": "2020-10-28T01:16:36+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-127557",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Netty contains a flaw in the AbstractDiskHttpData.delete() function in handler/codec/http/multipart/AbstractDiskHttpData.java that is triggered as temporary file entries are added to the 'DeleteOnExitHook' object but not properly removed when processing POST requests that are 16 kB. This may allow a remote attacker to exhaust available memory resources, potentially resulting in a denial of service.",
+ "references": [
+ "https://github.com/netty/netty/pull/10560",
+ "https://github.com/netty/netty/issues/10351",
+ "https://github.com/netty/netty/commit/95ce1b95ea5679f826cdefcbaabb3b7c2d596100"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.5,
+ "summary": "Netty AbstractDiskHttpData.delete() Function POST Request Handling File Deletion Memory Exhaustion Remote DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://io.netty:netty-codec-http:4.1.49.Final",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:4ccdd8a52dc05e5935acf607b46064583fa65b40d80612891e3a35ff70acf735/sha256__4ccdd8a52dc05e5935acf607b46064583fa65b40d80612891e3a35ff70acf735.tar.gz",
+ "gav://io.netty:netty-codec-http:4.1.49.Final"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [
+ "4.1.53.Final"
+ ],
+ "published": "2020-10-28T01:16:36+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-127557",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Netty contains a flaw in the AbstractDiskHttpData.delete() function in handler/codec/http/multipart/AbstractDiskHttpData.java that is triggered as temporary file entries are added to the 'DeleteOnExitHook' object but not properly removed when processing POST requests that are 16 kB. This may allow a remote attacker to exhaust available memory resources, potentially resulting in a denial of service.",
+ "references": [
+ "https://github.com/netty/netty/pull/10560",
+ "https://github.com/netty/netty/issues/10351",
+ "https://github.com/netty/netty/commit/95ce1b95ea5679f826cdefcbaabb3b7c2d596100"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.5,
+ "summary": "Netty AbstractDiskHttpData.delete() Function POST Request Handling File Deletion Memory Exhaustion Remote DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://io.netty:netty-codec-http:4.1.49.Final",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:4ccdd8a52dc05e5935acf607b46064583fa65b40d80612891e3a35ff70acf735/sha256__4ccdd8a52dc05e5935acf607b46064583fa65b40d80612891e3a35ff70acf735.tar.gz",
+ "gav://io.netty:netty-codec-http:4.1.49.Final"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [
+ "4.1.53.Final"
+ ],
+ "published": "2020-10-28T01:16:36+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-127557",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Netty contains a flaw in the AbstractDiskHttpData.delete() function in handler/codec/http/multipart/AbstractDiskHttpData.java that is triggered as temporary file entries are added to the 'DeleteOnExitHook' object but not properly removed when processing POST requests that are 16 kB. This may allow a remote attacker to exhaust available memory resources, potentially resulting in a denial of service.",
+ "references": [
+ "https://github.com/netty/netty/pull/10560",
+ "https://github.com/netty/netty/issues/10351",
+ "https://github.com/netty/netty/commit/95ce1b95ea5679f826cdefcbaabb3b7c2d596100"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary smile/SmileParser.java Raw Binary Data Payload Handling Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:4ccdd8a52dc05e5935acf607b46064583fa65b40d80612891e3a35ff70acf735/sha256__4ccdd8a52dc05e5935acf607b46064583fa65b40d80612891e3a35ff70acf735.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-05-05T20:06:23+10:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-174966",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains a flaw in smile/SmileParser.java that is triggered as memory is improperly allocated when handling raw binary data payloads. This may allow a context-dependent attacker to exhaust available memory resources and potentially crash a process linked against the library.",
+ "references": [
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32180",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/260",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/57400266ce8af0105ed79fb576ac0c9cfe89e37b"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary smile/SmileParser.java Raw Binary Data Payload Handling Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2/sha256__0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-05-05T20:06:23+10:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-174966",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains a flaw in smile/SmileParser.java that is triggered as memory is improperly allocated when handling raw binary data payloads. This may allow a context-dependent attacker to exhaust available memory resources and potentially crash a process linked against the library.",
+ "references": [
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32180",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/260",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/57400266ce8af0105ed79fb576ac0c9cfe89e37b"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary smile/SmileParser.java 7-bit Encoded Binary Data Payload Handling Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2/sha256__0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-05-05T20:06:23+10:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-174967",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains a flaw in smile/SmileParser.java that is triggered as memory is improperly allocated when handling 7-bit encoded binary data payloads. This may allow a context-dependent attacker to exhaust available memory resources and potentially crash a process linked against the library.",
+ "references": [
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/01b883505389ba693b430da6ccbbc77fb380c462",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/265",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/7229150e6297ad7f33fdce709447160748feec9d"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary smile/SmileParser.java 7-bit Encoded Binary Data Payload Handling Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:4ccdd8a52dc05e5935acf607b46064583fa65b40d80612891e3a35ff70acf735/sha256__4ccdd8a52dc05e5935acf607b46064583fa65b40d80612891e3a35ff70acf735.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-05-05T20:06:23+10:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-174967",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains a flaw in smile/SmileParser.java that is triggered as memory is improperly allocated when handling 7-bit encoded binary data payloads. This may allow a context-dependent attacker to exhaust available memory resources and potentially crash a process linked against the library.",
+ "references": [
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/01b883505389ba693b430da6ccbbc77fb380c462",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/265",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/7229150e6297ad7f33fdce709447160748feec9d"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12049",
+ "cvss_v2_score": 4.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.9,
+ "cvss3_max_score": 5.5,
+ "summary": "Red Hat Security Advisory: dbus security update",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:dbus:0:1.10.24-14.el7_8",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:dbus:0:1.10.24-14.el7_8"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2020-07-14T14:04:08+10:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-113084",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "An update for dbus is now available for Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility.Security Fix(es):* dbus: denial of service via file descriptor leak (CVE-2020-12049)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2020:2894",
+ "https://access.redhat.com/security/updates/classification/#important"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12049",
+ "cvss_v2_score": 4.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.9,
+ "cvss3_max_score": 5.5,
+ "summary": "Red Hat Security Advisory: dbus security update",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:dbus:0:1.10.24-14.el7_8",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:dbus:0:1.10.24-14.el7_8"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2020-07-14T14:04:08+10:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-113084",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "An update for dbus is now available for Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility.Security Fix(es):* dbus: denial of service via file descriptor leak (CVE-2020-12049)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2020:2894",
+ "https://access.redhat.com/security/updates/classification/#important"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12049",
+ "cvss_v2_score": 4.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.9,
+ "cvss3_max_score": 6.5,
+ "summary": "RHSA-2020:2894: dbus security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:dbus:0:1.10.24-14.el7_8",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:dbus:0:1.10.24-14.el7_8"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [
+ "≥ 1:1.10.24-14.el7_8"
+ ],
+ "published": "2020-08-25T19:35:04+10:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-119766",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility.Security Fix(es):* dbus: denial of service via file descriptor leak (CVE-2020-12049)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2020:2894",
+ "https://access.redhat.com/security/cve/CVE-2020-12049"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12049",
+ "cvss_v2_score": 4.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.9,
+ "cvss3_max_score": 6.5,
+ "summary": "RHSA-2020:2894: dbus security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:dbus:0:1.10.24-14.el7_8",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:dbus:0:1.10.24-14.el7_8"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [
+ "≥ 1:1.10.24-14.el7_8"
+ ],
+ "published": "2020-08-25T19:35:04+10:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-119766",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility.Security Fix(es):* dbus: denial of service via file descriptor leak (CVE-2020-12049)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2020:2894",
+ "https://access.redhat.com/security/cve/CVE-2020-12049"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2015-8385",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "summary": "CVE-2015-8385 pcre: buffer overflow caused by named forward reference to duplicate group number (8.38/30)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:glib2:0:2.56.1-5.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:glib2:0:2.56.1-5.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2020-07-13T04:19:05+10:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-111224",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "PCRE before 8.38 mishandles the /(?|(\\k'Pm')|(?'Pm'))/ pattern and related patterns with certain forward references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.",
+ "references": [],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2015-8385",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "summary": "CVE-2015-8385 pcre: buffer overflow caused by named forward reference to duplicate group number (8.38/30)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:glib2:0:2.56.1-5.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:glib2:0:2.56.1-5.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2020-07-13T04:19:05+10:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-111224",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "PCRE before 8.38 mishandles the /(?|(\\k'Pm')|(?'Pm'))/ pattern and related patterns with certain forward references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.",
+ "references": [],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000158",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-libs:1:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python-libs:1:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2019-11-27T03:47:03+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-92046",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)",
+ "references": [
+ "https://www.debian.org/security/2018/dsa-4307",
+ "https://security.gentoo.org/glsa/201805-02",
+ "https://bugs.python.org/issue30657",
+ "https://lists.debian.org/debian-lts-announce/2017/11/msg00035.html",
+ "https://lists.debian.org/debian-lts-announce/2017/11/msg00036.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
+ "http://www.securitytracker.com/id/1039890"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000158",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-libs:1:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python-libs:1:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2019-11-27T03:47:03+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-92046",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)",
+ "references": [
+ "https://www.debian.org/security/2018/dsa-4307",
+ "https://security.gentoo.org/glsa/201805-02",
+ "https://bugs.python.org/issue30657",
+ "https://lists.debian.org/debian-lts-announce/2017/11/msg00035.html",
+ "https://lists.debian.org/debian-lts-announce/2017/11/msg00036.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
+ "http://www.securitytracker.com/id/1039890"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000158",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python:7:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python:7:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2019-11-27T03:47:03+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-92046",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)",
+ "references": [
+ "https://www.debian.org/security/2018/dsa-4307",
+ "https://security.gentoo.org/glsa/201805-02",
+ "https://bugs.python.org/issue30657",
+ "https://lists.debian.org/debian-lts-announce/2017/11/msg00035.html",
+ "https://lists.debian.org/debian-lts-announce/2017/11/msg00036.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
+ "http://www.securitytracker.com/id/1039890"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000158",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python:7:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python:7:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2019-11-27T03:47:03+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-92046",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)",
+ "references": [
+ "https://www.debian.org/security/2018/dsa-4307",
+ "https://security.gentoo.org/glsa/201805-02",
+ "https://bugs.python.org/issue30657",
+ "https://lists.debian.org/debian-lts-announce/2017/11/msg00035.html",
+ "https://lists.debian.org/debian-lts-announce/2017/11/msg00036.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
+ "http://www.securitytracker.com/id/1039890"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2013-7338",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "summary": "Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-libs:1:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python-libs:1:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2019-11-27T22:47:00+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-92223",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.",
+ "references": [
+ "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
+ "http://www.securityfocus.com/bid/65179",
+ "http://bugs.python.org/issue20078",
+ "http://hg.python.org/cpython/rev/79ea4ce431b1",
+ "https://docs.python.org/3.3/whatsnew/changelog.html",
+ "https://support.apple.com/kb/HT205031",
+ "https://security.gentoo.org/glsa/201503-10",
+ "http://seclists.org/oss-sec/2014/q1/592",
+ "http://seclists.org/oss-sec/2014/q1/595",
+ "http://www.securitytracker.com/id/1029973",
+ "http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2013-7338",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "summary": "Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-libs:1:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python-libs:1:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2019-11-27T22:47:00+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-92223",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.",
+ "references": [
+ "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
+ "http://www.securityfocus.com/bid/65179",
+ "http://bugs.python.org/issue20078",
+ "http://hg.python.org/cpython/rev/79ea4ce431b1",
+ "https://docs.python.org/3.3/whatsnew/changelog.html",
+ "https://support.apple.com/kb/HT205031",
+ "https://security.gentoo.org/glsa/201503-10",
+ "http://seclists.org/oss-sec/2014/q1/592",
+ "http://seclists.org/oss-sec/2014/q1/595",
+ "http://www.securitytracker.com/id/1029973",
+ "http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8492",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 6.5,
+ "summary": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python:7:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python:7:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2020-02-07T18:07:12+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-94468",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
+ "references": [
+ "https://security.netapp.com/advisory/ntap-20200221-0001/",
+ "https://bugs.python.org/issue39503",
+ "https://github.com/python/cpython/pull/18284",
+ "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8492",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 6.5,
+ "summary": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python:7:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python:7:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2020-02-07T18:07:12+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-94468",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
+ "references": [
+ "https://security.netapp.com/advisory/ntap-20200221-0001/",
+ "https://bugs.python.org/issue39503",
+ "https://github.com/python/cpython/pull/18284",
+ "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary SmileParser::nextToken() Function Smile Header Marker Recursion Handling Stack Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:4ccdd8a52dc05e5935acf607b46064583fa65b40d80612891e3a35ff70acf735/sha256__4ccdd8a52dc05e5935acf607b46064583fa65b40d80612891e3a35ff70acf735.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-04-01T20:39:14+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-160666",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains a flaw in the SmileParser::nextToken() function in smile/src/main/java/com/fasterxml/jackson/dataformat/smile/SmileParser.java that is triggered as recursive function calls are not properly handled when processing a sequence or 4-byte Smile header markers. This may allow a context-dependent attacker to exhaust available stack space and crash a process linked against the library.",
+ "references": [
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/87683e346e732204c769c50166d812eaf62b5ed1",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32665",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/268"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary SmileParser::nextToken() Function Smile Header Marker Recursion Handling Stack Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2/sha256__0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-04-01T20:39:14+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-160666",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains a flaw in the SmileParser::nextToken() function in smile/src/main/java/com/fasterxml/jackson/dataformat/smile/SmileParser.java that is triggered as recursive function calls are not properly handled when processing a sequence or 4-byte Smile header markers. This may allow a context-dependent attacker to exhaust available stack space and crash a process linked against the library.",
+ "references": [
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/87683e346e732204c769c50166d812eaf62b5ed1",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32665",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/268"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-1971",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference (important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:openssl-libs:16:1.0.2k-19.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:openssl-libs:16:1.0.2k-19.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:26+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-133959",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A null pointer dereference flaw was found in openssl. A remote attacker, able to control the arguments of the GENERAL_NAME_cmp function, could cause the application, compiled with openssl to crash resulting in a denial of service. The highest threat from this vulnerability is to system availability. STATEMENT: This is a flaw in the GENERAL_NAME_cmp function of openssl which can be triggered when both its arguments are of the same type i.e. EDIPARTYNAME. 1. Red Hat does not ship any applications compiled with openssl, which used the above function in a vulnerable way.2. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes, when comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate and when verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token). If an attacker can control both items being compared then that attacker could trigger a crash. For example, if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then a crash may be triggered.Third party applications compiled with openssl using the function GENERAL_NAME_cmp in a vulnerable way are affected by this flaw.GENERAL_NAME_cmp was added in 0.9.8k, therefore older versions of openssl are not affected by this flaw. MITIGATION: Applications not using the GENERAL_NAME_cmp of openssl are not vulnerable to this flaw. Even when this function is used, if the attacker can control both the arguments of this function, only then the attacker could trigger a crash.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-1971"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-1971",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference (important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:openssl-libs:16:1.0.2k-19.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:openssl-libs:16:1.0.2k-19.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:26+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-133959",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A null pointer dereference flaw was found in openssl. A remote attacker, able to control the arguments of the GENERAL_NAME_cmp function, could cause the application, compiled with openssl to crash resulting in a denial of service. The highest threat from this vulnerability is to system availability. STATEMENT: This is a flaw in the GENERAL_NAME_cmp function of openssl which can be triggered when both its arguments are of the same type i.e. EDIPARTYNAME. 1. Red Hat does not ship any applications compiled with openssl, which used the above function in a vulnerable way.2. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes, when comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate and when verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token). If an attacker can control both items being compared then that attacker could trigger a crash. For example, if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then a crash may be triggered.Third party applications compiled with openssl using the function GENERAL_NAME_cmp in a vulnerable way are affected by this flaw.GENERAL_NAME_cmp was added in 0.9.8k, therefore older versions of openssl are not affected by this flaw. MITIGATION: Applications not using the GENERAL_NAME_cmp of openssl are not vulnerable to this flaw. Even when this function is used, if the attacker can control both the arguments of this function, only then the attacker could trigger a crash.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-1971"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary cbor/CBORParser.java CBORParser::_finishTextToken() Function Integer Overflow Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:4ccdd8a52dc05e5935acf607b46064583fa65b40d80612891e3a35ff70acf735/sha256__4ccdd8a52dc05e5935acf607b46064583fa65b40d80612891e3a35ff70acf735.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-05-05T20:06:23+10:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-174965",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains an integer overflow condition in the CBORParser::_finishTextToken() function in cbor/CBORParser.java that is triggered as certain input is not properly validated. This may allow a context-dependent attacker to exhaust available memory resources, potentially resulting in a denial of service.",
+ "references": [
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32173",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/259",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/f20cf23f35dd86427d0ef160d4c07c60d9ca7dcd"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary cbor/CBORParser.java CBORParser::_finishTextToken() Function Integer Overflow Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2/sha256__0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-05-05T20:06:23+10:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-174965",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains an integer overflow condition in the CBORParser::_finishTextToken() function in cbor/CBORParser.java that is triggered as certain input is not properly validated. This may allow a context-dependent attacker to exhaust available memory resources, potentially resulting in a denial of service.",
+ "references": [
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32173",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/259",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/f20cf23f35dd86427d0ef160d4c07c60d9ca7dcd"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-1000802",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-libs:1:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python-libs:1:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2019-11-29T04:40:00+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-92291",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.",
+ "references": [
+ "https://bugs.python.org/issue34540",
+ "https://github.com/python/cpython/pull/8985",
+ "https://github.com/python/cpython/pull/8985/commits/add531a1e55b0a739b0f42582f1c9747e5649ace",
+ "https://www.debian.org/security/2018/dsa-4306",
+ "https://mega.nz/#!JUFiCC4R!mq-jQ8ySFwIhX6WMDujaZuNBfttDVt7DETlfOIQE1ig",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
+ "https://usn.ubuntu.com/3817-1/",
+ "https://usn.ubuntu.com/3817-2/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-1000802",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-libs:1:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.3-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python-libs:1:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.3-amd64/",
+ "fixed_versions": [],
+ "published": "2019-11-29T04:40:00+11:00",
+ "artifact_scan_time": "2021-02-04T13:17:52+11:00",
+ "issue_id": "XRAY-92291",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.",
+ "references": [
+ "https://bugs.python.org/issue34540",
+ "https://github.com/python/cpython/pull/8985",
+ "https://github.com/python/cpython/pull/8985/commits/add531a1e55b0a739b0f42582f1c9747e5649ace",
+ "https://www.debian.org/security/2018/dsa-4306",
+ "https://mega.nz/#!JUFiCC4R!mq-jQ8ySFwIhX6WMDujaZuNBfttDVt7DETlfOIQE1ig",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
+ "https://usn.ubuntu.com/3817-1/",
+ "https://usn.ubuntu.com/3817-2/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.5,
+ "summary": "Java Native Access (JNA) Advapi32Util.registryGetValues() Method REG_SZ, REG_MULTI_SZ / REG_EXPAND_SZ Data Type Handling DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://net.java.dev.jna:jna:4.5.2",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://org.jenkins-ci.plugins:pam-auth:1.5.1",
+ "gav://net.java.dev.jna:jna:4.5.2"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85/",
+ "fixed_versions": [
+ "5.0.0"
+ ],
+ "published": "2020-07-27T01:38:45+10:00",
+ "artifact_scan_time": "2021-04-06T16:32:29+10:00",
+ "issue_id": "XRAY-114349",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Java Native Access (JNA) contains a flaw in the Advapi32Util.registryGetValues() method that is triggered when handling a string with the REG_SZ, REG_MULTI_SZ or REG_EXPAND_SZ data types that is stored without properly null terminating characters. This may allow an attacker to crash the program.",
+ "references": [
+ "https://github.com/java-native-access/jna/commit/12493ba771a50fae7d6303e8b58b31eacf903327",
+ "https://github.com/java-native-access/jna/issues/340",
+ "https://github.com/java-native-access/jna/blob/master/CHANGES.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Code Execution Weakness (2021-21347)",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:49+11:00",
+ "artifact_scan_time": "2021-04-06T16:32:29+10:00",
+ "issue_id": "XRAY-146572",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary code.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21347",
+ "https://x-stream.github.io/CVE-2021-21347.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-1000031",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-fileupload:commons-fileupload:1.3.1-jenkins-2",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://commons-fileupload:commons-fileupload:1.3.1-jenkins-2"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85/",
+ "fixed_versions": [
+ "1.3.3"
+ ],
+ "published": "2017-07-05T21:31:10+10:00",
+ "artifact_scan_time": "2021-04-06T16:32:29+10:00",
+ "issue_id": "XRAY-55689",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution",
+ "references": [
+ "http://www.securityfocus.com/bid/93604",
+ "http://www.tenable.com/security/research/tra-2016-12",
+ "http://www.zerodayinitiative.com/advisories/ZDI-16-570/",
+ "https://www.tenable.com/security/research/tra-2016-30"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-1000027",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Pivotal Spring Framework 4.1.4 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication may be required.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.springframework:spring-web:5.2.12.RELEASE",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://org.springframework:spring-web:5.2.12.RELEASE"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85/",
+ "fixed_versions": [
+ "5.3.0-M2",
+ "5.3.0"
+ ],
+ "published": "2020-10-04T19:14:47+11:00",
+ "artifact_scan_time": "2021-04-06T16:32:29+10:00",
+ "issue_id": "XRAY-125778",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Pivotal Spring Framework 4.1.4 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication may be required.",
+ "references": [
+ "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1000027",
+ "https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000027.json",
+ "https://security-tracker.debian.org/tracker/CVE-2016-1000027",
+ "https://www.tenable.com/security/research/tra-2016-20"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Code Execution Weakness (2021-21346)",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:48+11:00",
+ "artifact_scan_time": "2021-04-06T16:32:29+10:00",
+ "issue_id": "XRAY-146571",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary code.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21346",
+ "https://x-stream.github.io/CVE-2021-21346.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Code Execution Weakness (2021-29505)",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85/",
+ "fixed_versions": [
+ "1.4.17"
+ ],
+ "published": "2021-05-19T02:57:32+10:00",
+ "artifact_scan_time": "2021-04-06T16:32:29+10:00",
+ "issue_id": "XRAY-175914",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary commands.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-29505",
+ "https://x-stream.github.io/CVE-2021-29505.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Apache Commons Compress archivers/zip/ZipFile.java ZipFile::readCentralDirectoryEntry() Function Uncaught Exception DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.commons:commons-compress:1.19",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://org.apache.commons:commons-compress:1.19"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85/",
+ "fixed_versions": [],
+ "published": "2021-05-18T20:57:33+10:00",
+ "artifact_scan_time": "2021-04-06T16:32:29+10:00",
+ "issue_id": "XRAY-175855",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons Compress contains a flaw in the ZipFile::readCentralDirectoryEntry() function in main/java/org/apache/commons/compress/archivers/zip/ZipFile.java related to an uncaught exception. This may allow a context-dependent attacker to crash a process linked against the library.",
+ "references": [
+ "https://github.com/apache/commons-compress/commit/26924e96c7730db014c310757e11c9359db07f3e",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33786",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33507",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33462",
+ "https://github.com/apache/commons-compress/commit/882c6dd12473d7b615d503e08fd6b866d0f866d5"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Code Execution Weakness (2021-21344)",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:48+11:00",
+ "artifact_scan_time": "2021-04-06T16:32:29+10:00",
+ "issue_id": "XRAY-146569",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary code.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21344",
+ "https://x-stream.github.io/CVE-2021-21344.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc-bin:2.28-10",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "generic://sha256:0ecb575e629cd60aa802266a3bc6847dcf4073aa2a6d7d43f717dd61e7b90e0b/sha256__0ecb575e629cd60aa802266a3bc6847dcf4073aa2a6d7d43f717dd61e7b90e0b.tar.gz",
+ "deb://debian:buster:libc-bin:2.28-10"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-04-06T16:32:29+10:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "XStream Insecure Stream Deserialization Infinite Loop CPU Consumption DoS Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:47+11:00",
+ "artifact_scan_time": "2021-04-06T16:32:29+10:00",
+ "issue_id": "XRAY-146566",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains an infinite loop condition that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to consume available CPU resources and hang a process linked against the library.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21341",
+ "https://x-stream.github.io/CVE-2021-21341.html",
+ "https://x-stream.github.io/changes.html#1.4.16"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "XStream Insecure Stream Deserialization Regular Expression Handling DoS Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:49+11:00",
+ "artifact_scan_time": "2021-04-06T16:32:29+10:00",
+ "issue_id": "XRAY-146573",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data and can cause the parsing of user-supplied data with an improper regular expression. This may allow a context-dependent attacker to slow down or hang a process linked against the library.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21348",
+ "https://x-stream.github.io/CVE-2021-21348.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2014-0114",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "summary": "Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-beanutils:commons-beanutils:1.9.3",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://commons-beanutils:commons-beanutils:1.9.3"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85/",
+ "fixed_versions": [
+ "1.9.4"
+ ],
+ "published": "2017-07-05T21:31:08+10:00",
+ "artifact_scan_time": "2021-04-06T16:32:29+10:00",
+ "issue_id": "XRAY-55616",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.",
+ "references": [
+ "http://advisories.mageia.org/MGASA-2014-0219.html",
+ "http://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.2/RELEASE-NOTES.txt",
+ "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136958.html",
+ "http://marc.info/?l=bugtraq\u0026m=140119284401582\u0026w=2",
+ "http://marc.info/?l=bugtraq\u0026m=140801096002766\u0026w=2",
+ "http://marc.info/?l=bugtraq\u0026m=141451023707502\u0026w=2",
+ "http://openwall.com/lists/oss-security/2014/06/15/10",
+ "http://openwall.com/lists/oss-security/2014/07/08/1",
+ "http://seclists.org/fulldisclosure/2014/Dec/23",
+ "http://secunia.com/advisories/57477",
+ "http://secunia.com/advisories/58710",
+ "http://secunia.com/advisories/58851",
+ "http://secunia.com/advisories/58947",
+ "http://secunia.com/advisories/59014",
+ "http://secunia.com/advisories/59118",
+ "http://secunia.com/advisories/59228",
+ "http://secunia.com/advisories/59245",
+ "http://secunia.com/advisories/59246",
+ "http://secunia.com/advisories/59430",
+ "http://secunia.com/advisories/59464",
+ "http://secunia.com/advisories/59479",
+ "http://secunia.com/advisories/59480",
+ "http://secunia.com/advisories/59704",
+ "http://secunia.com/advisories/59718",
+ "http://secunia.com/advisories/60177",
+ "http://secunia.com/advisories/60703",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21674128",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21674812",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675266",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675387",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675689",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675898",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675972",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676091",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676110",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676303",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676375",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676931",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21677110",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg27042296",
+ "http://www.debian.org/security/2014/dsa-2940",
+ "http://www.ibm.com/support/docview.wss?uid=swg21675496",
+ "http://www.mandriva.com/security/advisories?name=MDVSA-2014:095",
+ "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
+ "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
+ "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
+ "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
+ "http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded",
+ "http://www.securityfocus.com/bid/67121",
+ "http://www.vmware.com/security/advisories/VMSA-2014-0008.html",
+ "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
+ "https://access.redhat.com/solutions/869353",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1091938",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1116665",
+ "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755",
+ "https://issues.apache.org/jira/browse/BEANUTILS-463",
+ "https://security.gentoo.org/glsa/201607-09"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc-l10n:2.28-10",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "generic://sha256:a87482283dbb235a9eeb81f9f153c922f56ed9e3ed7df22f3c04b84b9717691d/sha256__a87482283dbb235a9eeb81f9f153c922f56ed9e3ed7df22f3c04b84b9717691d.tar.gz",
+ "deb://debian:buster:libc-l10n:2.28-10"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-04-06T16:32:29+10:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Code Execution Weakness (2021-21351)",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:50+11:00",
+ "artifact_scan_time": "2021-04-06T16:32:29+10:00",
+ "issue_id": "XRAY-146576",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary code.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21351",
+ "https://x-stream.github.io/CVE-2021-21351.html",
+ "https://s.tencent.com/research/bsafe/1271.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Code Execution Weakness (2021-21350)",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:49+11:00",
+ "artifact_scan_time": "2021-04-06T16:32:29+10:00",
+ "issue_id": "XRAY-146575",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary code.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21350",
+ "https://x-stream.github.io/CVE-2021-21350.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:locales:2.28-10",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "generic://sha256:a87482283dbb235a9eeb81f9f153c922f56ed9e3ed7df22f3c04b84b9717691d/sha256__a87482283dbb235a9eeb81f9f153c922f56ed9e3ed7df22f3c04b84b9717691d.tar.gz",
+ "deb://debian:buster:locales:2.28-10"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-04-06T16:32:29+10:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Command Execution Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:48+11:00",
+ "artifact_scan_time": "2021-04-06T16:32:29+10:00",
+ "issue_id": "XRAY-146570",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary commands.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21345",
+ "https://x-stream.github.io/CVE-2021-21345.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc6:2.28-10",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "generic://sha256:0ecb575e629cd60aa802266a3bc6847dcf4073aa2a6d7d43f717dd61e7b90e0b/sha256__0ecb575e629cd60aa802266a3bc6847dcf4073aa2a6d7d43f717dd61e7b90e0b.tar.gz",
+ "deb://debian:buster:libc6:2.28-10"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-04-06T16:32:29+10:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-10086",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 7.3,
+ "summary": "In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-beanutils:commons-beanutils:1.9.3",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://commons-beanutils:commons-beanutils:1.9.3"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__3647dc7dcf43faf20a612465dc1aed6bf510893ff9724df4050604af80123b85/",
+ "fixed_versions": [
+ "1.9.4"
+ ],
+ "published": "2019-08-22T19:58:17+10:00",
+ "artifact_scan_time": "2021-04-06T16:32:29+10:00",
+ "issue_id": "XRAY-86096",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.",
+ "references": [
+ "http://mail-archives.apache.org/mod_mbox/www-announce/201908.mbox/%3cC628798F-315D-4428-8CB1-4ED1ECC958E4@apache.org%3e"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "summary": "Apache PDFBox Missing Embedded Code Type3 Font Handling DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.pdfbox:pdfbox:2.0.4",
+ "impacted_artifact": "gav://org.apache.pdfbox:pdfbox:2.0.4",
+ "impact_path": [
+ "gav://org.apache.pdfbox:pdfbox:2.0.4"
+ ],
+ "path": "mavencentral-remote/org/apache/pdfbox/pdfbox/2.0.4/pdfbox-2.0.4.jar",
+ "fixed_versions": [
+ "2.0.10"
+ ],
+ "published": "2019-03-22T01:55:19+11:00",
+ "artifact_scan_time": "2021-04-08T08:31:31+10:00",
+ "issue_id": "XRAY-78846",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache PDFBox contains a flaw that is triggered during the handling of Type3 fonts with missing embedded code. This may allow a context-dependent attacker to crash a process linked against the library.",
+ "references": [
+ "https://issues.apache.org/jira/browse/PDFBOX-4228",
+ "https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310760\u0026version=12342889"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc-bin:2.28-10",
+ "impacted_artifact": "docker://library/httpd:sha256__ef3702048ce3297435fa12a44f5a29d9541a94f1fb84537b5192872fa64d8c1f",
+ "impact_path": [
+ "docker://library/httpd:sha256__ef3702048ce3297435fa12a44f5a29d9541a94f1fb84537b5192872fa64d8c1f",
+ "generic://sha256:f7ec5a41d630a33a2d1db59b95d89d93de7ae5a619a3a8571b78457e48266eba/sha256__f7ec5a41d630a33a2d1db59b95d89d93de7ae5a619a3a8571b78457e48266eba.tar.gz",
+ "deb://debian:buster:libc-bin:2.28-10"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__ef3702048ce3297435fa12a44f5a29d9541a94f1fb84537b5192872fa64d8c1f/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-04-12T10:11:05+10:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc6:2.28-10",
+ "impacted_artifact": "docker://library/httpd:sha256__ef3702048ce3297435fa12a44f5a29d9541a94f1fb84537b5192872fa64d8c1f",
+ "impact_path": [
+ "docker://library/httpd:sha256__ef3702048ce3297435fa12a44f5a29d9541a94f1fb84537b5192872fa64d8c1f",
+ "generic://sha256:f7ec5a41d630a33a2d1db59b95d89d93de7ae5a619a3a8571b78457e48266eba/sha256__f7ec5a41d630a33a2d1db59b95d89d93de7ae5a619a3a8571b78457e48266eba.tar.gz",
+ "deb://debian:buster:libc6:2.28-10"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__ef3702048ce3297435fa12a44f5a29d9541a94f1fb84537b5192872fa64d8c1f/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-04-12T10:11:05+10:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "BusyBox archival/libarchive/decompress_bunzip2.c get_next_block() Function Selectors Handling Out-of-bounds Write DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:busybox:1.31.1-r19",
+ "impacted_artifact": "docker://fluxcd/helm-controller:sha256__27790f965d8965884e8dfc12cba0d1f609794a1abc69bc81a658bd76e463ffce",
+ "impact_path": [
+ "docker://fluxcd/helm-controller:sha256__27790f965d8965884e8dfc12cba0d1f609794a1abc69bc81a658bd76e463ffce",
+ "generic://sha256:801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea/sha256__801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea.tar.gz",
+ "alpine://3.12:busybox:1.31.1-r19"
+ ],
+ "path": "dockerhub-remote/fluxcd/helm-controller/sha256__27790f965d8965884e8dfc12cba0d1f609794a1abc69bc81a658bd76e463ffce/",
+ "fixed_versions": [],
+ "published": "2020-10-07T02:24:17+11:00",
+ "artifact_scan_time": "2021-02-02T11:33:02+11:00",
+ "issue_id": "XRAY-125951",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "BusyBox contains an out-of-bounds write flaw in the get_next_block() function in archival/libarchive/decompress_bunzip2.c that is triggered when handling a large number of selectors while decompressing BZIP2 files. This may allow a context-dependent attacker to cause a crash.",
+ "references": [
+ "https://bugs.buildroot.org/show_bug.cgi?id=12916"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "BusyBox archival/libarchive/decompress_bunzip2.c get_next_block() Function Selectors Handling Out-of-bounds Write DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:ssl_client:1.31.1-r19",
+ "impacted_artifact": "docker://fluxcd/helm-controller:sha256__27790f965d8965884e8dfc12cba0d1f609794a1abc69bc81a658bd76e463ffce",
+ "impact_path": [
+ "docker://fluxcd/helm-controller:sha256__27790f965d8965884e8dfc12cba0d1f609794a1abc69bc81a658bd76e463ffce",
+ "generic://sha256:801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea/sha256__801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea.tar.gz",
+ "alpine://3.12:ssl_client:1.31.1-r19"
+ ],
+ "path": "dockerhub-remote/fluxcd/helm-controller/sha256__27790f965d8965884e8dfc12cba0d1f609794a1abc69bc81a658bd76e463ffce/",
+ "fixed_versions": [],
+ "published": "2020-10-07T02:24:17+11:00",
+ "artifact_scan_time": "2021-02-02T11:33:02+11:00",
+ "issue_id": "XRAY-125951",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "BusyBox contains an out-of-bounds write flaw in the get_next_block() function in archival/libarchive/decompress_bunzip2.c that is triggered when handling a large number of selectors while decompressing BZIP2 files. This may allow a context-dependent attacker to cause a crash.",
+ "references": [
+ "https://bugs.buildroot.org/show_bug.cgi?id=12916"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-5736",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 8.6,
+ "summary": "runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.",
+ "severity": "High",
+ "vulnerable_component": "go://github.com/opencontainers/runc:0.1.1",
+ "impacted_artifact": "docker://fluxcd/helm-controller:sha256__27790f965d8965884e8dfc12cba0d1f609794a1abc69bc81a658bd76e463ffce",
+ "impact_path": [
+ "docker://fluxcd/helm-controller:sha256__27790f965d8965884e8dfc12cba0d1f609794a1abc69bc81a658bd76e463ffce",
+ "generic://sha256:ea6640317f0368b51f2fa38ebdea9429d198ef1fe4fab80cd8af4e67654b1f0d/sha256__ea6640317f0368b51f2fa38ebdea9429d198ef1fe4fab80cd8af4e67654b1f0d.tar.gz",
+ "generic://sha256:0f7dee261953006069bfc596c2e18eed3b00cde75ac27af837c4cbfd9b957edc/helm-controller",
+ "go://github.com/opencontainers/runc:0.1.1"
+ ],
+ "path": "dockerhub-remote/fluxcd/helm-controller/sha256__27790f965d8965884e8dfc12cba0d1f609794a1abc69bc81a658bd76e463ffce/",
+ "fixed_versions": [
+ "1.0.0-rc8"
+ ],
+ "published": "2019-02-28T05:04:50+11:00",
+ "artifact_scan_time": "2021-02-02T11:33:02+11:00",
+ "issue_id": "XRAY-75725",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2019:0304",
+ "https://access.redhat.com/errata/RHSA-2019:0303",
+ "https://www.twistlock.com/2019/02/11/how-to-mitigate-cve-2019-5736-in-runc-and-docker/",
+ "https://www.openwall.com/lists/oss-security/2019/02/11/2",
+ "https://kubernetes.io/blog/2019/02/11/runc-and-cve-2019-5736/",
+ "https://github.com/rancher/runc-cve",
+ "https://github.com/q3k/cve-2019-5736-poc",
+ "https://github.com/opencontainers/runc/commit/6635b4f0c6af3810594d2770f662f34ddc15b40d",
+ "https://github.com/opencontainers/runc/commit/0a8e4117e7f715d5fbeef398405813ce8e88558b",
+ "https://github.com/docker/docker-ce/releases/tag/v18.09.2",
+ "https://github.com/Frichetten/CVE-2019-5736-PoC",
+ "https://cloud.google.com/kubernetes-engine/docs/security-bulletins#february-11-2019-runc",
+ "https://brauner.github.io/2019/02/12/privileged-containers.html",
+ "https://aws.amazon.com/security/security-bulletins/AWS-2019-002/",
+ "https://access.redhat.com/security/vulnerabilities/runcescape",
+ "https://access.redhat.com/security/cve/cve-2019-5736",
+ "https://www.exploit-db.com/exploits/46369/",
+ "https://www.exploit-db.com/exploits/46359/",
+ "https://www.synology.com/security/advisory/Synology_SA_19_06",
+ "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190215-runc",
+ "http://www.securityfocus.com/bid/106976"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3121",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "severity": "High",
+ "vulnerable_component": "go://github.com/gogo/protobuf:1.3.1",
+ "impacted_artifact": "docker://fluxcd/helm-controller:sha256__27790f965d8965884e8dfc12cba0d1f609794a1abc69bc81a658bd76e463ffce",
+ "impact_path": [
+ "docker://fluxcd/helm-controller:sha256__27790f965d8965884e8dfc12cba0d1f609794a1abc69bc81a658bd76e463ffce",
+ "generic://sha256:ea6640317f0368b51f2fa38ebdea9429d198ef1fe4fab80cd8af4e67654b1f0d/sha256__ea6640317f0368b51f2fa38ebdea9429d198ef1fe4fab80cd8af4e67654b1f0d.tar.gz",
+ "generic://sha256:0f7dee261953006069bfc596c2e18eed3b00cde75ac27af837c4cbfd9b957edc/helm-controller",
+ "go://github.com/gogo/protobuf:1.3.1"
+ ],
+ "path": "dockerhub-remote/fluxcd/helm-controller/sha256__27790f965d8965884e8dfc12cba0d1f609794a1abc69bc81a658bd76e463ffce/",
+ "fixed_versions": [
+ "1.3.2"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-02-02T11:33:02+11:00",
+ "issue_id": "XRAY-139136",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "references": [
+ "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E",
+ "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E",
+ "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2",
+ "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.5,
+ "summary": "Alpine Package Keeper (apk-tools) io.c apk_resolve_[ug]id() Functions Username / Groupname TAR Header Field Handling Out-of-bounds Read DoS Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:apk-tools:2.10.5-r1",
+ "impacted_artifact": "docker://fluxcd/helm-controller:sha256__27790f965d8965884e8dfc12cba0d1f609794a1abc69bc81a658bd76e463ffce",
+ "impact_path": [
+ "docker://fluxcd/helm-controller:sha256__27790f965d8965884e8dfc12cba0d1f609794a1abc69bc81a658bd76e463ffce",
+ "generic://sha256:801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea/sha256__801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea.tar.gz",
+ "alpine://3.12:apk-tools:2.10.5-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/helm-controller/sha256__27790f965d8965884e8dfc12cba0d1f609794a1abc69bc81a658bd76e463ffce/",
+ "fixed_versions": [
+ "2.10.6-r0"
+ ],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-02-02T11:33:02+11:00",
+ "issue_id": "XRAY-173006",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Alpine Package Keeper (apk-tools) contains an out-of-bounds read flaw in the apk_resolve_uid() and apk_resolve_gid() functions in io.c that is triggered as username and groupname header fields are not properly checked for string terminators when parsing TAR file headers. This can potentially allow a context-dependent attacker to cause a denial of service.",
+ "references": [
+ "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741",
+ "https://github.com/docker-library/official-images/pull/9982",
+ "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606",
+ "https://github.com/alpinelinux/apk-tools/commit/f7143c1766ae59489ac922e890ffe6d4a61c3b2d",
+ "https://github.com/alpinelinux/aports/commit/aa740eb10ca7b8386cadc8761da1e30ed931486c",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-30139"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "summary": "International Components for Unicode UnicodeSet Pattern Nested Ranges Handling Stack Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.ibm.icu:icu4j:58.1",
+ "impacted_artifact": "gav://com.ibm.icu:icu4j:58.1",
+ "impact_path": [
+ "gav://com.ibm.icu:icu4j:58.1"
+ ],
+ "path": "mavencentral-remote/com/ibm/icu/icu4j/58.1/icu4j-58.1.jar",
+ "fixed_versions": [
+ "61.1"
+ ],
+ "published": "2021-04-07T20:59:26+10:00",
+ "artifact_scan_time": "2021-04-08T08:31:31+10:00",
+ "issue_id": "XRAY-170048",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "International Components for Unicode contains a flaw that is triggered when handling UnicodeSet pattern nested ranges. This may allow a context-dependent attacker to cause a process linked against the library to exhaust available stack space and crash.",
+ "references": [
+ "https://github.com/unicode-org/icu/commit/fdbe2f371bb701ba52b59700bf517800ac1bf55a",
+ "http://web.archive.org/web/*/http://bugs.icu-project.org/trac/changeset/40979",
+ "http://bugs.icu-project.org/trac/ticket/13547"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3450",
+ "cvss_v2_score": 5.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 7.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"
+ },
+ {
+ "cve": "CVE-2021-3449",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.8,
+ "cvss3_max_score": 7.4,
+ "summary": "RHSA-2021:1024: openssl security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:openssl:1:1.1.1g-12.el8_3",
+ "impacted_artifact": "rpm://8:openssl:1:1.1.1g-12.el8_3",
+ "impact_path": [
+ "rpm://8:openssl:1:1.1.1g-12.el8_3"
+ ],
+ "path": "ubi8-baseos-remote/Packages/o/openssl-1.1.1g-12.el8_3.x86_64.rpm",
+ "fixed_versions": [
+ "≥ 1:1.1.1g-15.el8_3"
+ ],
+ "published": "2021-04-22T04:15:50+10:00",
+ "artifact_scan_time": "2021-01-27T20:40:40+11:00",
+ "issue_id": "XRAY-173376",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.Security Fix(es):* openssl: NULL pointer dereference in signature_algorithms processing (CVE-2021-3449)* openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT (CVE-2021-3450)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2021:1024",
+ "https://access.redhat.com/security/cve/CVE-2021-3449",
+ "https://access.redhat.com/security/cve/CVE-2021-3450"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-20433",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "c3p0 0.9.5.2 allows XXE in extractXmlConfigFromInputStream in com/mchange/v2/c3p0/cfg/C3P0ConfigXmlUtils.java during initialization.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.mchange:c3p0:0.9.5.2",
+ "impacted_artifact": "gav://com.mchange:c3p0:0.9.5.2",
+ "impact_path": [
+ "gav://com.mchange:c3p0:0.9.5.2"
+ ],
+ "path": "mavencentral-remote/com/mchange/c3p0/0.9.5.2/c3p0-0.9.5.2.jar",
+ "fixed_versions": [
+ "0.9.5.3"
+ ],
+ "published": "2019-02-13T01:05:20+11:00",
+ "artifact_scan_time": "2021-01-28T14:56:38+11:00",
+ "issue_id": "XRAY-75175",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "c3p0 0.9.5.2 allows XXE in extractXmlConfigFromInputStream in com/mchange/v2/c3p0/cfg/C3P0ConfigXmlUtils.java during initialization.",
+ "references": [
+ "https://lists.debian.org/debian-lts-announce/2018/12/msg00021.html",
+ "https://github.com/zhutougg/c3p0/commit/2eb0ea97f745740b18dd45e4a909112d4685f87b"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 7.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.1,
+ "summary": "libssh2 packet.c packet_x11_open() Function Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:libssh2:1.9.0-r1",
+ "impacted_artifact": "docker://fluxcd/image-automation-controller:sha256__b0753565c4f4a03fb27b2d3d7e3d604833764f799ec049f952465c8802c0e253",
+ "impact_path": [
+ "docker://fluxcd/image-automation-controller:sha256__b0753565c4f4a03fb27b2d3d7e3d604833764f799ec049f952465c8802c0e253",
+ "generic://sha256:4ce0dc4defaeb385471d3f336e7aa84921449ababd6b3802f140ac5f4f410e4b/sha256__4ce0dc4defaeb385471d3f336e7aa84921449ababd6b3802f140ac5f4f410e4b.tar.gz",
+ "alpine://3.12:libssh2:1.9.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/image-automation-controller/sha256__b0753565c4f4a03fb27b2d3d7e3d604833764f799ec049f952465c8802c0e253/",
+ "fixed_versions": [],
+ "published": "2020-08-13T00:54:38+10:00",
+ "artifact_scan_time": "2021-02-02T11:33:57+11:00",
+ "issue_id": "XRAY-117891",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "libssh2 contains an out-of-bounds read flaw in the packet_x11_open() function in packet.c. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://github.com/libssh2/libssh2/commit/bcb7c92d543fdff179835e41aaf0afc59ea89f6d",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17095",
+ "https://github.com/libssh2/libssh2/pull/410"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "BusyBox archival/libarchive/decompress_bunzip2.c get_next_block() Function Selectors Handling Out-of-bounds Write DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:busybox:1.31.1-r19",
+ "impacted_artifact": "docker://fluxcd/image-automation-controller:sha256__b0753565c4f4a03fb27b2d3d7e3d604833764f799ec049f952465c8802c0e253",
+ "impact_path": [
+ "docker://fluxcd/image-automation-controller:sha256__b0753565c4f4a03fb27b2d3d7e3d604833764f799ec049f952465c8802c0e253",
+ "generic://sha256:801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea/sha256__801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea.tar.gz",
+ "alpine://3.12:busybox:1.31.1-r19"
+ ],
+ "path": "dockerhub-remote/fluxcd/image-automation-controller/sha256__b0753565c4f4a03fb27b2d3d7e3d604833764f799ec049f952465c8802c0e253/",
+ "fixed_versions": [],
+ "published": "2020-10-07T02:24:17+11:00",
+ "artifact_scan_time": "2021-02-02T11:33:57+11:00",
+ "issue_id": "XRAY-125951",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "BusyBox contains an out-of-bounds write flaw in the get_next_block() function in archival/libarchive/decompress_bunzip2.c that is triggered when handling a large number of selectors while decompressing BZIP2 files. This may allow a context-dependent attacker to cause a crash.",
+ "references": [
+ "https://bugs.buildroot.org/show_bug.cgi?id=12916"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "BusyBox archival/libarchive/decompress_bunzip2.c get_next_block() Function Selectors Handling Out-of-bounds Write DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:ssl_client:1.31.1-r19",
+ "impacted_artifact": "docker://fluxcd/image-automation-controller:sha256__b0753565c4f4a03fb27b2d3d7e3d604833764f799ec049f952465c8802c0e253",
+ "impact_path": [
+ "docker://fluxcd/image-automation-controller:sha256__b0753565c4f4a03fb27b2d3d7e3d604833764f799ec049f952465c8802c0e253",
+ "generic://sha256:801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea/sha256__801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea.tar.gz",
+ "alpine://3.12:ssl_client:1.31.1-r19"
+ ],
+ "path": "dockerhub-remote/fluxcd/image-automation-controller/sha256__b0753565c4f4a03fb27b2d3d7e3d604833764f799ec049f952465c8802c0e253/",
+ "fixed_versions": [],
+ "published": "2020-10-07T02:24:17+11:00",
+ "artifact_scan_time": "2021-02-02T11:33:57+11:00",
+ "issue_id": "XRAY-125951",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "BusyBox contains an out-of-bounds write flaw in the get_next_block() function in archival/libarchive/decompress_bunzip2.c that is triggered when handling a large number of selectors while decompressing BZIP2 files. This may allow a context-dependent attacker to cause a crash.",
+ "references": [
+ "https://bugs.buildroot.org/show_bug.cgi?id=12916"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "libssh2 kex.c kex_agree_methods() Function Key Exchange Packet Handling Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:libssh2:1.9.0-r1",
+ "impacted_artifact": "docker://fluxcd/image-automation-controller:sha256__b0753565c4f4a03fb27b2d3d7e3d604833764f799ec049f952465c8802c0e253",
+ "impact_path": [
+ "docker://fluxcd/image-automation-controller:sha256__b0753565c4f4a03fb27b2d3d7e3d604833764f799ec049f952465c8802c0e253",
+ "generic://sha256:4ce0dc4defaeb385471d3f336e7aa84921449ababd6b3802f140ac5f4f410e4b/sha256__4ce0dc4defaeb385471d3f336e7aa84921449ababd6b3802f140ac5f4f410e4b.tar.gz",
+ "alpine://3.12:libssh2:1.9.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/image-automation-controller/sha256__b0753565c4f4a03fb27b2d3d7e3d604833764f799ec049f952465c8802c0e253/",
+ "fixed_versions": [],
+ "published": "2020-08-13T00:54:38+10:00",
+ "artifact_scan_time": "2021-02-02T11:33:57+11:00",
+ "issue_id": "XRAY-117889",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "libssh2 contains an out-of-bounds read flaw in the kex_agree_methods() function in kex.c that is triggered when handling key exchange packets. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://github.com/libssh2/libssh2/commit/43f24eb152b8ec62473d2de6108d7c0b267b2419",
+ "https://github.com/libssh2/libssh2/commit/d0cb72fb986139f5927af7811dc766261f59f2d9",
+ "https://github.com/libssh2/libssh2/pull/399",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16825",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16823"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "libssh2 transport.c _libssh2_transport_send() Function Delay-compression NULL Pointer Dereference Remote DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:libssh2:1.9.0-r1",
+ "impacted_artifact": "docker://fluxcd/image-automation-controller:sha256__b0753565c4f4a03fb27b2d3d7e3d604833764f799ec049f952465c8802c0e253",
+ "impact_path": [
+ "docker://fluxcd/image-automation-controller:sha256__b0753565c4f4a03fb27b2d3d7e3d604833764f799ec049f952465c8802c0e253",
+ "generic://sha256:4ce0dc4defaeb385471d3f336e7aa84921449ababd6b3802f140ac5f4f410e4b/sha256__4ce0dc4defaeb385471d3f336e7aa84921449ababd6b3802f140ac5f4f410e4b.tar.gz",
+ "alpine://3.12:libssh2:1.9.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/image-automation-controller/sha256__b0753565c4f4a03fb27b2d3d7e3d604833764f799ec049f952465c8802c0e253/",
+ "fixed_versions": [],
+ "published": "2020-08-13T00:54:38+10:00",
+ "artifact_scan_time": "2021-02-02T11:33:57+11:00",
+ "issue_id": "XRAY-117893",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "libssh2 contains a NULL pointer dereference flaw in the _libssh2_transport_send() function in transport.c that is triggered when using the delay-compression extensions to renegotiate compression algorithm support. This may allow a remote attacker to crash a process using the library.",
+ "references": [
+ "https://github.com/libssh2/libssh2/commit/03c7c4a351712492969bcc6ca40ca421c8dfe8bc",
+ "https://github.com/libssh2/libssh2/pull/443"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.5,
+ "summary": "Alpine Package Keeper (apk-tools) io.c apk_resolve_[ug]id() Functions Username / Groupname TAR Header Field Handling Out-of-bounds Read DoS Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:apk-tools:2.10.5-r1",
+ "impacted_artifact": "docker://fluxcd/image-automation-controller:sha256__b0753565c4f4a03fb27b2d3d7e3d604833764f799ec049f952465c8802c0e253",
+ "impact_path": [
+ "docker://fluxcd/image-automation-controller:sha256__b0753565c4f4a03fb27b2d3d7e3d604833764f799ec049f952465c8802c0e253",
+ "generic://sha256:801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea/sha256__801bfaa63ef2094d770c809815b9e2b9c1194728e5e754ef7bc764030e140cea.tar.gz",
+ "alpine://3.12:apk-tools:2.10.5-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/image-automation-controller/sha256__b0753565c4f4a03fb27b2d3d7e3d604833764f799ec049f952465c8802c0e253/",
+ "fixed_versions": [
+ "2.10.6-r0"
+ ],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-02-02T11:33:57+11:00",
+ "issue_id": "XRAY-173006",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Alpine Package Keeper (apk-tools) contains an out-of-bounds read flaw in the apk_resolve_uid() and apk_resolve_gid() functions in io.c that is triggered as username and groupname header fields are not properly checked for string terminators when parsing TAR file headers. This can potentially allow a context-dependent attacker to cause a denial of service.",
+ "references": [
+ "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741",
+ "https://github.com/docker-library/official-images/pull/9982",
+ "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606",
+ "https://github.com/alpinelinux/apk-tools/commit/f7143c1766ae59489ac922e890ffe6d4a61c3b2d",
+ "https://github.com/alpinelinux/aports/commit/aa740eb10ca7b8386cadc8761da1e30ed931486c",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-30139"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "libssh2 userauth.c file_read_publickey() Function Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:libssh2:1.9.0-r1",
+ "impacted_artifact": "docker://fluxcd/image-automation-controller:sha256__b0753565c4f4a03fb27b2d3d7e3d604833764f799ec049f952465c8802c0e253",
+ "impact_path": [
+ "docker://fluxcd/image-automation-controller:sha256__b0753565c4f4a03fb27b2d3d7e3d604833764f799ec049f952465c8802c0e253",
+ "generic://sha256:4ce0dc4defaeb385471d3f336e7aa84921449ababd6b3802f140ac5f4f410e4b/sha256__4ce0dc4defaeb385471d3f336e7aa84921449ababd6b3802f140ac5f4f410e4b.tar.gz",
+ "alpine://3.12:libssh2:1.9.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/image-automation-controller/sha256__b0753565c4f4a03fb27b2d3d7e3d604833764f799ec049f952465c8802c0e253/",
+ "fixed_versions": [],
+ "published": "2020-08-13T00:54:37+10:00",
+ "artifact_scan_time": "2021-02-02T11:33:57+11:00",
+ "issue_id": "XRAY-117888",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "libssh2 contains an out-of-bounds read flaw in the file_read_publickey() function in userauth.c. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://github.com/libssh2/libssh2/pull/386",
+ "https://github.com/libssh2/libssh2/commit/482055695011fabb55f3cb7598356d47a0429068"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "libssh2 packet.c packet_queue_listener() Function SSH Packet Parsing Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.12:libssh2:1.9.0-r1",
+ "impacted_artifact": "docker://fluxcd/image-automation-controller:sha256__b0753565c4f4a03fb27b2d3d7e3d604833764f799ec049f952465c8802c0e253",
+ "impact_path": [
+ "docker://fluxcd/image-automation-controller:sha256__b0753565c4f4a03fb27b2d3d7e3d604833764f799ec049f952465c8802c0e253",
+ "generic://sha256:4ce0dc4defaeb385471d3f336e7aa84921449ababd6b3802f140ac5f4f410e4b/sha256__4ce0dc4defaeb385471d3f336e7aa84921449ababd6b3802f140ac5f4f410e4b.tar.gz",
+ "alpine://3.12:libssh2:1.9.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/image-automation-controller/sha256__b0753565c4f4a03fb27b2d3d7e3d604833764f799ec049f952465c8802c0e253/",
+ "fixed_versions": [],
+ "published": "2020-08-13T00:54:38+10:00",
+ "artifact_scan_time": "2021-02-02T11:33:57+11:00",
+ "issue_id": "XRAY-117890",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "libssh2 contains an out-of-bounds read flaw in the packet_queue_listener() function in packet.c that is triggered as certain input in SSH packets is not properly validated. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://github.com/libssh2/libssh2/commit/f7bc203dbeb1dd9e17beb553c50faeedc5755ead",
+ "https://github.com/libssh2/libssh2/commit/8571ab482d7591be14b47b7065eed689c92cae27",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16865",
+ "https://github.com/libssh2/libssh2/pull/404"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Apache PDFBox Type1Parser.java readValue() Function PDF File Handling NULL Pointer Dereference DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.pdfbox:fontbox:2.0.4",
+ "impacted_artifact": "gav://org.apache.pdfbox:fontbox:2.0.4",
+ "impact_path": [
+ "gav://org.apache.pdfbox:fontbox:2.0.4"
+ ],
+ "path": "mavencentral-remote/org/apache/pdfbox/fontbox/2.0.4/fontbox-2.0.4.jar",
+ "fixed_versions": [
+ "2.0.15"
+ ],
+ "published": "2019-04-22T00:36:30+10:00",
+ "artifact_scan_time": "2021-04-08T08:31:30+10:00",
+ "issue_id": "XRAY-80753",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache PDFBox contains a NULL pointer dereference flaw in the readValue() function in Type1Parser.java that is triggered during the handling of a specially crafted PDF file. This may allow a context-dependent attacker to crash a process linked against the library.",
+ "references": [
+ "https://svn.apache.org/r1854334",
+ "https://svn.apache.org/r1854333",
+ "https://svn.apache.org/r1854332",
+ "https://www.pdf-insecurity.org/download/exploits/amazon_refund_signed.pdf",
+ "https://issues.apache.org/jira/browse/PDFBOX-4474",
+ "https://svn.apache.org/r1854331"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite pcache1.c pcache1AllocPage() Function Uninitialized Memory Use Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:sqlite-libs:3.34.1-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "generic://sha256:a5c722ca52cdca20144e27af23b2a3b1a49de7509023f6c59876525d612f061c/sha256__a5c722ca52cdca20144e27af23b2a3b1a49de7509023f6c59876525d612f061c.tar.gz",
+ "alpine://3.13:sqlite-libs:3.34.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12/",
+ "fixed_versions": [],
+ "published": "2021-04-20T00:31:27+10:00",
+ "artifact_scan_time": "2021-02-02T11:35:50+11:00",
+ "issue_id": "XRAY-172950",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains a flaw in the pcache1AllocPage() function in pcache1.c related to use of uninitialized memory. The issue is triggered when handling specially crafted database files. This may allow a context-dependent attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/1e06c70eb073a92e683c55ffb8471301db999b75",
+ "https://github.com/sqlite/sqlite/commit/1f9f5766954d250a00da59f7f7c1fc57d9032a6e",
+ "https://www.sqlite.org/src/info/39c8686cabe6c437",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/60efbb3584af2ba05e1935b3e07d3a861841db7c",
+ "https://github.com/chromium/chromium/commit/78157c349734be628ac9eef25a897a50bd31b8cd",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1175522",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1181276",
+ "https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1198709"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "GNU Libtasn1 lib/int.h ETYPE_OK Macro ASN.1 Type Encoding Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:libtasn1:4.16.0-r1",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "generic://sha256:a5c722ca52cdca20144e27af23b2a3b1a49de7509023f6c59876525d612f061c/sha256__a5c722ca52cdca20144e27af23b2a3b1a49de7509023f6c59876525d612f061c.tar.gz",
+ "alpine://3.13:libtasn1:4.16.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12/",
+ "fixed_versions": [],
+ "published": "2021-02-10T04:07:40+11:00",
+ "artifact_scan_time": "2021-02-02T11:35:50+11:00",
+ "issue_id": "XRAY-140262",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU Libtasn1 contains an out-of-bounds read flaw in the ETYPE_OK() macro in lib/int.h that is triggered when encoding ASN.1 types. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://gitlab.com/gnutls/libtasn1/-/issues/32"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite btree.c balance_nonroot() Function Database File Handling Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:sqlite-libs:3.34.1-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "generic://sha256:a5c722ca52cdca20144e27af23b2a3b1a49de7509023f6c59876525d612f061c/sha256__a5c722ca52cdca20144e27af23b2a3b1a49de7509023f6c59876525d612f061c.tar.gz",
+ "alpine://3.13:sqlite-libs:3.34.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12/",
+ "fixed_versions": [],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-02-02T11:35:50+11:00",
+ "issue_id": "XRAY-173004",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains a flaw in the balance_nonroot() function in btree.c that is triggered when handling a specially crafted database file. This may allow a context-dependent attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/1e06c70eb073a92e683c55ffb8471301db999b75",
+ "https://github.com/sqlite/sqlite/commit/1f9f5766954d250a00da59f7f7c1fc57d9032a6e",
+ "https://www.sqlite.org/src/info/39c8686cabe6c437",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/60efbb3584af2ba05e1935b3e07d3a861841db7c",
+ "https://github.com/chromium/chromium/commit/78157c349734be628ac9eef25a897a50bd31b8cd",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1175522",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1181276",
+ "https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop_14.html",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1198709"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "GNOME GLib glib/garray.c g_byte_array_new_take() Function Integer Truncation Heap Buffer Overflow",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:glib:2.66.4-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "generic://sha256:a5c722ca52cdca20144e27af23b2a3b1a49de7509023f6c59876525d612f061c/sha256__a5c722ca52cdca20144e27af23b2a3b1a49de7509023f6c59876525d612f061c.tar.gz",
+ "alpine://3.13:glib:2.66.4-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12/",
+ "fixed_versions": [],
+ "published": "2021-02-16T05:13:22+11:00",
+ "artifact_scan_time": "2021-02-02T11:35:50+11:00",
+ "issue_id": "XRAY-140525",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNOME GLib contains an integer truncation condition in the g_byte_array_new_take() function in glib/garray.c that is due to an improper cast when allocating memory. This may result in a smaller allocated buffer than intended and may allow a context-dependent attacker to cause a heap-based buffer overflow, resulting in a denial of service and potentially the execution of arbitrary code.",
+ "references": [
+ "https://gitlab.gnome.org/GNOME/glib/-/commit/8670c78dabefe5621e8a073fff3eb4235afb6254",
+ "https://gitlab.gnome.org/GNOME/glib/-/commit/5532dc098020ae2c5a9bf1feb3c6cb4d42f71da2",
+ "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1944",
+ "https://gitlab.gnome.org/GNOME/glib/-/blob/2.66.7/NEWS",
+ "https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1942"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 8.2,
+ "summary": "GNU dbm (GDBM) bucket.c _gdbm_get_bucket() Function Improper Bucket Re-initialization Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:gdbm:1.19-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "generic://sha256:a5c722ca52cdca20144e27af23b2a3b1a49de7509023f6c59876525d612f061c/sha256__a5c722ca52cdca20144e27af23b2a3b1a49de7509023f6c59876525d612f061c.tar.gz",
+ "alpine://3.13:gdbm:1.19-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12/",
+ "fixed_versions": [],
+ "published": "2021-03-19T00:44:44+11:00",
+ "artifact_scan_time": "2021-02-02T11:35:50+11:00",
+ "issue_id": "XRAY-147853",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU dbm (GDBM) contains an out-of-bounds read flaw in the _gdbm_get_bucket() function in bucket.c that is triggered as buckets are not properly re-initialized when a failure occurs. This may allow a context-dependent attacker to crash a process linked against the library or potentially disclose memory contents.",
+ "references": [
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=40a464d322c720c88a50c3eb0a8c1d87e6079f89",
+ "/vulnerabilities/251924",
+ "https://puszcza.gnu.org.ua/bugs/?501"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:C",
+ "cvss_v3_score": 9.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 9.1,
+ "summary": "Nettle ECDSA Signature Verification Functions Out-of-range Scalar Handling Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:nettle:3.7-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "generic://sha256:a5c722ca52cdca20144e27af23b2a3b1a49de7509023f6c59876525d612f061c/sha256__a5c722ca52cdca20144e27af23b2a3b1a49de7509023f6c59876525d612f061c.tar.gz",
+ "alpine://3.13:nettle:3.7-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12/",
+ "fixed_versions": [],
+ "published": "2021-03-29T21:10:59+11:00",
+ "artifact_scan_time": "2021-02-02T11:35:50+11:00",
+ "issue_id": "XRAY-159091",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Nettle contains a flaw in ECDSA signature verification functions that is triggered when handling out-of-range scalars. With a specially crafted signature, a context-dependent attacker can cause an assertion failure, resulting in a denial of service, or potentially forge a valid signature.",
+ "references": [
+ "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009458.html",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/b30e0ca6d2b41579a5b6a010fc54065d790e8d55",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/63f222c60b03470c0005aa9bc4296fbf585f68b9",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/d9b564e4b3b3a5691afb9328c7342b3f7ca64288",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/ae3801a0e5cce276c270973214385c86048d5f7b",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/fbaefb64b90cb45b7075a0ed72a92f2a1fbcd2ab",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/401c8d53d8a8cf1e79980e62bda3f946f8e07c14",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/c24b36160dc5303f7541dd9da1429c4046f27398",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/51f643eee00e2caa65c8a2f5857f49acdf3ef1ce",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/2397757b3f95fcae1e2d3011bf99ca5b5438378f",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/74ee0e82b6891e090f20723750faeb19064e31b2",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/5b7608fde3a6d2ab82bffb35db1e4e330927c906",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/971bed6ab4b27014eb23085e8176917e1a096fd5",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/a63893791280d441c713293491da97c79c0950fe",
+ "https://git.lysator.liu.se/nettle/nettle/-/commit/2bf497ba4d6acc6f352bca015837fad33008565c",
+ "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1942533"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 8.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 8.5,
+ "cvss3_max_score": 8.2,
+ "summary": "Git fsmonitor.c fsmonitor_is_trivial_response() Function Out-of-bounds Read Issue",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:git:2.30.0-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "generic://sha256:a5c722ca52cdca20144e27af23b2a3b1a49de7509023f6c59876525d612f061c/sha256__a5c722ca52cdca20144e27af23b2a3b1a49de7509023f6c59876525d612f061c.tar.gz",
+ "alpine://3.13:git:2.30.0-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12/",
+ "fixed_versions": [],
+ "published": "2021-04-21T02:31:31+10:00",
+ "artifact_scan_time": "2021-02-02T11:35:50+11:00",
+ "issue_id": "XRAY-173164",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Git contains an out-of-bounds read flaw in the fsmonitor_is_trivial_response() function in fsmonitor.c that is triggered when handling input passed via 'query_result' values. This may allow an attacker to cause a denial of service or potentially disclose memory contents.",
+ "references": [
+ "https://lore.kernel.org/git/27cc2d6b-834f-e34b-0949-561b575544da@gmail.com/#r",
+ "https://lore.kernel.org/git/pull.904.git.1615826363431.gitgitgadget@gmail.com/",
+ "https://github.com/gitgitgadget/git/commit/8779c141da62d66be5d420b94d506636006a7901",
+ "https://github.com/gitgitgadget/git/pull/904"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3121",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "severity": "High",
+ "vulnerable_component": "go://github.com/gogo/protobuf:1.3.1",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "generic://sha256:37c6663dee07a9cb27fefc46bd92b27301cc3f86b0be396ac45bd34eb28cff82/sha256__37c6663dee07a9cb27fefc46bd92b27301cc3f86b0be396ac45bd34eb28cff82.tar.gz",
+ "generic://sha256:9697b7e1fb7621b1afb4fa1c709dd94fd86f27337547f73d7a24e6956f7e2e5e/kustomize-controller",
+ "go://github.com/gogo/protobuf:1.3.1"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12/",
+ "fixed_versions": [
+ "1.3.2"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-02-02T11:35:50+11:00",
+ "issue_id": "XRAY-139136",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "references": [
+ "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E",
+ "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E",
+ "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2",
+ "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.5,
+ "summary": "Alpine Package Keeper (apk-tools) io.c apk_resolve_[ug]id() Functions Username / Groupname TAR Header Field Handling Out-of-bounds Read DoS Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:apk-tools:2.12.1-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "generic://sha256:4c0d98bf9879488e0407f897d9dd4bf758555a78e39675e72b5124ccf12c2580/sha256__4c0d98bf9879488e0407f897d9dd4bf758555a78e39675e72b5124ccf12c2580.tar.gz",
+ "alpine://3.13:apk-tools:2.12.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12/",
+ "fixed_versions": [
+ "2.12.5-r0"
+ ],
+ "published": "2021-04-20T02:31:29+10:00",
+ "artifact_scan_time": "2021-02-02T11:35:50+11:00",
+ "issue_id": "XRAY-173006",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Alpine Package Keeper (apk-tools) contains an out-of-bounds read flaw in the apk_resolve_uid() and apk_resolve_gid() functions in io.c that is triggered as username and groupname header fields are not properly checked for string terminators when parsing TAR file headers. This can potentially allow a context-dependent attacker to cause a denial of service.",
+ "references": [
+ "https://gitlab.alpinelinux.org/alpine/apk-tools/-/issues/10741",
+ "https://github.com/docker-library/official-images/pull/9982",
+ "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12606",
+ "https://github.com/alpinelinux/apk-tools/commit/f7143c1766ae59489ac922e890ffe6d4a61c3b2d",
+ "https://github.com/alpinelinux/aports/commit/aa740eb10ca7b8386cadc8761da1e30ed931486c",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-30139"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "GNU dbm (GDBM) gdbmopen.c gdbm_avail_block_validate() Function Block Validation Out-of-bounds Read DoS",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:gdbm:1.19-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "generic://sha256:a5c722ca52cdca20144e27af23b2a3b1a49de7509023f6c59876525d612f061c/sha256__a5c722ca52cdca20144e27af23b2a3b1a49de7509023f6c59876525d612f061c.tar.gz",
+ "alpine://3.13:gdbm:1.19-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12/",
+ "fixed_versions": [],
+ "published": "2021-03-19T02:44:49+11:00",
+ "artifact_scan_time": "2021-02-02T11:35:50+11:00",
+ "issue_id": "XRAY-147947",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU dbm (GDBM) contains an out-of-bounds read flaw in the gdbm_avail_block_validate() function in gdbmopen.c that is triggered when validating available blocks. This may allow a context-dependent attacker to crash a process linked against the library.",
+ "references": [
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=9405ce2373ae5d64fc370c8b5ff280a92f15d01f",
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=4fe603315b4e5189ff5ba31fb9ef0bedd625202a",
+ "http://git.gnu.org.ua/cgit/gdbm.git/commit/?id=7011ecbaf12a07f912eaf1b3ed6d3a528cefc7ad",
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=fd5cf245ea6d3e2f36dc349d8013ef62f4a9d532",
+ "/vulnerabilities/251922",
+ "https://puszcza.gnu.org.ua/bugs/?501",
+ "https://puszcza.gnu.org.ua/bugs/?503"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "SQLite sqliteInt.h sqlite3ExpandSubquery() Function Declaration Unspecified Weakness",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:sqlite-libs:3.34.1-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "generic://sha256:a5c722ca52cdca20144e27af23b2a3b1a49de7509023f6c59876525d612f061c/sha256__a5c722ca52cdca20144e27af23b2a3b1a49de7509023f6c59876525d612f061c.tar.gz",
+ "alpine://3.13:sqlite-libs:3.34.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12/",
+ "fixed_versions": [],
+ "published": "2021-03-15T04:32:05+11:00",
+ "artifact_scan_time": "2021-02-02T11:35:50+11:00",
+ "issue_id": "XRAY-146201",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite contains an unspecified flaw in sqliteInt.h as the sqlite3ExpandSubquery() function is not declared for SQLITE_OMIT_WINDOWFUNC builds. This may allow an attacker to have an unspecified impact. No further details have been provided.",
+ "references": [
+ "https://github.com/sqlite/sqlite/commit/7225bfef164bced949c0ba98436b1fa104546493",
+ "https://www.sqlite.org/src/info/9587fa8b29fc2f91",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/8162d64e702214e8cb12078f387e4278a3302d16",
+ "https://chromium.googlesource.com/chromium/deps/sqlite.git/+/d9581878fcf81ec8beda15b079726edaddd775bb",
+ "https://chromium.googlesource.com/chromium/src/+/b8631d09aaba64ee30d492e47e6ccf43860e0cac",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1183883",
+ "https://bugs.chromium.org/p/chromium/issues/detail?id=1161048",
+ "https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "GNOME GLib glib/gbytes.c g_bytes_new() Function Integer Truncation Heap Buffer Overflow",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:glib:2.66.4-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "generic://sha256:a5c722ca52cdca20144e27af23b2a3b1a49de7509023f6c59876525d612f061c/sha256__a5c722ca52cdca20144e27af23b2a3b1a49de7509023f6c59876525d612f061c.tar.gz",
+ "alpine://3.13:glib:2.66.4-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12/",
+ "fixed_versions": [],
+ "published": "2021-02-16T05:13:21+11:00",
+ "artifact_scan_time": "2021-02-02T11:35:50+11:00",
+ "issue_id": "XRAY-140524",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNOME GLib contains an integer truncation condition in the g_bytes_new() function in glib/gbytes.c that is due to an improper cast when allocating memory. This may result in a smaller allocated buffer than intended and may allow a context-dependent attacker to cause a heap-based buffer overflow, resulting in a denial of service and potentially the execution of arbitrary code.",
+ "references": [
+ "https://gitlab.gnome.org/GNOME/glib/-/blob/2.67.3/NEWS",
+ "https://gitlab.gnome.org/GNOME/glib/-/blob/2.66.6/NEWS",
+ "https://gitlab.gnome.org/GNOME/glib/-/commit/20cfc75d148e3be0c026cc7eff3a9cdb72bf5c56",
+ "https://gitlab.gnome.org/GNOME/glib/-/issues/2319",
+ "https://bdu.fstec.ru/vul/2021-00680"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3345",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "_gcry_md_block_write in cipher/hash-common.c in Libgcrypt before 1.9.1 has a heap-based buffer overflow when the digest final function sets a large count value.",
+ "severity": "High",
+ "vulnerable_component": "alpine://3.13:libgcrypt:1.8.7-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12",
+ "generic://sha256:a5c722ca52cdca20144e27af23b2a3b1a49de7509023f6c59876525d612f061c/sha256__a5c722ca52cdca20144e27af23b2a3b1a49de7509023f6c59876525d612f061c.tar.gz",
+ "alpine://3.13:libgcrypt:1.8.7-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__0be8dd0865df4ac6bd6d14a55fb58a836aa777fd018ee9312460bf0f13750e12/",
+ "fixed_versions": [],
+ "published": "2021-02-02T04:46:15+11:00",
+ "artifact_scan_time": "2021-02-02T11:35:50+11:00",
+ "issue_id": "XRAY-139180",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "_gcry_md_block_write in cipher/hash-common.c in Libgcrypt before 1.9.1 has a heap-based buffer overflow when the digest final function sets a large count value.",
+ "references": [
+ "https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000456.html",
+ "https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000455.html",
+ "https://gnupg.org",
+ "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=512c0c75276949f13b6373b5c04f7065af750b08",
+ "https://bugs.gentoo.org/show_bug.cgi?id=767814"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc-bin:2.28-10",
+ "impacted_artifact": "docker://openresty/openresty:buster",
+ "impact_path": [
+ "docker://openresty/openresty:buster",
+ "generic://sha256:ac2522cc72690febc428fb46fb39a4efc5e0a721c3ad15d9992b01515f2fad1a/sha256__ac2522cc72690febc428fb46fb39a4efc5e0a721c3ad15d9992b01515f2fad1a.tar.gz",
+ "deb://debian:buster:libc-bin:2.28-10"
+ ],
+ "path": "dockerhub-remote/openresty/openresty/buster/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-03-29T16:05:34+11:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc6:2.28-10",
+ "impacted_artifact": "docker://openresty/openresty:buster",
+ "impact_path": [
+ "docker://openresty/openresty:buster",
+ "generic://sha256:ac2522cc72690febc428fb46fb39a4efc5e0a721c3ad15d9992b01515f2fad1a/sha256__ac2522cc72690febc428fb46fb39a4efc5e0a721c3ad15d9992b01515f2fad1a.tar.gz",
+ "deb://debian:buster:libc6:2.28-10"
+ ],
+ "path": "dockerhub-remote/openresty/openresty/buster/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-03-29T16:05:34+11:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3177",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libpython3.7-minimal:3.7.3-2+deb10u2",
+ "impacted_artifact": "docker://openresty/openresty:buster",
+ "impact_path": [
+ "docker://openresty/openresty:buster",
+ "generic://sha256:016559a24135e7c31c9177027d892cb3880c0548ab4efdc1d576c47c3b6c3dbd/sha256__016559a24135e7c31c9177027d892cb3880c0548ab4efdc1d576c47c3b6c3dbd.tar.gz",
+ "deb://debian:buster:libpython3.7-minimal:3.7.3-2+deb10u2"
+ ],
+ "path": "dockerhub-remote/openresty/openresty/buster/",
+ "fixed_versions": [],
+ "published": "2021-01-21T15:17:47+11:00",
+ "artifact_scan_time": "2021-03-29T16:05:34+11:00",
+ "issue_id": "XRAY-138768",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3177",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:python3.7-minimal:3.7.3-2+deb10u2",
+ "impacted_artifact": "docker://openresty/openresty:buster",
+ "impact_path": [
+ "docker://openresty/openresty:buster",
+ "generic://sha256:016559a24135e7c31c9177027d892cb3880c0548ab4efdc1d576c47c3b6c3dbd/sha256__016559a24135e7c31c9177027d892cb3880c0548ab4efdc1d576c47c3b6c3dbd.tar.gz",
+ "deb://debian:buster:python3.7-minimal:3.7.3-2+deb10u2"
+ ],
+ "path": "dockerhub-remote/openresty/openresty/buster/",
+ "fixed_versions": [],
+ "published": "2021-01-21T15:17:47+11:00",
+ "artifact_scan_time": "2021-03-29T16:05:34+11:00",
+ "issue_id": "XRAY-138768",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc6:2.28-10",
+ "impacted_artifact": "docker://library/httpd:sha256__0dac9ce7b3946d9c10822a2532368e31058583bc0da231d7575189fa61d78cf1",
+ "impact_path": [
+ "docker://library/httpd:sha256__0dac9ce7b3946d9c10822a2532368e31058583bc0da231d7575189fa61d78cf1",
+ "generic://sha256:75646c2fb4101d306585c9b106be1dfa7d82720baabe1c75b64d759ea8adf341/sha256__75646c2fb4101d306585c9b106be1dfa7d82720baabe1c75b64d759ea8adf341.tar.gz",
+ "deb://debian:buster:libc6:2.28-10"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__0dac9ce7b3946d9c10822a2532368e31058583bc0da231d7575189fa61d78cf1/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-03-31T16:33:22+11:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc-bin:2.28-10",
+ "impacted_artifact": "docker://library/httpd:sha256__0dac9ce7b3946d9c10822a2532368e31058583bc0da231d7575189fa61d78cf1",
+ "impact_path": [
+ "docker://library/httpd:sha256__0dac9ce7b3946d9c10822a2532368e31058583bc0da231d7575189fa61d78cf1",
+ "generic://sha256:75646c2fb4101d306585c9b106be1dfa7d82720baabe1c75b64d759ea8adf341/sha256__75646c2fb4101d306585c9b106be1dfa7d82720baabe1c75b64d759ea8adf341.tar.gz",
+ "deb://debian:buster:libc-bin:2.28-10"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__0dac9ce7b3946d9c10822a2532368e31058583bc0da231d7575189fa61d78cf1/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-03-31T16:33:22+11:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Apache Commons IO input/InfiniteCircularInputStream.java InfiniteCircularInputStream::read() Function Buffer Handling Divide-by-zero DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-io:commons-io:2.6",
+ "impacted_artifact": "gav://org.apache.maven.surefire:surefire-shared-utils:3.0.0-M4",
+ "impact_path": [
+ "gav://org.apache.maven.surefire:surefire-shared-utils:3.0.0-M4",
+ "gav://commons-io:commons-io:2.6"
+ ],
+ "path": "mavencentral-remote/org/apache/maven/surefire/surefire-shared-utils/3.0.0-M4/surefire-shared-utils-3.0.0-M4.jar",
+ "fixed_versions": [
+ "2.8.0"
+ ],
+ "published": "2020-09-27T18:46:21+10:00",
+ "artifact_scan_time": "2021-05-21T09:18:12+10:00",
+ "issue_id": "XRAY-125253",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons IO contains a divide-by-zero condition in the InfiniteCircularInputStream::read() function in input/InfiniteCircularInputStream.java that is triggered when the input buffer is of size 0. This may allow a context-dependent attacker to crash a process linked against the library.",
+ "references": [
+ "https://github.com/apache/commons-io/commit/0de91c048fb575b9e7906e966a4428574fd03695",
+ "https://github.com/apache/commons-io/commit/97ae01c95837f50a2e9be34c370b271c4d8fc88b",
+ "https://issues.apache.org/jira/browse/IO-675",
+ "https://commons.apache.org/proper/commons-io/changes-report.html#a2.8.0"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Apache Commons Compress archivers/zip/ZipFile.java ZipFile::readCentralDirectoryEntry() Function Uncaught Exception DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.commons:commons-compress:1.19",
+ "impacted_artifact": "gav://org.apache.maven.surefire:surefire-shared-utils:3.0.0-M4",
+ "impact_path": [
+ "gav://org.apache.maven.surefire:surefire-shared-utils:3.0.0-M4",
+ "gav://org.apache.commons:commons-compress:1.19"
+ ],
+ "path": "mavencentral-remote/org/apache/maven/surefire/surefire-shared-utils/3.0.0-M4/surefire-shared-utils-3.0.0-M4.jar",
+ "fixed_versions": [],
+ "published": "2021-05-18T20:57:33+10:00",
+ "artifact_scan_time": "2021-05-21T09:18:12+10:00",
+ "issue_id": "XRAY-175855",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons Compress contains a flaw in the ZipFile::readCentralDirectoryEntry() function in main/java/org/apache/commons/compress/archivers/zip/ZipFile.java related to an uncaught exception. This may allow a context-dependent attacker to crash a process linked against the library.",
+ "references": [
+ "https://github.com/apache/commons-compress/commit/26924e96c7730db014c310757e11c9359db07f3e",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33786",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33507",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33462",
+ "https://github.com/apache/commons-compress/commit/882c6dd12473d7b615d503e08fd6b866d0f866d5"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "FasterXML jackson-databind org.arrah.framework.rdbms.UpdatableJdbcRowsetImpl Gadget Insecure Deserialization Unspecified Remote Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.9.10.3",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.9.10.3",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.9.10.3"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.9.10.3/jackson-databind-2.9.10.3.jar",
+ "fixed_versions": [
+ "2.9.10.6"
+ ],
+ "published": "2020-09-02T23:19:05+10:00",
+ "artifact_scan_time": "2021-04-08T08:30:29+10:00",
+ "issue_id": "XRAY-122084",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains a flaw that is triggered if an application deserializes JSON content from an untrusted source, as the org.arrah.framework.rdbms.UpdatableJdbcRowsetImpl gadget may allow performing sensitive actions. This may allow a remote attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/issues/2827",
+ "https://github.com/FasterXML/jackson-databind/commit/e701bd852ca9a22e04743104987f11ae575a6fe2"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "FasterXML jackson-databind com.nqadmin.rowset.JdbcRowSetImpl Gadget Insecure Deserialization Unspecified Remote Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.9.10.3",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.9.10.3",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.9.10.3"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.9.10.3/jackson-databind-2.9.10.3.jar",
+ "fixed_versions": [
+ "2.9.10.6"
+ ],
+ "published": "2020-09-02T23:19:05+10:00",
+ "artifact_scan_time": "2021-04-08T08:30:29+10:00",
+ "issue_id": "XRAY-122085",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains a flaw that is triggered if an application deserializes JSON content from an untrusted source, as the com.nqadmin.rowset.JdbcRowSetImpl gadget may allow performing sensitive actions. This may allow a remote attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/commit/e701bd852ca9a22e04743104987f11ae575a6fe2",
+ "https://github.com/FasterXML/jackson-databind/issues/2826"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "FasterXML jackson-databind Multiple Gadget Insecure Deserialization Unspecified Remote Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.9.10.3",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.9.10.3",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.9.10.3"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.9.10.3/jackson-databind-2.9.10.3.jar",
+ "fixed_versions": [
+ "2.9.10.4",
+ "2.6.7.4"
+ ],
+ "published": "2020-05-10T22:34:24+10:00",
+ "artifact_scan_time": "2021-04-08T08:30:29+10:00",
+ "issue_id": "XRAY-97675",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains a flaw that is triggered if an application deserializes JSON content from an untrusted source, as the org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory, and org.quartz.utils.JNDIConnectionProvider gadgets may allow performing sensitive actions. This may allow a remote attacker to potentially have an unspecified impact.",
+ "references": [
+ "https://www.oracle.com/security-alerts/cpujan2021.html#AppendixRAPP",
+ "https://www.oracle.com/security-alerts/cpujan2021.html#AppendixSCP",
+ "https://github.com/FasterXML/jackson-databind/commit/b59b611f82c546c13753421f79103c6f6e584606",
+ "https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixINSU",
+ "https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixIFLX",
+ "https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixCGBU",
+ "https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixRAPP",
+ "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixCGBU",
+ "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixGLM",
+ "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixIFLX",
+ "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixEM",
+ "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixPVA",
+ "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixFMW",
+ "https://docs.itrsgroup.com/docs/all/release-notes/geneos/geneos-release-notes.htm",
+ "https://github.com/FasterXML/jackson-databind/issues/2658",
+ "https://sid.softek.jp/content/show/35081",
+ "https://github.com/FasterXML/jackson-databind/commit/a424c038ba0c0d65e579e22001dec925902ac0ef",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-10650"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 8.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 8.5,
+ "cvss3_max_score": 8.2,
+ "summary": "FasterXML jackson-databind ext/DOMDeserializer.java DOMDeserializer Class XML External Entity (XXE) Expansion Remote Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.9.10.3",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.9.10.3",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.9.10.3"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.9.10.3/jackson-databind-2.9.10.3.jar",
+ "fixed_versions": [],
+ "published": "2020-10-15T22:39:55+11:00",
+ "artifact_scan_time": "2021-04-08T08:30:29+10:00",
+ "issue_id": "XRAY-126663",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains an XXE (Xml eXternal Entity) expansion flaw in the DOMDeserializer class in ext/DOMDeserializer.java that is triggered during the parsing of XML data. The issue is due to an incorrectly configured XML parser accepting XML external entities from an untrusted source. By sending specially crafted XML data, a remote attacker can potentially consume excessive system resources or disclose sensitive information.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-25649",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1887664",
+ "https://github.com/FasterXML/jackson-databind/issues/2589",
+ "https://github.com/FasterXML/jackson-databind/commit/e588f0af61b18576779ffb95a2a689a5eb1f9d15",
+ "https://github.com/FasterXML/jackson-databind/blob/jackson-databind-2.11.0/release-notes/VERSION-2.x",
+ "https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "FasterXML jackson-databind Multiple Gadgets Insecure Deserialization Unspecified Remote Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.9.10.3",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.9.10.3",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.9.10.3"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.9.10.3/jackson-databind-2.9.10.3.jar",
+ "fixed_versions": [
+ "2.9.10.8"
+ ],
+ "published": "2021-01-10T23:41:04+11:00",
+ "artifact_scan_time": "2021-04-08T08:30:29+10:00",
+ "issue_id": "XRAY-138371",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains a flaw that is triggered if an application deserializes JSON content from an untrusted source, as the oadd.org.apache.commons.dbcp.datasources.PerUserPoolDataSource and oadd.org.apache.commons.dbcp.datasources.SharedPoolDataSource gadgets may allow performing sensitive actions. This may allow a remote attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/commit/ac7232e3f9004bdb4f11dcb5bc6c1fadf074f5f7"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc-bin:2.28-10",
+ "impacted_artifact": "docker://jenkins/jenkins:lts",
+ "impact_path": [
+ "docker://jenkins/jenkins:lts",
+ "generic://sha256:0ecb575e629cd60aa802266a3bc6847dcf4073aa2a6d7d43f717dd61e7b90e0b/sha256__0ecb575e629cd60aa802266a3bc6847dcf4073aa2a6d7d43f717dd61e7b90e0b.tar.gz",
+ "deb://debian:buster:libc-bin:2.28-10"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/lts/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-04-06T16:11:48+10:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:locales:2.28-10",
+ "impacted_artifact": "docker://jenkins/jenkins:lts",
+ "impact_path": [
+ "docker://jenkins/jenkins:lts",
+ "generic://sha256:a87482283dbb235a9eeb81f9f153c922f56ed9e3ed7df22f3c04b84b9717691d/sha256__a87482283dbb235a9eeb81f9f153c922f56ed9e3ed7df22f3c04b84b9717691d.tar.gz",
+ "deb://debian:buster:locales:2.28-10"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/lts/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-04-06T16:11:48+10:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Code Execution Weakness (2021-21346)",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:lts",
+ "impact_path": [
+ "docker://jenkins/jenkins:lts",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/lts/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:48+11:00",
+ "artifact_scan_time": "2021-04-06T16:11:48+10:00",
+ "issue_id": "XRAY-146571",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary code.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21346",
+ "https://x-stream.github.io/CVE-2021-21346.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.5,
+ "summary": "Java Native Access (JNA) Advapi32Util.registryGetValues() Method REG_SZ, REG_MULTI_SZ / REG_EXPAND_SZ Data Type Handling DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://net.java.dev.jna:jna:4.5.2",
+ "impacted_artifact": "docker://jenkins/jenkins:lts",
+ "impact_path": [
+ "docker://jenkins/jenkins:lts",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://org.jenkins-ci.plugins:pam-auth:1.5.1",
+ "gav://net.java.dev.jna:jna:4.5.2"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/lts/",
+ "fixed_versions": [
+ "5.0.0"
+ ],
+ "published": "2020-07-27T01:38:45+10:00",
+ "artifact_scan_time": "2021-04-06T16:11:48+10:00",
+ "issue_id": "XRAY-114349",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Java Native Access (JNA) contains a flaw in the Advapi32Util.registryGetValues() method that is triggered when handling a string with the REG_SZ, REG_MULTI_SZ or REG_EXPAND_SZ data types that is stored without properly null terminating characters. This may allow an attacker to crash the program.",
+ "references": [
+ "https://github.com/java-native-access/jna/commit/12493ba771a50fae7d6303e8b58b31eacf903327",
+ "https://github.com/java-native-access/jna/issues/340",
+ "https://github.com/java-native-access/jna/blob/master/CHANGES.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Code Execution Weakness (2021-29505)",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:lts",
+ "impact_path": [
+ "docker://jenkins/jenkins:lts",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/lts/",
+ "fixed_versions": [
+ "1.4.17"
+ ],
+ "published": "2021-05-19T02:57:32+10:00",
+ "artifact_scan_time": "2021-04-06T16:11:48+10:00",
+ "issue_id": "XRAY-175914",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary commands.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-29505",
+ "https://x-stream.github.io/CVE-2021-29505.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2014-0114",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "summary": "Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-beanutils:commons-beanutils:1.9.3",
+ "impacted_artifact": "docker://jenkins/jenkins:lts",
+ "impact_path": [
+ "docker://jenkins/jenkins:lts",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://commons-beanutils:commons-beanutils:1.9.3"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/lts/",
+ "fixed_versions": [
+ "1.9.4"
+ ],
+ "published": "2017-07-05T21:31:08+10:00",
+ "artifact_scan_time": "2021-04-06T16:11:48+10:00",
+ "issue_id": "XRAY-55616",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.",
+ "references": [
+ "http://advisories.mageia.org/MGASA-2014-0219.html",
+ "http://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.2/RELEASE-NOTES.txt",
+ "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136958.html",
+ "http://marc.info/?l=bugtraq\u0026m=140119284401582\u0026w=2",
+ "http://marc.info/?l=bugtraq\u0026m=140801096002766\u0026w=2",
+ "http://marc.info/?l=bugtraq\u0026m=141451023707502\u0026w=2",
+ "http://openwall.com/lists/oss-security/2014/06/15/10",
+ "http://openwall.com/lists/oss-security/2014/07/08/1",
+ "http://seclists.org/fulldisclosure/2014/Dec/23",
+ "http://secunia.com/advisories/57477",
+ "http://secunia.com/advisories/58710",
+ "http://secunia.com/advisories/58851",
+ "http://secunia.com/advisories/58947",
+ "http://secunia.com/advisories/59014",
+ "http://secunia.com/advisories/59118",
+ "http://secunia.com/advisories/59228",
+ "http://secunia.com/advisories/59245",
+ "http://secunia.com/advisories/59246",
+ "http://secunia.com/advisories/59430",
+ "http://secunia.com/advisories/59464",
+ "http://secunia.com/advisories/59479",
+ "http://secunia.com/advisories/59480",
+ "http://secunia.com/advisories/59704",
+ "http://secunia.com/advisories/59718",
+ "http://secunia.com/advisories/60177",
+ "http://secunia.com/advisories/60703",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21674128",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21674812",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675266",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675387",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675689",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675898",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675972",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676091",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676110",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676303",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676375",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676931",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21677110",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg27042296",
+ "http://www.debian.org/security/2014/dsa-2940",
+ "http://www.ibm.com/support/docview.wss?uid=swg21675496",
+ "http://www.mandriva.com/security/advisories?name=MDVSA-2014:095",
+ "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
+ "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
+ "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
+ "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
+ "http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded",
+ "http://www.securityfocus.com/bid/67121",
+ "http://www.vmware.com/security/advisories/VMSA-2014-0008.html",
+ "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
+ "https://access.redhat.com/solutions/869353",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1091938",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1116665",
+ "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755",
+ "https://issues.apache.org/jira/browse/BEANUTILS-463",
+ "https://security.gentoo.org/glsa/201607-09"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc6:2.28-10",
+ "impacted_artifact": "docker://jenkins/jenkins:lts",
+ "impact_path": [
+ "docker://jenkins/jenkins:lts",
+ "generic://sha256:0ecb575e629cd60aa802266a3bc6847dcf4073aa2a6d7d43f717dd61e7b90e0b/sha256__0ecb575e629cd60aa802266a3bc6847dcf4073aa2a6d7d43f717dd61e7b90e0b.tar.gz",
+ "deb://debian:buster:libc6:2.28-10"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/lts/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-04-06T16:11:48+10:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Code Execution Weakness (2021-21344)",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:lts",
+ "impact_path": [
+ "docker://jenkins/jenkins:lts",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/lts/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:48+11:00",
+ "artifact_scan_time": "2021-04-06T16:11:48+10:00",
+ "issue_id": "XRAY-146569",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary code.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21344",
+ "https://x-stream.github.io/CVE-2021-21344.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Code Execution Weakness (2021-21351)",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:lts",
+ "impact_path": [
+ "docker://jenkins/jenkins:lts",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/lts/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:50+11:00",
+ "artifact_scan_time": "2021-04-06T16:11:48+10:00",
+ "issue_id": "XRAY-146576",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary code.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21351",
+ "https://x-stream.github.io/CVE-2021-21351.html",
+ "https://s.tencent.com/research/bsafe/1271.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-1000031",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-fileupload:commons-fileupload:1.3.1-jenkins-2",
+ "impacted_artifact": "docker://jenkins/jenkins:lts",
+ "impact_path": [
+ "docker://jenkins/jenkins:lts",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://commons-fileupload:commons-fileupload:1.3.1-jenkins-2"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/lts/",
+ "fixed_versions": [
+ "1.3.3"
+ ],
+ "published": "2017-07-05T21:31:10+10:00",
+ "artifact_scan_time": "2021-04-06T16:11:48+10:00",
+ "issue_id": "XRAY-55689",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution",
+ "references": [
+ "http://www.securityfocus.com/bid/93604",
+ "http://www.tenable.com/security/research/tra-2016-12",
+ "http://www.zerodayinitiative.com/advisories/ZDI-16-570/",
+ "https://www.tenable.com/security/research/tra-2016-30"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Code Execution Weakness (2021-21350)",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:lts",
+ "impact_path": [
+ "docker://jenkins/jenkins:lts",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/lts/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:49+11:00",
+ "artifact_scan_time": "2021-04-06T16:11:48+10:00",
+ "issue_id": "XRAY-146575",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary code.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21350",
+ "https://x-stream.github.io/CVE-2021-21350.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "XStream Insecure Stream Deserialization Regular Expression Handling DoS Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:lts",
+ "impact_path": [
+ "docker://jenkins/jenkins:lts",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/lts/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:49+11:00",
+ "artifact_scan_time": "2021-04-06T16:11:48+10:00",
+ "issue_id": "XRAY-146573",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data and can cause the parsing of user-supplied data with an improper regular expression. This may allow a context-dependent attacker to slow down or hang a process linked against the library.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21348",
+ "https://x-stream.github.io/CVE-2021-21348.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Command Execution Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:lts",
+ "impact_path": [
+ "docker://jenkins/jenkins:lts",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/lts/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:48+11:00",
+ "artifact_scan_time": "2021-04-06T16:11:48+10:00",
+ "issue_id": "XRAY-146570",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary commands.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21345",
+ "https://x-stream.github.io/CVE-2021-21345.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Apache Commons Compress archivers/zip/ZipFile.java ZipFile::readCentralDirectoryEntry() Function Uncaught Exception DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.commons:commons-compress:1.19",
+ "impacted_artifact": "docker://jenkins/jenkins:lts",
+ "impact_path": [
+ "docker://jenkins/jenkins:lts",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://org.apache.commons:commons-compress:1.19"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/lts/",
+ "fixed_versions": [],
+ "published": "2021-05-18T20:57:33+10:00",
+ "artifact_scan_time": "2021-04-06T16:11:48+10:00",
+ "issue_id": "XRAY-175855",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons Compress contains a flaw in the ZipFile::readCentralDirectoryEntry() function in main/java/org/apache/commons/compress/archivers/zip/ZipFile.java related to an uncaught exception. This may allow a context-dependent attacker to crash a process linked against the library.",
+ "references": [
+ "https://github.com/apache/commons-compress/commit/26924e96c7730db014c310757e11c9359db07f3e",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33786",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33507",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33462",
+ "https://github.com/apache/commons-compress/commit/882c6dd12473d7b615d503e08fd6b866d0f866d5"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-10086",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 7.3,
+ "summary": "In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-beanutils:commons-beanutils:1.9.3",
+ "impacted_artifact": "docker://jenkins/jenkins:lts",
+ "impact_path": [
+ "docker://jenkins/jenkins:lts",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://commons-beanutils:commons-beanutils:1.9.3"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/lts/",
+ "fixed_versions": [
+ "1.9.4"
+ ],
+ "published": "2019-08-22T19:58:17+10:00",
+ "artifact_scan_time": "2021-04-06T16:11:48+10:00",
+ "issue_id": "XRAY-86096",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.",
+ "references": [
+ "http://mail-archives.apache.org/mod_mbox/www-announce/201908.mbox/%3cC628798F-315D-4428-8CB1-4ED1ECC958E4@apache.org%3e"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc-l10n:2.28-10",
+ "impacted_artifact": "docker://jenkins/jenkins:lts",
+ "impact_path": [
+ "docker://jenkins/jenkins:lts",
+ "generic://sha256:a87482283dbb235a9eeb81f9f153c922f56ed9e3ed7df22f3c04b84b9717691d/sha256__a87482283dbb235a9eeb81f9f153c922f56ed9e3ed7df22f3c04b84b9717691d.tar.gz",
+ "deb://debian:buster:libc-l10n:2.28-10"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/lts/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-04-06T16:11:48+10:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-1000027",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Pivotal Spring Framework 4.1.4 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication may be required.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.springframework:spring-web:5.2.12.RELEASE",
+ "impacted_artifact": "docker://jenkins/jenkins:lts",
+ "impact_path": [
+ "docker://jenkins/jenkins:lts",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://org.springframework:spring-web:5.2.12.RELEASE"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/lts/",
+ "fixed_versions": [
+ "5.3.0-M2",
+ "5.3.0"
+ ],
+ "published": "2020-10-04T19:14:47+11:00",
+ "artifact_scan_time": "2021-04-06T16:11:48+10:00",
+ "issue_id": "XRAY-125778",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Pivotal Spring Framework 4.1.4 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication may be required.",
+ "references": [
+ "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1000027",
+ "https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000027.json",
+ "https://security-tracker.debian.org/tracker/CVE-2016-1000027",
+ "https://www.tenable.com/security/research/tra-2016-20"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Code Execution Weakness (2021-21347)",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:lts",
+ "impact_path": [
+ "docker://jenkins/jenkins:lts",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/lts/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:49+11:00",
+ "artifact_scan_time": "2021-04-06T16:11:48+10:00",
+ "issue_id": "XRAY-146572",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary code.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21347",
+ "https://x-stream.github.io/CVE-2021-21347.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "XStream Insecure Stream Deserialization Infinite Loop CPU Consumption DoS Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:lts",
+ "impact_path": [
+ "docker://jenkins/jenkins:lts",
+ "generic://sha256:cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0/sha256__cc4412b6fab1b470f3d7819fd11b7df4e511b8257097be667c615fb23fa297f0.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.277.1",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/lts/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:47+11:00",
+ "artifact_scan_time": "2021-04-06T16:11:48+10:00",
+ "issue_id": "XRAY-146566",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains an infinite loop condition that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to consume available CPU resources and hang a process linked against the library.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21341",
+ "https://x-stream.github.io/CVE-2021-21341.html",
+ "https://x-stream.github.io/changes.html#1.4.16"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-17458",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 9.8,
+ "summary": "In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be created programmatically.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:mercurial-common:4.0-1+deb9u1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:mercurial-common:4.0-1+deb9u1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2017-12-09T08:04:43+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-60147",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be created programmatically.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-16335",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.9.10",
+ "2.8.11.5",
+ "2.7.9.7",
+ "2.6.7.3"
+ ],
+ "published": "2019-09-16T20:36:23+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-88210",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/issues/2449",
+ "https://lists.apache.org/thread.html/e90c3feb21702e68a8c08afce37045adb3870f2bf8223fa403fb93fb@%3Ccommits.hbase.apache.org%3E",
+ "https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1@%3Cissues.hbase.apache.org%3E",
+ "https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E",
+ "https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9@%3Cissues.hbase.apache.org%3E",
+ "https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0@%3Cissues.hbase.apache.org%3E",
+ "https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-13347",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:mercurial:4.0-1+deb9u1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:mercurial:4.0-1+deb9u1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "≥ 4.0-1+deb9u2"
+ ],
+ "published": "2018-07-08T17:25:12+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-69302",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "FasterXML jackson-databind CXF JAX-RS Implementation jsontype/impl/SubTypeValidator.java Insecure Deserialization Remote Code Execution",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.8.11.5",
+ "2.6.7.3",
+ "2.9.10",
+ "2.7.9.7"
+ ],
+ "published": "2019-08-14T19:47:15+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-85877",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML contains a flaw in jackson-databind jsontype/impl/SubTypeValidator.java related to the CXF JAX-RS implemtation that is triggered as user-supplied JavaScript content is insecurely deserialized. This may allow a remote attacker to potentially execute arbitrary code.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/commit/d4983c740fec7d5576b207a8c30a63d3ea7443de",
+ "https://github.com/FasterXML/jackson-databind/issues/2420"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-14176",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 8.8,
+ "summary": "Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:bzr:2.7.0+bzr6619-7+deb9u1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:bzr:2.7.0+bzr6619-7+deb9u1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "≥ 2.7.0+bzr6619-7+deb9u1"
+ ],
+ "published": "2017-09-27T04:23:04+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-58683",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000408",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc6:2.24-11+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libc6:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2017-12-12T08:36:27+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-60188",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18311",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:perl:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:perl:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "≥ 5.24.1-3+deb9u5"
+ ],
+ "published": "2018-11-30T13:56:46+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-73963",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-6485",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc6:2.24-11+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libc6:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-02-05T01:13:03+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-64004",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-14062",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libidn11:1.33-1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libidn11:1.33-1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2017-09-04T07:47:18+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-58088",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000487",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0.8",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://org.apache.maven.surefire:surefire-api:2.12.4",
+ "gav://org.codehaus.plexus:plexus-utils:3.0.8"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "3.0.16"
+ ],
+ "published": "2019-06-10T18:42:32+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-83897",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1322",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522",
+ "https://www.debian.org/security/2018/dsa-4149",
+ "https://www.debian.org/security/2018/dsa-4146",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000487",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0.8",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://org.codehaus.plexus:plexus-utils:3.0.8"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "3.0.16"
+ ],
+ "published": "2019-06-10T18:42:32+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-83897",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1322",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522",
+ "https://www.debian.org/security/2018/dsa-4149",
+ "https://www.debian.org/security/2018/dsa-4146",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000487",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0.8",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://org.apache.maven.surefire:maven-surefire-common:2.12.4",
+ "gav://org.codehaus.plexus:plexus-utils:3.0.8"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "3.0.16"
+ ],
+ "published": "2019-06-10T18:42:32+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-83897",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1322",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522",
+ "https://www.debian.org/security/2018/dsa-4149",
+ "https://www.debian.org/security/2018/dsa-4146",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-20330",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.9.10.2",
+ "2.8.11.5",
+ "2.7.9.7"
+ ],
+ "published": "2020-01-05T22:55:41+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-93354",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.10.1...jackson-databind-2.9.10.2",
+ "https://github.com/FasterXML/jackson-databind/issues/2526"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "Plexus-utils util/xml/XmlWriterUtil.java XmlWriterUtil::writeComment() Function Comment String Escape XML Injection Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0.8",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://org.apache.maven.surefire:surefire-api:2.12.4",
+ "gav://org.codehaus.plexus:plexus-utils:3.0.8"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-09-15T21:14:39+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-88166",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils contains a flaw in the XmlWriterUtil::writeComment() function in util/xml/XmlWriterUtil.java that is triggered as comment strings are not properly sanitized. This may allow a context-dependent attacker to inject unexpected content through XML code and have an unspecified impact.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/issues/3",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "Plexus-utils util/xml/XmlWriterUtil.java XmlWriterUtil::writeComment() Function Comment String Escape XML Injection Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0.8",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://org.codehaus.plexus:plexus-utils:3.0.8"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-09-15T21:14:39+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-88166",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils contains a flaw in the XmlWriterUtil::writeComment() function in util/xml/XmlWriterUtil.java that is triggered as comment strings are not properly sanitized. This may allow a context-dependent attacker to inject unexpected content through XML code and have an unspecified impact.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/issues/3",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "Plexus-utils util/xml/XmlWriterUtil.java XmlWriterUtil::writeComment() Function Comment String Escape XML Injection Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0.8",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://org.apache.maven.surefire:maven-surefire-common:2.12.4",
+ "gav://org.codehaus.plexus:plexus-utils:3.0.8"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-09-15T21:14:39+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-88166",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils contains a flaw in the XmlWriterUtil::writeComment() function in util/xml/XmlWriterUtil.java that is triggered as comment strings are not properly sanitized. This may allow a context-dependent attacker to inject unexpected content through XML code and have an unspecified impact.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/issues/3",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-13347",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:mercurial-common:4.0-1+deb9u1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:mercurial-common:4.0-1+deb9u1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-07-08T17:25:12+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-69302",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-9169",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc-bin:2.24-11+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libc-bin:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2019-02-28T14:31:09+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-75785",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "Plexus-utils util/xml/XmlWriterUtil.java XmlWriterUtil::writeComment() Function Comment String Escape XML Injection Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://org.codehaus.plexus:plexus-utils:3.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-09-15T21:14:39+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-88166",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils contains a flaw in the XmlWriterUtil::writeComment() function in util/xml/XmlWriterUtil.java that is triggered as comment strings are not properly sanitized. This may allow a context-dependent attacker to inject unexpected content through XML code and have an unspecified impact.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/issues/3",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-15686",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 9.8,
+ "summary": "A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libudev1:232-25+deb9u4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libudev1:232-25+deb9u4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-10-29T12:05:20+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-73267",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-12424",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege boundary in, for example, certain web-hosting environments in which a Control Panel allows an unprivileged user account to create subaccounts.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:login:1:4.4-4.1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:login:1:4.4-4.1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2017-08-05T18:23:34+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-57714",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege boundary in, for example, certain web-hosting environments in which a Control Panel allows an unprivileged user account to create subaccounts.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-16997",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the \"./\" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc-bin:2.24-11+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libc-bin:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-01-13T14:06:04+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-60509",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the \"./\" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-7658",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.eclipse.jetty:jetty-http:9.2.6.v20141205",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "generic://sha256:b829aeff2ba3a6b03efab2715037abfdab96e9a832acd2ee7704d8c2f70ac349/juseppe.jar",
+ "gav://org.eclipse.jetty:jetty-http:9.2.6.v20141205"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "9.4.11.v20180605",
+ "9.3.24.v20180605",
+ "9.2.25.v20180606"
+ ],
+ "published": "2018-08-27T18:18:31+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-70237",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization.",
+ "references": [
+ "http://www.securitytracker.com/id/1041194",
+ "https://bugs.eclipse.org/bugs/show_bug.cgi?id=535669",
+ "https://www.debian.org/security/2018/dsa-4278"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-7658",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.eclipse.jetty:jetty-http:9.2.6.v20141205",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://org.eclipse.jetty:jetty-http:9.2.6.v20141205"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "9.4.11.v20180605",
+ "9.3.24.v20180605",
+ "9.2.25.v20180606"
+ ],
+ "published": "2018-08-27T18:18:31+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-70237",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization.",
+ "references": [
+ "http://www.securitytracker.com/id/1041194",
+ "https://bugs.eclipse.org/bugs/show_bug.cgi?id=535669",
+ "https://www.debian.org/security/2018/dsa-4278"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-5953",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Buffer overflow in GNU Wget 1.20.1 and earlier allows remote attackers to cause a denial-of-service (DoS) or may execute an arbitrary code via unspecified vectors.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:wget:1.18-5+deb9u2",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:5cee356eda6bfe3a5a229cd3d964e722ade1da4381842b24e943b03a37aec1f2/sha256__5cee356eda6bfe3a5a229cd3d964e722ade1da4381842b24e943b03a37aec1f2.tar.gz",
+ "deb://debian:stretch:wget:1.18-5+deb9u2"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "≥ 1.18-5+deb9u3"
+ ],
+ "published": "2019-04-06T07:59:57+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-79941",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Buffer overflow in GNU Wget 1.20.1 and earlier allows remote attackers to cause a denial-of-service (DoS) or may execute an arbitrary code via unspecified vectors.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18314",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:perl-modules-5.24:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:perl-modules-5.24:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-11-30T14:00:18+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-73973",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Apache Commons IO input/InfiniteCircularInputStream.java InfiniteCircularInputStream::read() Function Buffer Handling Divide-by-zero DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-io:commons-io:2.6",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:4d4d32abb4d85b74b70bb9179b1d8dde3f3ca59f882bb7a00abf8975b4ab2861/sha256__4d4d32abb4d85b74b70bb9179b1d8dde3f3ca59f882bb7a00abf8975b4ab2861.tar.gz",
+ "gav://org.apache.maven.wagon:wagon-http:3.1.0",
+ "gav://commons-io:commons-io:2.6"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.8.0"
+ ],
+ "published": "2020-09-27T18:46:21+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-125253",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons IO contains a divide-by-zero condition in the InfiniteCircularInputStream::read() function in input/InfiniteCircularInputStream.java that is triggered when the input buffer is of size 0. This may allow a context-dependent attacker to crash a process linked against the library.",
+ "references": [
+ "https://github.com/apache/commons-io/commit/0de91c048fb575b9e7906e966a4428574fd03695",
+ "https://github.com/apache/commons-io/commit/97ae01c95837f50a2e9be34c370b271c4d8fc88b",
+ "https://issues.apache.org/jira/browse/IO-675",
+ "https://commons.apache.org/proper/commons-io/changes-report.html#a2.8.0"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-4373",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-2000",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2015-7501",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2015-8103",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ },
+ {
+ "cve": "CVE-2015-7450",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-4385",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ },
+ {
+ "cve": "CVE-2016-1998",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2015-8765",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L"
+ },
+ {
+ "cve": "CVE-2015-4852",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ },
+ {
+ "cve": "CVE-2015-6420",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ },
+ {
+ "cve": "CVE-2016-4398",
+ "cvss_v2_score": 6.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-4369",
+ "cvss_v2_score": 6.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-1999",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-1114",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-2009",
+ "cvss_v2_score": 6.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-1986",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-4405",
+ "cvss_v2_score": 6.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2015-6934",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ },
+ {
+ "cve": "CVE-2016-4372",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-4368",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-2003",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-1997",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-1985",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 10,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 10,
+ "summary": "The Apache Commons Collections library contains various classes in the \"functor\" package which are serializable and use reflection. This can be exploited for remote code execution attacks by injecting specially crafted objects to applications that de-serialize java objects from untrusted sources and have the Apache Commons Collections library in their classpath and do not perform any kind of input validation.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-collections:commons-collections:3.2.1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "generic://sha256:b829aeff2ba3a6b03efab2715037abfdab96e9a832acd2ee7704d8c2f70ac349/juseppe.jar",
+ "gav://commons-collections:commons-collections:3.2.1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "3.2.2"
+ ],
+ "published": "2018-03-29T23:58:27+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-65665",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "The Apache Commons Collections library contains various classes in the \"functor\" package which are serializable and use reflection. This can be exploited for remote code execution attacks by injecting specially crafted objects to applications that de-serialize java objects from untrusted sources and have the Apache Commons Collections library in their classpath and do not perform any kind of input validation.",
+ "references": [
+ "https://commons.apache.org/proper/commons-collections/security-reports.html",
+ "https://exchange.xforce.ibmcloud.com/vulnerabilities/107918"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-4373",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-2000",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2015-7501",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2015-8103",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ },
+ {
+ "cve": "CVE-2015-7450",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-4385",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ },
+ {
+ "cve": "CVE-2016-1998",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2015-8765",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L"
+ },
+ {
+ "cve": "CVE-2015-4852",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ },
+ {
+ "cve": "CVE-2015-6420",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ },
+ {
+ "cve": "CVE-2016-4398",
+ "cvss_v2_score": 6.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-4369",
+ "cvss_v2_score": 6.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-1999",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-1114",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-2009",
+ "cvss_v2_score": 6.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-1986",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-4405",
+ "cvss_v2_score": 6.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2015-6934",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ },
+ {
+ "cve": "CVE-2016-4372",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-4368",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-2003",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-1997",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-1985",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 10,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 10,
+ "summary": "The Apache Commons Collections library contains various classes in the \"functor\" package which are serializable and use reflection. This can be exploited for remote code execution attacks by injecting specially crafted objects to applications that de-serialize java objects from untrusted sources and have the Apache Commons Collections library in their classpath and do not perform any kind of input validation.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-collections:commons-collections:3.2.1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://commons-collections:commons-collections:3.2.1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "3.2.2"
+ ],
+ "published": "2018-03-29T23:58:27+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-65665",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "The Apache Commons Collections library contains various classes in the \"functor\" package which are serializable and use reflection. This can be exploited for remote code execution attacks by injecting specially crafted objects to applications that de-serialize java objects from untrusted sources and have the Apache Commons Collections library in their classpath and do not perform any kind of input validation.",
+ "references": [
+ "https://commons.apache.org/proper/commons-collections/security-reports.html",
+ "https://exchange.xforce.ibmcloud.com/vulnerabilities/107918"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-19360",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.9.8",
+ "2.8.11.3",
+ "2.7.9.5",
+ "2.6.7.3"
+ ],
+ "published": "2019-01-29T23:31:53+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-74871",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.",
+ "references": [
+ "http://www.securityfocus.com/bid/107985",
+ "https://seclists.org/bugtraq/2019/May/68",
+ "https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b",
+ "https://github.com/FasterXML/jackson-databind/issues/2186",
+ "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8",
+ "https://issues.apache.org/jira/browse/TINKERPOP-2121",
+ "https://security.netapp.com/advisory/ntap-20190530-0003/",
+ "https://www.debian.org/security/2019/dsa-4452",
+ "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
+ "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
+ "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html",
+ "https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E",
+ "https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c@%3Ccommits.pulsar.apache.org%3E",
+ "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E",
+ "https://access.redhat.com/errata/RHBA-2019:0959",
+ "https://access.redhat.com/errata/RHSA-2019:0782",
+ "https://access.redhat.com/errata/RHSA-2019:0877",
+ "https://access.redhat.com/errata/RHSA-2019:1782",
+ "https://access.redhat.com/errata/RHSA-2019:1797",
+ "https://access.redhat.com/errata/RHSA-2019:1822",
+ "https://access.redhat.com/errata/RHSA-2019:1823",
+ "https://access.redhat.com/errata/RHSA-2019:2804"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-5481",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:curl:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:5cee356eda6bfe3a5a229cd3d964e722ade1da4381842b24e943b03a37aec1f2/sha256__5cee356eda6bfe3a5a229cd3d964e722ade1da4381842b24e943b03a37aec1f2.tar.gz",
+ "deb://debian:stretch:curl:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "≥ 7.52.1-5+deb9u10"
+ ],
+ "published": "2019-09-12T02:40:46+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-87996",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "FasterXML jackson-databind Multiple Gadget Insecure Deserialization Unspecified Remote Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.9.10.4",
+ "2.6.7.4"
+ ],
+ "published": "2020-05-10T22:34:24+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-97675",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains a flaw that is triggered if an application deserializes JSON content from an untrusted source, as the org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory, and org.quartz.utils.JNDIConnectionProvider gadgets may allow performing sensitive actions. This may allow a remote attacker to potentially have an unspecified impact.",
+ "references": [
+ "https://www.oracle.com/security-alerts/cpujan2021.html#AppendixRAPP",
+ "https://www.oracle.com/security-alerts/cpujan2021.html#AppendixSCP",
+ "https://github.com/FasterXML/jackson-databind/commit/b59b611f82c546c13753421f79103c6f6e584606",
+ "https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixINSU",
+ "https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixIFLX",
+ "https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixCGBU",
+ "https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixRAPP",
+ "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixCGBU",
+ "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixGLM",
+ "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixIFLX",
+ "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixEM",
+ "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixPVA",
+ "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixFMW",
+ "https://docs.itrsgroup.com/docs/all/release-notes/geneos/geneos-release-notes.htm",
+ "https://github.com/FasterXML/jackson-databind/issues/2658",
+ "https://sid.softek.jp/content/show/35081",
+ "https://github.com/FasterXML/jackson-databind/commit/a424c038ba0c0d65e579e22001dec925902ac0ef",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-10650"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-18269",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:multiarch-support:2.24-11+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:multiarch-support:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-05-19T18:22:29+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-68008",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "FasterXML jackson-databind Multiple Gadgets Insecure Deserialization Unspecified Remote Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.9.10.8"
+ ],
+ "published": "2021-01-10T23:41:04+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-138371",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains a flaw that is triggered if an application deserializes JSON content from an untrusted source, as the oadd.org.apache.commons.dbcp.datasources.PerUserPoolDataSource and oadd.org.apache.commons.dbcp.datasources.SharedPoolDataSource gadgets may allow performing sensitive actions. This may allow a remote attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/commit/ac7232e3f9004bdb4f11dcb5bc6c1fadf074f5f7"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18312",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:perl-modules-5.24:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:perl-modules-5.24:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-11-30T13:59:48+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-73970",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-14618",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 9.8,
+ "summary": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libcurl3:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:5cee356eda6bfe3a5a229cd3d964e722ade1da4381842b24e943b03a37aec1f2/sha256__5cee356eda6bfe3a5a229cd3d964e722ade1da4381842b24e943b03a37aec1f2.tar.gz",
+ "deb://debian:stretch:libcurl3:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-09-06T07:44:04+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-71227",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-18269",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc-bin:2.24-11+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libc-bin:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-05-19T18:22:29+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-68008",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-3855",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 8.8,
+ "summary": "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libssh2-1:1.7.0-1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:5cee356eda6bfe3a5a229cd3d964e722ade1da4381842b24e943b03a37aec1f2/sha256__5cee356eda6bfe3a5a229cd3d964e722ade1da4381842b24e943b03a37aec1f2.tar.gz",
+ "deb://debian:stretch:libssh2-1:1.7.0-1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2019-03-18T14:18:29+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-78478",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18311",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:perl-modules-5.24:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:perl-modules-5.24:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-11-30T13:56:46+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-73963",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8840",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.9.10.3",
+ "2.8.11.5",
+ "2.7.9.7"
+ ],
+ "published": "2020-02-11T23:24:22+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-94620",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/issues/2620"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-14618",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 9.8,
+ "summary": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libcurl3-gnutls:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:libcurl3-gnutls:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-09-06T07:44:04+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-71227",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-16997",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the \"./\" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:multiarch-support:2.24-11+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:multiarch-support:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-01-13T14:06:04+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-60509",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the \"./\" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-19361",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.9.8",
+ "2.8.11.3",
+ "2.7.9.5",
+ "\u003c 2.6.7.3"
+ ],
+ "published": "2019-01-29T23:31:53+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-74870",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.",
+ "references": [
+ "http://www.securityfocus.com/bid/107985",
+ "https://seclists.org/bugtraq/2019/May/68",
+ "https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b",
+ "https://github.com/FasterXML/jackson-databind/issues/2186",
+ "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8",
+ "https://issues.apache.org/jira/browse/TINKERPOP-2121",
+ "https://security.netapp.com/advisory/ntap-20190530-0003/",
+ "https://www.debian.org/security/2019/dsa-4452",
+ "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
+ "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
+ "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html",
+ "https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E",
+ "https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c@%3Ccommits.pulsar.apache.org%3E",
+ "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E",
+ "https://access.redhat.com/errata/RHBA-2019:0959",
+ "https://access.redhat.com/errata/RHSA-2019:0782",
+ "https://access.redhat.com/errata/RHSA-2019:0877",
+ "https://access.redhat.com/errata/RHSA-2019:1782",
+ "https://access.redhat.com/errata/RHSA-2019:1797",
+ "https://access.redhat.com/errata/RHSA-2019:1822",
+ "https://access.redhat.com/errata/RHSA-2019:1823",
+ "https://access.redhat.com/errata/RHSA-2019:2804"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-12450",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libglib2.0-0:2.50.3-2",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:b919b8fd1620fbf048cb2f5e94af0f35b4981c92b319519625ee5d61c181a9d1/sha256__b919b8fd1620fbf048cb2f5e94af0f35b4981c92b319519625ee5d61c181a9d1.tar.gz",
+ "deb://debian:stretch:libglib2.0-0:2.50.3-2"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2019-05-31T08:32:23+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-83112",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-3822",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libcurl3:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:5cee356eda6bfe3a5a229cd3d964e722ade1da4381842b24e943b03a37aec1f2/sha256__5cee356eda6bfe3a5a229cd3d964e722ade1da4381842b24e943b03a37aec1f2.tar.gz",
+ "deb://debian:stretch:libcurl3:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2019-02-07T22:57:39+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-75087",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-6551",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc6:2.24-11+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libc6:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-02-05T01:11:27+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-63998",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-2779",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libsmartcols1:2.29.2-1+deb9u1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libsmartcols1:2.29.2-1+deb9u1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2016-11-28T00:17:10+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-40740",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-5482",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:curl:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:5cee356eda6bfe3a5a229cd3d964e722ade1da4381842b24e943b03a37aec1f2/sha256__5cee356eda6bfe3a5a229cd3d964e722ade1da4381842b24e943b03a37aec1f2.tar.gz",
+ "deb://debian:stretch:curl:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "≥ 7.52.1-5+deb9u10"
+ ],
+ "published": "2019-09-12T02:51:17+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-87998",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-1353",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as \"WSL\") while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:git:1:2.11.0-3+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:git:1:2.11.0-3+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "≥ 1:2.11.0-3+deb9u5"
+ ],
+ "published": "2019-12-11T15:15:19+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-92626",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as \"WSL\") while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-15688",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libsystemd0:232-25+deb9u4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libsystemd0:232-25+deb9u4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-10-29T11:52:21+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-73258",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc-bin:2.24-11+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libc-bin:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-12900",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:bzip2:1.0.6-8.1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:40624ba8b77e273f4be3be6b60a55bd8b700624eeb37a26acb3d019f7fd862c8/sha256__40624ba8b77e273f4be3be6b60a55bd8b700624eeb37a26acb3d019f7fd862c8.tar.gz",
+ "deb://debian:stretch:bzip2:1.0.6-8.1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2019-06-20T21:40:18+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-84196",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-16942",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.8.11.5",
+ "2.9.10.1",
+ "2.7.9.7",
+ "2.6.7.3"
+ ],
+ "published": "2019-10-02T22:19:49+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-89105",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.",
+ "references": [
+ "https://seclists.org/bugtraq/2019/Oct/6",
+ "https://www.debian.org/security/2019/dsa-4542",
+ "https://github.com/FasterXML/jackson-databind/issues/2478",
+ "https://issues.apache.org/jira/browse/GEODE-7255",
+ "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062",
+ "https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html",
+ "https://lists.apache.org/thread.html/b2e23c94f9dfef53e04c492e5d02e5c75201734be7adc73a49ef2370@%3Cissues.geode.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-6485",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:multiarch-support:2.24-11+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:multiarch-support:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-02-05T01:13:03+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-64004",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "summary": "Apache Commons IO Java Deserialization Remote Code Execution",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-io:commons-io:2.4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://commons-io:commons-io:2.4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.5"
+ ],
+ "published": "2019-03-26T03:42:05+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-79102",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons IO contains a flaw that is due to the program failing to restrict which class can be serialized. This may allow a remote attacker to execute arbitrary Java code via deserialization methods.",
+ "references": [
+ "https://issues.apache.org/jira/browse/IO-487",
+ "http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/",
+ "http://commons.apache.org/proper/commons-io/",
+ "http://www.darkreading.com/informationweek-home/why-the-java-deserialization-bug-is-a-big-deal/d/d-id/1323237"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-15708",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "In Apache Synapse, by default no authentication is required for Java Remote Method Invocation (RMI). So Apache Synapse 3.0.1 or all previous releases (3.0.0, 2.1.0, 2.0.0, 1.2, 1.1.2, 1.1.1) allows remote code execution attacks that can be performed by injecting specially crafted serialized objects. And the presence of Apache Commons Collections 3.2.1 (commons-collections-3.2.1.jar) or previous versions in Synapse distribution makes this exploitable. To mitigate the issue, we need to limit RMI access to trusted users only. Further upgrading to 3.0.1 version will eliminate the risk of having said Commons Collection version. In Synapse 3.0.1, Commons Collection has been updated to 3.2.2 version.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-collections:commons-collections:3.2.1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "generic://sha256:b829aeff2ba3a6b03efab2715037abfdab96e9a832acd2ee7704d8c2f70ac349/juseppe.jar",
+ "gav://commons-collections:commons-collections:3.2.1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "3.2.2"
+ ],
+ "published": "2017-12-12T17:36:21+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-60226",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "In Apache Synapse, by default no authentication is required for Java Remote Method Invocation (RMI). So Apache Synapse 3.0.1 or all previous releases (3.0.0, 2.1.0, 2.0.0, 1.2, 1.1.2, 1.1.1) allows remote code execution attacks that can be performed by injecting specially crafted serialized objects. And the presence of Apache Commons Collections 3.2.1 (commons-collections-3.2.1.jar) or previous versions in Synapse distribution makes this exploitable. To mitigate the issue, we need to limit RMI access to trusted users only. Further upgrading to 3.0.1 version will eliminate the risk of having said Commons Collection version. In Synapse 3.0.1, Commons Collection has been updated to 3.2.2 version.",
+ "references": [
+ "http://www.securityfocus.com/bid/102154",
+ "https://lists.apache.org/thread.html/77f2accf240d25d91b47033e2f8ebec84ffbc6e6627112b2f98b66c9@%3Cdev.synapse.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-15708",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "In Apache Synapse, by default no authentication is required for Java Remote Method Invocation (RMI). So Apache Synapse 3.0.1 or all previous releases (3.0.0, 2.1.0, 2.0.0, 1.2, 1.1.2, 1.1.1) allows remote code execution attacks that can be performed by injecting specially crafted serialized objects. And the presence of Apache Commons Collections 3.2.1 (commons-collections-3.2.1.jar) or previous versions in Synapse distribution makes this exploitable. To mitigate the issue, we need to limit RMI access to trusted users only. Further upgrading to 3.0.1 version will eliminate the risk of having said Commons Collection version. In Synapse 3.0.1, Commons Collection has been updated to 3.2.2 version.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-collections:commons-collections:3.2.1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://commons-collections:commons-collections:3.2.1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "3.2.2"
+ ],
+ "published": "2017-12-12T17:36:21+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-60226",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "In Apache Synapse, by default no authentication is required for Java Remote Method Invocation (RMI). So Apache Synapse 3.0.1 or all previous releases (3.0.0, 2.1.0, 2.0.0, 1.2, 1.1.2, 1.1.1) allows remote code execution attacks that can be performed by injecting specially crafted serialized objects. And the presence of Apache Commons Collections 3.2.1 (commons-collections-3.2.1.jar) or previous versions in Synapse distribution makes this exploitable. To mitigate the issue, we need to limit RMI access to trusted users only. Further upgrading to 3.0.1 version will eliminate the risk of having said Commons Collection version. In Synapse 3.0.1, Commons Collection has been updated to 3.2.2 version.",
+ "references": [
+ "http://www.securityfocus.com/bid/102154",
+ "https://lists.apache.org/thread.html/77f2accf240d25d91b47033e2f8ebec84ffbc6e6627112b2f98b66c9@%3Cdev.synapse.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-14176",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 8.8,
+ "summary": "Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:python-bzrlib:2.7.0+bzr6619-7+deb9u1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:python-bzrlib:2.7.0+bzr6619-7+deb9u1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2017-09-27T04:23:04+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-58683",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-1000001",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:multiarch-support:2.24-11+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:multiarch-support:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-01-13T14:04:15+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-60416",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-9169",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc6:2.24-11+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libc6:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2019-02-28T14:31:09+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-75785",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-17006",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 9.8,
+ "summary": "In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libnss3:2:3.26.2-1.1+deb9u1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:b919b8fd1620fbf048cb2f5e94af0f35b4981c92b319519625ee5d61c181a9d1/sha256__b919b8fd1620fbf048cb2f5e94af0f35b4981c92b319519625ee5d61c181a9d1.tar.gz",
+ "deb://debian:stretch:libnss3:2:3.26.2-1.1+deb9u1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2019-12-28T15:26:39+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-93215",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-12900",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libbz2-1.0:1.0.6-8.1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libbz2-1.0:1.0.6-8.1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2019-06-20T21:40:18+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-84196",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-12652",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "libpng before 1.6.32 does not properly check the length of chunks against the user limit.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libpng16-16:1.6.28-1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:b919b8fd1620fbf048cb2f5e94af0f35b4981c92b319519625ee5d61c181a9d1/sha256__b919b8fd1620fbf048cb2f5e94af0f35b4981c92b319519625ee5d61c181a9d1.tar.gz",
+ "deb://debian:stretch:libpng16-16:1.6.28-1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2019-07-11T21:57:00+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-84732",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "libpng before 1.6.32 does not properly check the length of chunks against the user limit.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3177",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libpython2.7-minimal:2.7.13-2+deb9u2",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:libpython2.7-minimal:2.7.13-2+deb9u2"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2021-01-21T15:17:47+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-138768",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "Apache Maven External Repository Validation Failure Arbitrary Code Execution",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.maven:maven-settings:3.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://org.apache.maven:maven-settings:3.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "3.8.1"
+ ],
+ "published": "2021-04-14T16:59:26+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-172725",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Maven contains a flaw that is triggered as the program insecurely uses material from an insecure external repository by default. This may allow a remote attacker with control of a repository that is in use, to potentially inject and execute malicious code.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-26291",
+ "http://maven.apache.org/docs/3.8.1/release-notes.html",
+ "http://mail-archives.apache.org/mod_mbox/maven-announce/202104.mbox/%3CMailbird-0918dc43-dc18-4008-b83b-8bc8b1528177%40apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-16839",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:curl:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:5cee356eda6bfe3a5a229cd3d964e722ade1da4381842b24e943b03a37aec1f2/sha256__5cee356eda6bfe3a5a229cd3d964e722ade1da4381842b24e943b03a37aec1f2.tar.gz",
+ "deb://debian:stretch:curl:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "≥ 7.52.1-5+deb9u8"
+ ],
+ "published": "2018-11-02T05:43:09+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-73428",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18311",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libperl5.24:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:libperl5.24:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-11-30T13:56:46+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-73963",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10878",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:perl-base:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:perl-base:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2020-06-03T17:23:29+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-99873",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000487",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:2.0.5",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://org.codehaus.plexus:plexus-utils:2.0.5"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "3.0.16"
+ ],
+ "published": "2019-06-10T18:42:32+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-83897",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1322",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522",
+ "https://www.debian.org/security/2018/dsa-4149",
+ "https://www.debian.org/security/2018/dsa-4146",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-14893",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A flaw was discovered in FasterXML jackson-databind in all versions before 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.8.11.5",
+ "2.9.10",
+ "2.7.9.7",
+ "2.6.7.3"
+ ],
+ "published": "2020-03-04T20:15:52+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-95103",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "A flaw was discovered in FasterXML jackson-databind in all versions before 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.",
+ "references": [
+ "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14893",
+ "https://security.netapp.com/advisory/ntap-20200327-0006/",
+ "https://github.com/FasterXML/jackson-databind/issues/2469",
+ "https://access.redhat.com/errata/RHSA-2020:0729"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-14720",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.9.7",
+ "2.8.11.3",
+ "2.7.9.5",
+ "2.6.7.2"
+ ],
+ "published": "2019-01-29T23:31:53+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-74874",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.",
+ "references": [
+ "https://seclists.org/bugtraq/2019/May/68",
+ "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44",
+ "https://github.com/FasterXML/jackson-databind/issues/2097",
+ "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7",
+ "https://security.netapp.com/advisory/ntap-20190530-0003/",
+ "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
+ "https://www.debian.org/security/2019/dsa-4452",
+ "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
+ "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
+ "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html",
+ "https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E",
+ "https://access.redhat.com/errata/RHBA-2019:0959",
+ "https://access.redhat.com/errata/RHSA-2019:0782",
+ "https://access.redhat.com/errata/RHSA-2019:1106",
+ "https://access.redhat.com/errata/RHSA-2019:1107",
+ "https://access.redhat.com/errata/RHSA-2019:1108",
+ "https://access.redhat.com/errata/RHSA-2019:1140",
+ "https://access.redhat.com/errata/RHSA-2019:1822",
+ "https://access.redhat.com/errata/RHSA-2019:1823",
+ "https://access.redhat.com/errata/RHSA-2019:2858"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-6551",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc-bin:2.24-11+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libc-bin:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-02-05T01:11:27+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-63998",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-5481",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libcurl3-gnutls:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:libcurl3-gnutls:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2019-09-12T02:40:46+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-87996",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-2779",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:util-linux:2.29.2-1+deb9u1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:util-linux:2.29.2-1+deb9u1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2016-11-28T00:17:10+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-40740",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-19362",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.9.8",
+ "2.8.11.3",
+ "2.7.9.5",
+ "2.6.7.3"
+ ],
+ "published": "2019-01-29T23:31:53+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-74869",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b",
+ "https://github.com/FasterXML/jackson-databind/issues/2186",
+ "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8",
+ "https://issues.apache.org/jira/browse/TINKERPOP-2121"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18314",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:perl:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:perl:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "≥ 5.24.1-3+deb9u5"
+ ],
+ "published": "2018-11-30T14:00:18+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-73973",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-2779",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:bsdutils:1:2.29.2-1+deb9u1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:bsdutils:1:2.29.2-1+deb9u1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2016-11-28T00:17:10+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-40740",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-14379",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.9.9.2",
+ "2.8.11.4",
+ "2.7.9.6",
+ "2.6.7.3"
+ ],
+ "published": "2019-07-30T21:04:13+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-85453",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.",
+ "references": [
+ "https://security.netapp.com/advisory/ntap-20190814-0001/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UKUALE2TUCKEKOHE2D342PQXN4MWCSLC/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OVRZDN2T6AZ6DJCZJ3VSIQIVHBVMVWBL/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXRVXNRFHJSQWFHPRJQRI5UPMZ63B544/",
+ "https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.1...jackson-databind-2.9.9.2",
+ "https://github.com/FasterXML/jackson-databind/issues/2387",
+ "https://lists.apache.org/thread.html/e25e734c315f70d8876a846926cfe3bfa1a4888044f146e844caf72f@%3Ccommits.ambari.apache.org%3E",
+ "https://lists.apache.org/thread.html/f17f63b0f8a57e4a5759e01d25cffc0548f0b61ff5c6bfd704ad2f2a@%3Ccommits.ambari.apache.org%3E",
+ "https://lists.debian.org/debian-lts-announce/2019/08/msg00011.html",
+ "https://lists.apache.org/thread.html/75f482fdc84abe6d0c8f438a76437c335a7bbeb5cddd4d70b4bc0cbf@%3Cissues.iceberg.apache.org%3E",
+ "https://lists.apache.org/thread.html/689c6bcc6c7612eee71e453a115a4c8581e7b718537025d4b265783d@%3Cissues.iceberg.apache.org%3E",
+ "https://lists.apache.org/thread.html/99944f86abefde389da9b4040ea2327c6aa0b53a2ff9352bd4cfec17@%3Cissues.iceberg.apache.org%3E",
+ "https://lists.apache.org/thread.html/d161ff3d59c5a8213400dd6afb1cce1fac4f687c32d1e0c0bfbfaa2d@%3Cissues.iceberg.apache.org%3E",
+ "https://lists.apache.org/thread.html/2766188be238a446a250ef76801037d452979152d85bce5e46805815@%3Cissues.iceberg.apache.org%3E",
+ "https://lists.apache.org/thread.html/8723b52c2544e6cb804bc8a36622c584acd1bd6c53f2b6034c9fea54@%3Cissues.iceberg.apache.org%3E",
+ "https://lists.apache.org/thread.html/859815b2e9f1575acbb2b260b73861c16ca49bca627fa0c46419051f@%3Cissues.iceberg.apache.org%3E",
+ "https://lists.apache.org/thread.html/525bcf949a4b0da87a375cbad2680b8beccde749522f24c49befe7fb@%3Ccommits.pulsar.apache.org%3E",
+ "https://lists.apache.org/thread.html/940b4c3fef002461b89a050935337056d4a036a65ef68e0bbd4621ef@%3Cdev.struts.apache.org%3E",
+ "https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E",
+ "https://lists.apache.org/thread.html/56c8042873595b8c863054c7bfccab4bf2c01c6f5abedae249d914b9@%3Cdev.tomee.apache.org%3E",
+ "https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E",
+ "https://lists.apache.org/thread.html/ee0a051428d2c719acfa297d0854a189ea5e284ef3ed491fa672f4be@%3Cdev.tomee.apache.org%3E",
+ "https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E",
+ "https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d@%3Cdev.tomee.apache.org%3E",
+ "https://lists.apache.org/thread.html/5ecc333113b139429f4f05000d4aa2886974d4df3269c1dd990bb319@%3Cdev.tomee.apache.org%3E",
+ "https://lists.apache.org/thread.html/87e46591de8925f719664a845572d184027258c5a7af0a471b53c77b@%3Cdev.tomee.apache.org%3E",
+ "https://lists.apache.org/thread.html/5fc0e16b7af2590bf1e97c76c136291c4fdb244ee63c65c485c9a7a1@%3Cdev.tomee.apache.org%3E",
+ "https://access.redhat.com/errata/RHBA-2019:2824",
+ "https://access.redhat.com/errata/RHSA-2019:2743",
+ "https://access.redhat.com/errata/RHSA-2019:2858",
+ "https://access.redhat.com/errata/RHSA-2019:2935",
+ "https://access.redhat.com/errata/RHSA-2019:2936",
+ "https://access.redhat.com/errata/RHSA-2019:2937",
+ "https://access.redhat.com/errata/RHSA-2019:2938",
+ "https://access.redhat.com/errata/RHSA-2019:2998",
+ "https://access.redhat.com/errata/RHSA-2019:3044",
+ "https://access.redhat.com/errata/RHSA-2019:3045",
+ "https://access.redhat.com/errata/RHSA-2019:3046",
+ "https://access.redhat.com/errata/RHSA-2019:3050"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18311",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:perl-base:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:perl-base:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-11-30T13:56:46+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-73963",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-15686",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 9.8,
+ "summary": "A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libsystemd0:232-25+deb9u4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libsystemd0:232-25+deb9u4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-10-29T12:05:20+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-73267",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3177",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libpython2.7-stdlib:2.7.13-2+deb9u2",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:libpython2.7-stdlib:2.7.13-2+deb9u2"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2021-01-21T15:17:47+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-138768",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-6485",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc-bin:2.24-11+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libc-bin:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-02-05T01:13:03+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-64004",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-15688",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libudev1:232-25+deb9u4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libudev1:232-25+deb9u4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-10-29T11:52:21+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-73258",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-2779",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libblkid1:2.29.2-1+deb9u1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libblkid1:2.29.2-1+deb9u1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2016-11-28T00:17:10+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-40740",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-16839",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libcurl3-gnutls:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:libcurl3-gnutls:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-11-02T05:43:09+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-73428",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-17485",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring libraries are available in the classpath.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.7.9.2",
+ "2.9.4",
+ "2.6.7.3",
+ "2.8.11"
+ ],
+ "published": "2018-01-29T18:04:49+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-60821",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring libraries are available in the classpath.",
+ "references": [
+ "http://www.securityfocus.com/archive/1/archive/1/541652/100/0/threaded",
+ "https://access.redhat.com/errata/RHSA-2018:0116",
+ "https://github.com/FasterXML/jackson-databind/issues/1855",
+ "https://github.com/irsl/jackson-rce-via-spel/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-14718",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.9.7",
+ "2.8.11.3",
+ "2.7.9.5",
+ "2.6.7.3"
+ ],
+ "published": "2019-01-29T23:31:54+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-74876",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.",
+ "references": [
+ "http://www.securityfocus.com/bid/106601",
+ "https://seclists.org/bugtraq/2019/May/68",
+ "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44",
+ "https://github.com/FasterXML/jackson-databind/issues/2097",
+ "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7",
+ "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
+ "https://www.debian.org/security/2019/dsa-4452",
+ "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
+ "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html",
+ "https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E",
+ "https://access.redhat.com/errata/RHBA-2019:0959",
+ "https://access.redhat.com/errata/RHSA-2019:0782",
+ "https://access.redhat.com/errata/RHSA-2019:0877"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000487",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://org.codehaus.plexus:plexus-utils:3.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "3.0.16"
+ ],
+ "published": "2019-06-10T18:42:32+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-83897",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1322",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522",
+ "https://www.debian.org/security/2018/dsa-4149",
+ "https://www.debian.org/security/2018/dsa-4146",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-7525",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.9.0.pr3",
+ "2.8.9",
+ "2.7.9.1",
+ "2.6.7.1"
+ ],
+ "published": "2017-11-22T20:02:40+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-59969",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
+ "references": [
+ "http://www.securityfocus.com/bid/99623",
+ "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1462702",
+ "https://cwiki.apache.org/confluence/display/WW/S2-055",
+ "https://github.com/FasterXML/jackson-databind/issues/1599",
+ "https://github.com/FasterXML/jackson-databind/issues/1723",
+ "https://security.netapp.com/advisory/ntap-20171214-0002/",
+ "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03902en_us",
+ "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
+ "https://www.debian.org/security/2017/dsa-4004",
+ "https://www.oracle.com/security-alerts/cpuoct2020.html",
+ "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
+ "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
+ "https://lists.apache.org/thread.html/4641ed8616ccc2c1fbddac2c3dc9900c96387bc226eaf0232d61909b@%3Ccommits.cassandra.apache.org%3E",
+ "https://lists.debian.org/debian-lts-announce/2020/01/msg00037.html",
+ "https://lists.debian.org/debian-lts-announce/2020/08/msg00039.html",
+ "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E",
+ "https://lists.apache.org/thread.html/c2ed4c0126b43e324cf740012a0edd371fd36096fd777be7bfe7a2a6@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/f60afd3c7e9ebaaf70fad4a4beb75cf8740ac959017a31e7006c7486@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/c10a2bf0fdc3d25faf17bd191d6ec46b29a353fa9c97bebd7c4e5913@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/3c87dc8bca99a2b3b4743713b33d1de05b1d6b761fdf316224e9c81f@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/b1f33fe5ade396bb903fdcabe9f243f7692c7dfce5418d3743c2d346@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/5008bcbd45ee65ce39e4220b6ac53d28a24d6bc67d5804e9773a7399@%3Csolr-user.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/c9d5ff20929e8a3c8794facf4c4b326a9c10618812eec356caa20b87@%3Csolr-user.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/f095a791bda6c0595f691eddd0febb2d396987eec5cbd29120d8c629@%3Csolr-user.lucene.apache.org%3E",
+ "https://access.redhat.com/errata/RHSA-2017:1834",
+ "https://access.redhat.com/errata/RHSA-2017:1835",
+ "https://access.redhat.com/errata/RHSA-2017:1836",
+ "https://access.redhat.com/errata/RHSA-2017:1837",
+ "https://access.redhat.com/errata/RHSA-2017:1839",
+ "https://access.redhat.com/errata/RHSA-2017:1840",
+ "https://access.redhat.com/errata/RHSA-2017:2477",
+ "https://access.redhat.com/errata/RHSA-2017:2546",
+ "https://access.redhat.com/errata/RHSA-2017:2547",
+ "https://access.redhat.com/errata/RHSA-2017:2633",
+ "https://access.redhat.com/errata/RHSA-2017:2635",
+ "https://access.redhat.com/errata/RHSA-2017:2636",
+ "https://access.redhat.com/errata/RHSA-2017:2637",
+ "https://access.redhat.com/errata/RHSA-2017:2638",
+ "https://access.redhat.com/errata/RHSA-2017:3141",
+ "https://access.redhat.com/errata/RHSA-2017:3454",
+ "https://access.redhat.com/errata/RHSA-2017:3455",
+ "https://access.redhat.com/errata/RHSA-2017:3456",
+ "https://access.redhat.com/errata/RHSA-2017:3458",
+ "https://access.redhat.com/errata/RHSA-2018:0294",
+ "https://access.redhat.com/errata/RHSA-2018:0342",
+ "https://access.redhat.com/errata/RHSA-2018:1449",
+ "https://access.redhat.com/errata/RHSA-2018:1450",
+ "https://access.redhat.com/errata/RHSA-2019:0910",
+ "https://access.redhat.com/errata/RHSA-2019:2858",
+ "https://access.redhat.com/errata/RHSA-2019:3149",
+ "http://www.securitytracker.com/id/1039744",
+ "http://www.securitytracker.com/id/1039947",
+ "http://www.securitytracker.com/id/1040360"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "Apache Maven External Repository Validation Failure Arbitrary Code Execution",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.maven:maven-settings:3.5.4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:4d4d32abb4d85b74b70bb9179b1d8dde3f3ca59f882bb7a00abf8975b4ab2861/sha256__4d4d32abb4d85b74b70bb9179b1d8dde3f3ca59f882bb7a00abf8975b4ab2861.tar.gz",
+ "gav://org.apache.maven:maven-settings:3.5.4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "3.8.1"
+ ],
+ "published": "2021-04-14T16:59:26+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-172725",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Maven contains a flaw that is triggered as the program insecurely uses material from an insecure external repository by default. This may allow a remote attacker with control of a repository that is in use, to potentially inject and execute malicious code.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-26291",
+ "http://maven.apache.org/docs/3.8.1/release-notes.html",
+ "http://mail-archives.apache.org/mod_mbox/maven-announce/202104.mbox/%3CMailbird-0918dc43-dc18-4008-b83b-8bc8b1528177%40apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-18269",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc6:2.24-11+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libc6:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-05-19T18:22:29+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-68008",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18314",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libperl5.24:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:libperl5.24:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-11-30T14:00:18+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-73973",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-17571",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.",
+ "severity": "High",
+ "vulnerable_component": "gav://log4j:log4j:1.2.17",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://log4j:log4j:1.2.17"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2019-12-23T18:15:27+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-93075",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.",
+ "references": [
+ "https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-17571",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.",
+ "severity": "High",
+ "vulnerable_component": "gav://log4j:log4j:1.2.17",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "generic://sha256:b829aeff2ba3a6b03efab2715037abfdab96e9a832acd2ee7704d8c2f70ac349/juseppe.jar",
+ "gav://log4j:log4j:1.2.17"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2019-12-23T18:15:27+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-93075",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.",
+ "references": [
+ "https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-14721",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 10,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 10,
+ "summary": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.7.9.5",
+ "2.8.11.3",
+ "2.9.7",
+ "2.6.7.2"
+ ],
+ "published": "2019-01-29T23:31:53+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-74873",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.",
+ "references": [
+ "https://seclists.org/bugtraq/2019/May/68",
+ "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44",
+ "https://github.com/FasterXML/jackson-databind/issues/2097",
+ "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7",
+ "https://security.netapp.com/advisory/ntap-20190530-0003/",
+ "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
+ "https://www.debian.org/security/2019/dsa-4452",
+ "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
+ "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
+ "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html",
+ "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E",
+ "https://access.redhat.com/errata/RHBA-2019:0959",
+ "https://access.redhat.com/errata/RHSA-2019:0782",
+ "https://access.redhat.com/errata/RHSA-2019:1106",
+ "https://access.redhat.com/errata/RHSA-2019:1107",
+ "https://access.redhat.com/errata/RHSA-2019:1108",
+ "https://access.redhat.com/errata/RHSA-2019:1140",
+ "https://access.redhat.com/errata/RHSA-2019:1822",
+ "https://access.redhat.com/errata/RHSA-2019:1823",
+ "https://access.redhat.com/errata/RHSA-2019:2858"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-5482",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libcurl3:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:5cee356eda6bfe3a5a229cd3d964e722ade1da4381842b24e943b03a37aec1f2/sha256__5cee356eda6bfe3a5a229cd3d964e722ade1da4381842b24e943b03a37aec1f2.tar.gz",
+ "deb://debian:stretch:libcurl3:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2019-09-12T02:51:17+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-87998",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-7489",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.7.9.3",
+ "2.8.11.1",
+ "2.9.5"
+ ],
+ "published": "2018-04-04T21:15:10+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-66736",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.",
+ "references": [
+ "http://www.securityfocus.com/bid/103203",
+ "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
+ "https://github.com/FasterXML/jackson-databind/issues/1931",
+ "https://security.netapp.com/advisory/ntap-20180328-0001/",
+ "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03902en_us",
+ "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
+ "https://www.debian.org/security/2018/dsa-4190",
+ "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
+ "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
+ "https://access.redhat.com/errata/RHSA-2018:1447",
+ "https://access.redhat.com/errata/RHSA-2018:1448",
+ "https://access.redhat.com/errata/RHSA-2018:1449",
+ "https://access.redhat.com/errata/RHSA-2018:1450",
+ "https://access.redhat.com/errata/RHSA-2018:1451",
+ "https://access.redhat.com/errata/RHSA-2018:1786",
+ "https://access.redhat.com/errata/RHSA-2018:2088",
+ "https://access.redhat.com/errata/RHSA-2018:2089",
+ "https://access.redhat.com/errata/RHSA-2018:2090",
+ "https://access.redhat.com/errata/RHSA-2018:2938",
+ "https://access.redhat.com/errata/RHSA-2018:2939",
+ "https://access.redhat.com/errata/RHSA-2019:2858",
+ "http://www.securitytracker.com/id/1040693",
+ "http://www.securitytracker.com/id/1041890"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000487",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:2.0.4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://org.codehaus.plexus:plexus-utils:2.0.4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "3.0.16"
+ ],
+ "published": "2019-06-10T18:42:32+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-83897",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1322",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522",
+ "https://www.debian.org/security/2018/dsa-4149",
+ "https://www.debian.org/security/2018/dsa-4146",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-2779",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:mount:2.29.2-1+deb9u1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:mount:2.29.2-1+deb9u1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2016-11-28T00:17:10+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-40740",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-17458",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 9.8,
+ "summary": "In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be created programmatically.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:mercurial:4.0-1+deb9u1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:mercurial:4.0-1+deb9u1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "≥ 4.0-1+deb9u2"
+ ],
+ "published": "2017-12-09T08:04:43+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-60147",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be created programmatically.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML Jackson Core WRITE_BIGDECIMAL_AS_PLAIN Setting BigDecimal Writing Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-core:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-core:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.7.7"
+ ],
+ "published": "2021-01-31T22:46:06+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-139063",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML Jackson Core contains a flaw in the WRITE_BIGDECIMAL_AS_PLAIN settings that is triggered as there are no size limits when writing BigDecimal. This may allow an attacker to exhaust available memory resources.",
+ "references": [
+ "https://support.hcltechsw.com/community?id=community_blog\u0026sys_id=6fa12489db02a810a45ad9fcd39619e7",
+ "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0086419\u0026sys_kb_id=5926e8a01b312818534c4159cc4bcbcc"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-1352",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 8.8,
+ "summary": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:git-man:1:2.11.0-3+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:git-man:1:2.11.0-3+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2019-12-11T15:13:58+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-92625",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-17456",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive \"git clone\" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:git:1:2.11.0-3+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:git:1:2.11.0-3+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "≥ 1:2.11.0-3+deb9u4"
+ ],
+ "published": "2018-10-07T03:17:12+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-72281",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive \"git clone\" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-17456",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive \"git clone\" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:git-man:1:2.11.0-3+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:git-man:1:2.11.0-3+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-10-07T03:17:12+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-72281",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive \"git clone\" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "FasterXML jackson-databind org.arrah.framework.rdbms.UpdatableJdbcRowsetImpl Gadget Insecure Deserialization Unspecified Remote Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.9.10.6"
+ ],
+ "published": "2020-09-02T23:19:05+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-122084",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains a flaw that is triggered if an application deserializes JSON content from an untrusted source, as the org.arrah.framework.rdbms.UpdatableJdbcRowsetImpl gadget may allow performing sensitive actions. This may allow a remote attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/issues/2827",
+ "https://github.com/FasterXML/jackson-databind/commit/e701bd852ca9a22e04743104987f11ae575a6fe2"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-12562",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in libsndfile through 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libsndfile1:1.0.27-3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:b919b8fd1620fbf048cb2f5e94af0f35b4981c92b319519625ee5d61c181a9d1/sha256__b919b8fd1620fbf048cb2f5e94af0f35b4981c92b319519625ee5d61c181a9d1.tar.gz",
+ "deb://debian:stretch:libsndfile1:1.0.27-3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2017-08-06T18:01:56+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-57758",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in libsndfile through 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "Plexus-utils util/xml/XmlWriterUtil.java XmlWriterUtil::writeComment() Function Comment String Escape XML Injection Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:2.0.5",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://org.codehaus.plexus:plexus-utils:2.0.5"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-09-15T21:14:39+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-88166",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils contains a flaw in the XmlWriterUtil::writeComment() function in util/xml/XmlWriterUtil.java that is triggered as comment strings are not properly sanitized. This may allow a context-dependent attacker to inject unexpected content through XML code and have an unspecified impact.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/issues/3",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-3822",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:curl:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:5cee356eda6bfe3a5a229cd3d964e722ade1da4381842b24e943b03a37aec1f2/sha256__5cee356eda6bfe3a5a229cd3d964e722ade1da4381842b24e943b03a37aec1f2.tar.gz",
+ "deb://debian:stretch:curl:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "≥ 7.52.1-5+deb9u9"
+ ],
+ "published": "2019-02-07T22:57:39+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-75087",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:multiarch-support:2.24-11+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:multiarch-support:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-8457",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libsqlite3-0:3.16.2-5+deb9u1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:89d3385f0fd3c0c904ff6e87195bb46f5d9d309e8ddd91bc9b20855d103eeffb/sha256__89d3385f0fd3c0c904ff6e87195bb46f5d9d309e8ddd91bc9b20855d103eeffb.tar.gz",
+ "deb://debian:stretch:libsqlite3-0:3.16.2-5+deb9u1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2019-05-31T08:34:15+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-83115",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-14719",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.9.7",
+ "2.8.11.3",
+ "2.7.9.5",
+ "2.6.7.2"
+ ],
+ "published": "2019-01-29T23:31:53+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-74875",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.",
+ "references": [
+ "https://seclists.org/bugtraq/2019/May/68",
+ "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44",
+ "https://github.com/FasterXML/jackson-databind/issues/2097",
+ "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7",
+ "https://security.netapp.com/advisory/ntap-20190530-0003/",
+ "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
+ "https://www.debian.org/security/2019/dsa-4452",
+ "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
+ "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
+ "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html",
+ "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E",
+ "https://access.redhat.com/errata/RHBA-2019:0959",
+ "https://access.redhat.com/errata/RHSA-2019:0782",
+ "https://access.redhat.com/errata/RHSA-2019:0877",
+ "https://access.redhat.com/errata/RHSA-2019:1782",
+ "https://access.redhat.com/errata/RHSA-2019:1797",
+ "https://access.redhat.com/errata/RHSA-2019:1822",
+ "https://access.redhat.com/errata/RHSA-2019:1823",
+ "https://access.redhat.com/errata/RHSA-2019:2804"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-2779",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libfdisk1:2.29.2-1+deb9u1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libfdisk1:2.29.2-1+deb9u1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2016-11-28T00:17:10+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-40740",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "FasterXML jackson-databind com.nqadmin.rowset.JdbcRowSetImpl Gadget Insecure Deserialization Unspecified Remote Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.9.10.6"
+ ],
+ "published": "2020-09-02T23:19:05+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-122085",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains a flaw that is triggered if an application deserializes JSON content from an untrusted source, as the com.nqadmin.rowset.JdbcRowSetImpl gadget may allow performing sensitive actions. This may allow a remote attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/commit/e701bd852ca9a22e04743104987f11ae575a6fe2",
+ "https://github.com/FasterXML/jackson-databind/issues/2826"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-17267",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.10.0",
+ "2.8.11.5",
+ "2.9.10",
+ "2.6.7.3"
+ ],
+ "published": "2019-10-11T00:16:45+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-89694",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.",
+ "references": [
+ "https://security.netapp.com/advisory/ntap-20191017-0006/",
+ "https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.3...jackson-databind-2.9.10",
+ "https://github.com/FasterXML/jackson-databind/issues/2460",
+ "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E",
+ "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10878",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libperl5.24:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:libperl5.24:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2020-06-03T17:23:29+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-99873",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "Plexus-utils util/xml/XmlWriterUtil.java XmlWriterUtil::writeComment() Function Comment String Escape XML Injection Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:2.0.4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://org.codehaus.plexus:plexus-utils:2.0.4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-09-15T21:14:39+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-88166",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils contains a flaw in the XmlWriterUtil::writeComment() function in util/xml/XmlWriterUtil.java that is triggered as comment strings are not properly sanitized. This may allow a context-dependent attacker to inject unexpected content through XML code and have an unspecified impact.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/issues/3",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10878",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:perl-modules-5.24:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:perl-modules-5.24:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2020-06-03T17:23:29+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-99873",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3177",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:python2.7-minimal:2.7.13-2+deb9u2",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:python2.7-minimal:2.7.13-2+deb9u2"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2021-01-21T15:17:47+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-138768",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2014-0114",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "summary": "Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-beanutils:commons-beanutils:1.8.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://commons-beanutils:commons-beanutils:1.8.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "1.9.4"
+ ],
+ "published": "2017-07-05T21:31:08+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-55616",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.",
+ "references": [
+ "http://advisories.mageia.org/MGASA-2014-0219.html",
+ "http://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.2/RELEASE-NOTES.txt",
+ "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136958.html",
+ "http://marc.info/?l=bugtraq\u0026m=140119284401582\u0026w=2",
+ "http://marc.info/?l=bugtraq\u0026m=140801096002766\u0026w=2",
+ "http://marc.info/?l=bugtraq\u0026m=141451023707502\u0026w=2",
+ "http://openwall.com/lists/oss-security/2014/06/15/10",
+ "http://openwall.com/lists/oss-security/2014/07/08/1",
+ "http://seclists.org/fulldisclosure/2014/Dec/23",
+ "http://secunia.com/advisories/57477",
+ "http://secunia.com/advisories/58710",
+ "http://secunia.com/advisories/58851",
+ "http://secunia.com/advisories/58947",
+ "http://secunia.com/advisories/59014",
+ "http://secunia.com/advisories/59118",
+ "http://secunia.com/advisories/59228",
+ "http://secunia.com/advisories/59245",
+ "http://secunia.com/advisories/59246",
+ "http://secunia.com/advisories/59430",
+ "http://secunia.com/advisories/59464",
+ "http://secunia.com/advisories/59479",
+ "http://secunia.com/advisories/59480",
+ "http://secunia.com/advisories/59704",
+ "http://secunia.com/advisories/59718",
+ "http://secunia.com/advisories/60177",
+ "http://secunia.com/advisories/60703",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21674128",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21674812",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675266",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675387",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675689",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675898",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675972",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676091",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676110",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676303",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676375",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676931",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21677110",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg27042296",
+ "http://www.debian.org/security/2014/dsa-2940",
+ "http://www.ibm.com/support/docview.wss?uid=swg21675496",
+ "http://www.mandriva.com/security/advisories?name=MDVSA-2014:095",
+ "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
+ "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
+ "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
+ "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
+ "http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded",
+ "http://www.securityfocus.com/bid/67121",
+ "http://www.vmware.com/security/advisories/VMSA-2014-0008.html",
+ "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
+ "https://access.redhat.com/solutions/869353",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1091938",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1116665",
+ "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755",
+ "https://issues.apache.org/jira/browse/BEANUTILS-463",
+ "https://security.gentoo.org/glsa/201607-09"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2014-0114",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "summary": "Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-beanutils:commons-beanutils:1.8.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "generic://sha256:b829aeff2ba3a6b03efab2715037abfdab96e9a832acd2ee7704d8c2f70ac349/juseppe.jar",
+ "gav://commons-beanutils:commons-beanutils:1.8.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "1.9.4"
+ ],
+ "published": "2017-07-05T21:31:08+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-55616",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.",
+ "references": [
+ "http://advisories.mageia.org/MGASA-2014-0219.html",
+ "http://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.2/RELEASE-NOTES.txt",
+ "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136958.html",
+ "http://marc.info/?l=bugtraq\u0026m=140119284401582\u0026w=2",
+ "http://marc.info/?l=bugtraq\u0026m=140801096002766\u0026w=2",
+ "http://marc.info/?l=bugtraq\u0026m=141451023707502\u0026w=2",
+ "http://openwall.com/lists/oss-security/2014/06/15/10",
+ "http://openwall.com/lists/oss-security/2014/07/08/1",
+ "http://seclists.org/fulldisclosure/2014/Dec/23",
+ "http://secunia.com/advisories/57477",
+ "http://secunia.com/advisories/58710",
+ "http://secunia.com/advisories/58851",
+ "http://secunia.com/advisories/58947",
+ "http://secunia.com/advisories/59014",
+ "http://secunia.com/advisories/59118",
+ "http://secunia.com/advisories/59228",
+ "http://secunia.com/advisories/59245",
+ "http://secunia.com/advisories/59246",
+ "http://secunia.com/advisories/59430",
+ "http://secunia.com/advisories/59464",
+ "http://secunia.com/advisories/59479",
+ "http://secunia.com/advisories/59480",
+ "http://secunia.com/advisories/59704",
+ "http://secunia.com/advisories/59718",
+ "http://secunia.com/advisories/60177",
+ "http://secunia.com/advisories/60703",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21674128",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21674812",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675266",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675387",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675689",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675898",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675972",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676091",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676110",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676303",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676375",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676931",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21677110",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg27042296",
+ "http://www.debian.org/security/2014/dsa-2940",
+ "http://www.ibm.com/support/docview.wss?uid=swg21675496",
+ "http://www.mandriva.com/security/advisories?name=MDVSA-2014:095",
+ "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
+ "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
+ "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
+ "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
+ "http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded",
+ "http://www.securityfocus.com/bid/67121",
+ "http://www.vmware.com/security/advisories/VMSA-2014-0008.html",
+ "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
+ "https://access.redhat.com/solutions/869353",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1091938",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1116665",
+ "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755",
+ "https://issues.apache.org/jira/browse/BEANUTILS-463",
+ "https://security.gentoo.org/glsa/201607-09"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000487",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:1.0.4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://org.codehaus.plexus:plexus-utils:1.0.4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "3.0.16"
+ ],
+ "published": "2019-06-10T18:42:32+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-83897",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1322",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522",
+ "https://www.debian.org/security/2018/dsa-4149",
+ "https://www.debian.org/security/2018/dsa-4146",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18312",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libperl5.24:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:libperl5.24:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-11-30T13:59:48+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-73970",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "Apache Maven External Repository Validation Failure Arbitrary Code Execution",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.maven:maven-core:3.5.4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:4d4d32abb4d85b74b70bb9179b1d8dde3f3ca59f882bb7a00abf8975b4ab2861/sha256__4d4d32abb4d85b74b70bb9179b1d8dde3f3ca59f882bb7a00abf8975b4ab2861.tar.gz",
+ "gav://org.apache.maven:maven-core:3.5.4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "3.8.1"
+ ],
+ "published": "2021-04-14T16:59:26+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-172725",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Maven contains a flaw that is triggered as the program insecurely uses material from an insecure external repository by default. This may allow a remote attacker with control of a repository that is in use, to potentially inject and execute malicious code.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-26291",
+ "http://maven.apache.org/docs/3.8.1/release-notes.html",
+ "http://mail-archives.apache.org/mod_mbox/maven-announce/202104.mbox/%3CMailbird-0918dc43-dc18-4008-b83b-8bc8b1528177%40apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2015-7501",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 9.8,
+ "summary": "Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-collections:commons-collections:3.2.1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "generic://sha256:b829aeff2ba3a6b03efab2715037abfdab96e9a832acd2ee7704d8c2f70ac349/juseppe.jar",
+ "gav://commons-collections:commons-collections:3.2.1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "3.2.2"
+ ],
+ "published": "2017-12-12T20:50:15+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-60228",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.",
+ "references": [
+ "http://www.securityfocus.com/bid/78215",
+ "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
+ "https://access.redhat.com/security/vulnerabilities/2059393",
+ "https://access.redhat.com/solutions/2045023",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1279330",
+ "http://rhn.redhat.com/errata/RHSA-2015-2500.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2501.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2502.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2514.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2516.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2517.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2521.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2522.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2524.html",
+ "https://rhn.redhat.com/errata/RHSA-2015-2536.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2670.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2671.html",
+ "http://rhn.redhat.com/errata/RHSA-2016-0040.html",
+ "http://rhn.redhat.com/errata/RHSA-2016-1773.html",
+ "http://www.securitytracker.com/id/1034097",
+ "http://www.securitytracker.com/id/1037052",
+ "http://www.securitytracker.com/id/1037053",
+ "http://www.securitytracker.com/id/1037640"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2015-7501",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 9.8,
+ "summary": "Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-collections:commons-collections:3.2.1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://commons-collections:commons-collections:3.2.1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "3.2.2"
+ ],
+ "published": "2017-12-12T20:50:15+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-60228",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.",
+ "references": [
+ "http://www.securityfocus.com/bid/78215",
+ "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
+ "https://access.redhat.com/security/vulnerabilities/2059393",
+ "https://access.redhat.com/solutions/2045023",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1279330",
+ "http://rhn.redhat.com/errata/RHSA-2015-2500.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2501.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2502.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2514.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2516.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2517.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2521.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2522.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2524.html",
+ "https://rhn.redhat.com/errata/RHSA-2015-2536.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2670.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2671.html",
+ "http://rhn.redhat.com/errata/RHSA-2016-0040.html",
+ "http://rhn.redhat.com/errata/RHSA-2016-1773.html",
+ "http://www.securitytracker.com/id/1034097",
+ "http://www.securitytracker.com/id/1037052",
+ "http://www.securitytracker.com/id/1037053",
+ "http://www.securitytracker.com/id/1037640"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-14892",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.7.9.7",
+ "2.9.10",
+ "2.8.11.5",
+ "2.6.7.3"
+ ],
+ "published": "2020-03-06T20:15:52+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-95121",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code.",
+ "references": [
+ "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14892",
+ "https://github.com/FasterXML/jackson-databind/issues/2462"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "Apache Maven External Repository Validation Failure Arbitrary Code Execution",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.maven:maven-compat:3.5.4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:4d4d32abb4d85b74b70bb9179b1d8dde3f3ca59f882bb7a00abf8975b4ab2861/sha256__4d4d32abb4d85b74b70bb9179b1d8dde3f3ca59f882bb7a00abf8975b4ab2861.tar.gz",
+ "gav://org.apache.maven:maven-compat:3.5.4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "3.8.1"
+ ],
+ "published": "2021-04-14T16:59:26+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-172725",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Maven contains a flaw that is triggered as the program insecurely uses material from an insecure external repository by default. This may allow a remote attacker with control of a repository that is in use, to potentially inject and execute malicious code.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-26291",
+ "http://maven.apache.org/docs/3.8.1/release-notes.html",
+ "http://mail-archives.apache.org/mod_mbox/maven-announce/202104.mbox/%3CMailbird-0918dc43-dc18-4008-b83b-8bc8b1528177%40apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-3822",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libcurl3-gnutls:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:libcurl3-gnutls:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2019-02-07T22:57:39+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-75087",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-16839",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libcurl3:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:5cee356eda6bfe3a5a229cd3d964e722ade1da4381842b24e943b03a37aec1f2/sha256__5cee356eda6bfe3a5a229cd3d964e722ade1da4381842b24e943b03a37aec1f2.tar.gz",
+ "deb://debian:stretch:libcurl3:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-11-02T05:43:09+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-73428",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc6:2.24-11+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libc6:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-16997",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the \"./\" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc6:2.24-11+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libc6:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-01-13T14:06:04+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-60509",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the \"./\" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-1353",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as \"WSL\") while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:git-man:1:2.11.0-3+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:git-man:1:2.11.0-3+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2019-12-11T15:15:19+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-92626",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as \"WSL\") while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-14618",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 9.8,
+ "summary": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:curl:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:5cee356eda6bfe3a5a229cd3d964e722ade1da4381842b24e943b03a37aec1f2/sha256__5cee356eda6bfe3a5a229cd3d964e722ade1da4381842b24e943b03a37aec1f2.tar.gz",
+ "deb://debian:stretch:curl:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "≥ 7.52.1-5+deb9u7"
+ ],
+ "published": "2018-09-06T07:44:04+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-71227",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-10086",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 7.3,
+ "summary": "In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-beanutils:commons-beanutils:1.8.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://commons-beanutils:commons-beanutils:1.8.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "1.9.4"
+ ],
+ "published": "2019-08-22T19:58:17+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-86096",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.",
+ "references": [
+ "http://mail-archives.apache.org/mod_mbox/www-announce/201908.mbox/%3cC628798F-315D-4428-8CB1-4ED1ECC958E4@apache.org%3e"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-10086",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 7.3,
+ "summary": "In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-beanutils:commons-beanutils:1.8.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "generic://sha256:b829aeff2ba3a6b03efab2715037abfdab96e9a832acd2ee7704d8c2f70ac349/juseppe.jar",
+ "gav://commons-beanutils:commons-beanutils:1.8.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "1.9.4"
+ ],
+ "published": "2019-08-22T19:58:17+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-86096",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.",
+ "references": [
+ "http://mail-archives.apache.org/mod_mbox/www-announce/201908.mbox/%3cC628798F-315D-4428-8CB1-4ED1ECC958E4@apache.org%3e"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10878",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:perl:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:perl:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "≥ 5.24.1-3+deb9u7"
+ ],
+ "published": "2020-06-03T17:23:29+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-99873",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-1349",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 8.8,
+ "summary": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:git:1:2.11.0-3+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:git:1:2.11.0-3+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "≥ 1:2.11.0-3+deb9u5"
+ ],
+ "published": "2019-12-11T15:38:30+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-92638",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18314",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:perl-base:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:perl-base:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-11-30T14:00:18+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-73973",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-2779",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libmount1:2.29.2-1+deb9u1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libmount1:2.29.2-1+deb9u1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2016-11-28T00:17:10+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-40740",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-15095",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "2.9.0",
+ "2.8.11",
+ "2.7.9.2",
+ "2.6.7.3"
+ ],
+ "published": "2018-03-29T22:15:10+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-65641",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.",
+ "references": [
+ "http://www.securitytracker.com/id/1039769",
+ "https://access.redhat.com/errata/RHSA-2017:3189",
+ "https://access.redhat.com/errata/RHSA-2017:3190",
+ "https://access.redhat.com/errata/RHSA-2018:0342",
+ "https://access.redhat.com/errata/RHSA-2018:0478",
+ "https://access.redhat.com/errata/RHSA-2018:0479",
+ "https://access.redhat.com/errata/RHSA-2018:0480",
+ "https://access.redhat.com/errata/RHSA-2018:0481",
+ "https://github.com/FasterXML/jackson-databind/issues/1680",
+ "https://github.com/FasterXML/jackson-databind/issues/1737",
+ "https://security.netapp.com/advisory/ntap-20171214-0003/",
+ "https://www.debian.org/security/2017/dsa-4037"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-3462",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 8.1,
+ "summary": "Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libapt-pkg5.0:1.4.8",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libapt-pkg5.0:1.4.8"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2019-01-23T15:29:56+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-74801",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 8.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 8.5,
+ "cvss3_max_score": 8.2,
+ "summary": "FasterXML jackson-databind ext/DOMDeserializer.java DOMDeserializer Class XML External Entity (XXE) Expansion Remote Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2020-10-15T22:39:55+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-126663",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains an XXE (Xml eXternal Entity) expansion flaw in the DOMDeserializer class in ext/DOMDeserializer.java that is triggered during the parsing of XML data. The issue is due to an incorrectly configured XML parser accepting XML external entities from an untrusted source. By sending specially crafted XML data, a remote attacker can potentially consume excessive system resources or disclose sensitive information.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-25649",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1887664",
+ "https://github.com/FasterXML/jackson-databind/issues/2589",
+ "https://github.com/FasterXML/jackson-databind/commit/e588f0af61b18576779ffb95a2a689a5eb1f9d15",
+ "https://github.com/FasterXML/jackson-databind/blob/jackson-databind-2.11.0/release-notes/VERSION-2.x",
+ "https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18312",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:perl:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:perl:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "≥ 5.24.1-3+deb9u5"
+ ],
+ "published": "2018-11-30T13:59:48+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-73970",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-5482",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libcurl3-gnutls:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:libcurl3-gnutls:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2019-09-12T02:51:17+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-87998",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-1000001",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc-bin:2.24-11+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libc-bin:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-01-13T14:04:15+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-60416",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000408",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:multiarch-support:2.24-11+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:multiarch-support:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2017-12-12T08:36:27+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-60188",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-1352",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 8.8,
+ "summary": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:git:1:2.11.0-3+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:git:1:2.11.0-3+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "≥ 1:2.11.0-3+deb9u5"
+ ],
+ "published": "2019-12-11T15:13:58+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-92625",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-9169",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:multiarch-support:2.24-11+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:multiarch-support:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2019-02-28T14:31:09+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-75785",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-12424",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege boundary in, for example, certain web-hosting environments in which a Control Panel allows an unprivileged user account to create subaccounts.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:passwd:1:4.4-4.1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:passwd:1:4.4-4.1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2017-08-05T18:23:34+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-57714",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege boundary in, for example, certain web-hosting environments in which a Control Panel allows an unprivileged user account to create subaccounts.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-7657",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.eclipse.jetty:jetty-http:9.2.6.v20141205",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "generic://sha256:b829aeff2ba3a6b03efab2715037abfdab96e9a832acd2ee7704d8c2f70ac349/juseppe.jar",
+ "gav://org.eclipse.jetty:jetty-http:9.2.6.v20141205"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "9.4.11.v20180605",
+ "9.3.24.v20180605",
+ "9.2.25.v20180606"
+ ],
+ "published": "2018-08-27T18:19:13+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-70239",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.",
+ "references": [
+ "http://www.securitytracker.com/id/1041194",
+ "https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668",
+ "https://www.debian.org/security/2018/dsa-4278"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-7657",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.eclipse.jetty:jetty-http:9.2.6.v20141205",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683/sha256__cb59b597ab372b4505b5d7cbd7afcf3a2e8489560da92485992d27046cb06683.tar.gz",
+ "gav://org.eclipse.jetty:jetty-http:9.2.6.v20141205"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "9.4.11.v20180605",
+ "9.3.24.v20180605",
+ "9.2.25.v20180606"
+ ],
+ "published": "2018-08-27T18:19:13+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-70239",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.",
+ "references": [
+ "http://www.securitytracker.com/id/1041194",
+ "https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668",
+ "https://www.debian.org/security/2018/dsa-4278"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18312",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:perl-base:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:perl-base:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-11-30T13:59:48+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-73970",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-1349",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 8.8,
+ "summary": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:git-man:1:2.11.0-3+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:git-man:1:2.11.0-3+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2019-12-11T15:38:30+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-92638",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-20843",
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.5,
+ "summary": "In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libexpat1:2.2.0-2+deb9u1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:libexpat1:2.2.0-2+deb9u1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2019-06-27T04:21:54+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-84375",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-5481",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libcurl3:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:5cee356eda6bfe3a5a229cd3d964e722ade1da4381842b24e943b03a37aec1f2/sha256__5cee356eda6bfe3a5a229cd3d964e722ade1da4381842b24e943b03a37aec1f2.tar.gz",
+ "deb://debian:stretch:libcurl3:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2019-09-12T02:40:46+10:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-87996",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3177",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:python2.7:2.7.13-2+deb9u2",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027/sha256__80ae6b477848b6e03aad8ec9c74f1fb80364e5c8b5fe9ca3ec793df84247f027.tar.gz",
+ "deb://debian:stretch:python2.7:2.7.13-2+deb9u2"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2021-01-21T15:17:47+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-138768",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-35512",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "A use-after-free flaw was found in D-Bus Development branch \u003c= 1.13.16, dbus-1.12.x stable branch \u003c= 1.12.18, and dbus-1.10.x and older branches \u003c= 1.10.30 when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D-Bus may free some memory in the heap, which is still used by data structures necessary for the other usernames sharing the UID, possibly leading to a crash or other undefined behaviors",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libdbus-1-3:1.10.26-0+deb9u1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:b919b8fd1620fbf048cb2f5e94af0f35b4981c92b319519625ee5d61c181a9d1/sha256__b919b8fd1620fbf048cb2f5e94af0f35b4981c92b319519625ee5d61c181a9d1.tar.gz",
+ "deb://debian:stretch:libdbus-1-3:1.10.26-0+deb9u1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2021-01-08T15:14:37+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-138268",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A use-after-free flaw was found in D-Bus Development branch \u003c= 1.13.16, dbus-1.12.x stable branch \u003c= 1.12.18, and dbus-1.10.x and older branches \u003c= 1.10.30 when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D-Bus may free some memory in the heap, which is still used by data structures necessary for the other usernames sharing the UID, possibly leading to a crash or other undefined behaviors",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-6551",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:multiarch-support:2.24-11+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:multiarch-support:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-02-05T01:11:27+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-63998",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000408",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc-bin:2.24-11+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libc-bin:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2017-12-12T08:36:27+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-60188",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-2779",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libuuid1:2.29.2-1+deb9u1",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libuuid1:2.29.2-1+deb9u1"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2016-11-28T00:17:10+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-40740",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-1000001",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc6:2.24-11+deb9u3",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:libc6:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [],
+ "published": "2018-01-13T14:04:15+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-60416",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-3462",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 8.1,
+ "summary": "Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:apt:1.4.8",
+ "impacted_artifact": "docker://lanwen/juseppe:latest",
+ "impact_path": [
+ "docker://lanwen/juseppe:latest",
+ "generic://sha256:05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d/sha256__05d1a5232b461a4b35424129580054caa878cd56f100e34282510bd4b4082e4d.tar.gz",
+ "deb://debian:stretch:apt:1.4.8"
+ ],
+ "path": "dockerhub-remote/lanwen/juseppe/latest/",
+ "fixed_versions": [
+ "≥ 1.4.9"
+ ],
+ "published": "2019-01-23T15:29:56+11:00",
+ "artifact_scan_time": "2021-03-02T12:18:44+11:00",
+ "issue_id": "XRAY-74801",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-7657",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.eclipse.jetty:jetty-http:9.2.6.v20141205",
+ "impacted_artifact": "gav://org.eclipse.jetty:jetty-http:9.2.6.v20141205",
+ "impact_path": [
+ "gav://org.eclipse.jetty:jetty-http:9.2.6.v20141205"
+ ],
+ "path": "mavencentral-remote/org/eclipse/jetty/jetty-http/9.2.6.v20141205/jetty-http-9.2.6.v20141205.jar",
+ "fixed_versions": [
+ "9.4.11.v20180605",
+ "9.3.24.v20180605",
+ "9.2.25.v20180606"
+ ],
+ "published": "2018-08-27T18:19:13+10:00",
+ "artifact_scan_time": "2021-03-02T12:07:51+11:00",
+ "issue_id": "XRAY-70239",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.",
+ "references": [
+ "http://www.securitytracker.com/id/1041194",
+ "https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668",
+ "https://www.debian.org/security/2018/dsa-4278"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-7658",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.eclipse.jetty:jetty-http:9.2.6.v20141205",
+ "impacted_artifact": "gav://org.eclipse.jetty:jetty-http:9.2.6.v20141205",
+ "impact_path": [
+ "gav://org.eclipse.jetty:jetty-http:9.2.6.v20141205"
+ ],
+ "path": "mavencentral-remote/org/eclipse/jetty/jetty-http/9.2.6.v20141205/jetty-http-9.2.6.v20141205.jar",
+ "fixed_versions": [
+ "9.4.11.v20180605",
+ "9.3.24.v20180605",
+ "9.2.25.v20180606"
+ ],
+ "published": "2018-08-27T18:18:31+10:00",
+ "artifact_scan_time": "2021-03-02T12:07:51+11:00",
+ "issue_id": "XRAY-70237",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization.",
+ "references": [
+ "http://www.securitytracker.com/id/1041194",
+ "https://bugs.eclipse.org/bugs/show_bug.cgi?id=535669",
+ "https://www.debian.org/security/2018/dsa-4278"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "XStream Insecure Stream Deserialization Infinite Loop CPU Consumption DoS Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:latest",
+ "impact_path": [
+ "docker://jenkins/jenkins:latest",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/latest/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:47+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-146566",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains an infinite loop condition that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to consume available CPU resources and hang a process linked against the library.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21341",
+ "https://x-stream.github.io/CVE-2021-21341.html",
+ "https://x-stream.github.io/changes.html#1.4.16"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc6:2.28-10",
+ "impacted_artifact": "docker://jenkins/jenkins:latest",
+ "impact_path": [
+ "docker://jenkins/jenkins:latest",
+ "generic://sha256:0ecb575e629cd60aa802266a3bc6847dcf4073aa2a6d7d43f717dd61e7b90e0b/sha256__0ecb575e629cd60aa802266a3bc6847dcf4073aa2a6d7d43f717dd61e7b90e0b.tar.gz",
+ "deb://debian:buster:libc6:2.28-10"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/latest/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:locales:2.28-10",
+ "impacted_artifact": "docker://jenkins/jenkins:latest",
+ "impact_path": [
+ "docker://jenkins/jenkins:latest",
+ "generic://sha256:69979fa7a6b362ce93e59780449b4fc767d75857a0fa93a05c4d3beedcdb6a2d/sha256__69979fa7a6b362ce93e59780449b4fc767d75857a0fa93a05c4d3beedcdb6a2d.tar.gz",
+ "deb://debian:buster:locales:2.28-10"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/latest/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc-l10n:2.28-10",
+ "impacted_artifact": "docker://jenkins/jenkins:latest",
+ "impact_path": [
+ "docker://jenkins/jenkins:latest",
+ "generic://sha256:69979fa7a6b362ce93e59780449b4fc767d75857a0fa93a05c4d3beedcdb6a2d/sha256__69979fa7a6b362ce93e59780449b4fc767d75857a0fa93a05c4d3beedcdb6a2d.tar.gz",
+ "deb://debian:buster:libc-l10n:2.28-10"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/latest/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Command Execution Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:latest",
+ "impact_path": [
+ "docker://jenkins/jenkins:latest",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/latest/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:48+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-146570",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary commands.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21345",
+ "https://x-stream.github.io/CVE-2021-21345.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Code Execution Weakness (2021-21350)",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:latest",
+ "impact_path": [
+ "docker://jenkins/jenkins:latest",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/latest/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:49+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-146575",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary code.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21350",
+ "https://x-stream.github.io/CVE-2021-21350.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "XStream Insecure Stream Deserialization Regular Expression Handling DoS Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:latest",
+ "impact_path": [
+ "docker://jenkins/jenkins:latest",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/latest/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:49+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-146573",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data and can cause the parsing of user-supplied data with an improper regular expression. This may allow a context-dependent attacker to slow down or hang a process linked against the library.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21348",
+ "https://x-stream.github.io/CVE-2021-21348.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-10086",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 7.3,
+ "summary": "In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-beanutils:commons-beanutils:1.9.3",
+ "impacted_artifact": "docker://jenkins/jenkins:latest",
+ "impact_path": [
+ "docker://jenkins/jenkins:latest",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://commons-beanutils:commons-beanutils:1.9.3"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/latest/",
+ "fixed_versions": [
+ "1.9.4"
+ ],
+ "published": "2019-08-22T19:58:17+10:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-86096",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.",
+ "references": [
+ "http://mail-archives.apache.org/mod_mbox/www-announce/201908.mbox/%3cC628798F-315D-4428-8CB1-4ED1ECC958E4@apache.org%3e"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Code Execution Weakness (2021-21347)",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:latest",
+ "impact_path": [
+ "docker://jenkins/jenkins:latest",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/latest/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:49+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-146572",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary code.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21347",
+ "https://x-stream.github.io/CVE-2021-21347.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Code Execution Weakness (2021-21351)",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:latest",
+ "impact_path": [
+ "docker://jenkins/jenkins:latest",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/latest/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:50+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-146576",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary code.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21351",
+ "https://x-stream.github.io/CVE-2021-21351.html",
+ "https://s.tencent.com/research/bsafe/1271.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.5,
+ "summary": "Java Native Access (JNA) Advapi32Util.registryGetValues() Method REG_SZ, REG_MULTI_SZ / REG_EXPAND_SZ Data Type Handling DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://net.java.dev.jna:jna:4.5.2",
+ "impacted_artifact": "docker://jenkins/jenkins:latest",
+ "impact_path": [
+ "docker://jenkins/jenkins:latest",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://org.jenkins-ci.plugins:pam-auth:1.5.1",
+ "gav://net.java.dev.jna:jna:4.5.2"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/latest/",
+ "fixed_versions": [
+ "5.0.0"
+ ],
+ "published": "2020-07-27T01:38:45+10:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-114349",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Java Native Access (JNA) contains a flaw in the Advapi32Util.registryGetValues() method that is triggered when handling a string with the REG_SZ, REG_MULTI_SZ or REG_EXPAND_SZ data types that is stored without properly null terminating characters. This may allow an attacker to crash the program.",
+ "references": [
+ "https://github.com/java-native-access/jna/commit/12493ba771a50fae7d6303e8b58b31eacf903327",
+ "https://github.com/java-native-access/jna/issues/340",
+ "https://github.com/java-native-access/jna/blob/master/CHANGES.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Code Execution Weakness (2021-29505)",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:latest",
+ "impact_path": [
+ "docker://jenkins/jenkins:latest",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/latest/",
+ "fixed_versions": [
+ "1.4.17"
+ ],
+ "published": "2021-05-19T02:57:32+10:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-175914",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary commands.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-29505",
+ "https://x-stream.github.io/CVE-2021-29505.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-1000027",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Pivotal Spring Framework 4.1.4 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication may be required.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.springframework:spring-web:5.2.12.RELEASE",
+ "impacted_artifact": "docker://jenkins/jenkins:latest",
+ "impact_path": [
+ "docker://jenkins/jenkins:latest",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://org.springframework:spring-web:5.2.12.RELEASE"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/latest/",
+ "fixed_versions": [
+ "5.3.0-M2",
+ "5.3.0"
+ ],
+ "published": "2020-10-04T19:14:47+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-125778",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Pivotal Spring Framework 4.1.4 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication may be required.",
+ "references": [
+ "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1000027",
+ "https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000027.json",
+ "https://security-tracker.debian.org/tracker/CVE-2016-1000027",
+ "https://www.tenable.com/security/research/tra-2016-20"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2014-0114",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "summary": "Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-beanutils:commons-beanutils:1.9.3",
+ "impacted_artifact": "docker://jenkins/jenkins:latest",
+ "impact_path": [
+ "docker://jenkins/jenkins:latest",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://commons-beanutils:commons-beanutils:1.9.3"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/latest/",
+ "fixed_versions": [
+ "1.9.4"
+ ],
+ "published": "2017-07-05T21:31:08+10:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-55616",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.",
+ "references": [
+ "http://advisories.mageia.org/MGASA-2014-0219.html",
+ "http://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.2/RELEASE-NOTES.txt",
+ "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136958.html",
+ "http://marc.info/?l=bugtraq\u0026m=140119284401582\u0026w=2",
+ "http://marc.info/?l=bugtraq\u0026m=140801096002766\u0026w=2",
+ "http://marc.info/?l=bugtraq\u0026m=141451023707502\u0026w=2",
+ "http://openwall.com/lists/oss-security/2014/06/15/10",
+ "http://openwall.com/lists/oss-security/2014/07/08/1",
+ "http://seclists.org/fulldisclosure/2014/Dec/23",
+ "http://secunia.com/advisories/57477",
+ "http://secunia.com/advisories/58710",
+ "http://secunia.com/advisories/58851",
+ "http://secunia.com/advisories/58947",
+ "http://secunia.com/advisories/59014",
+ "http://secunia.com/advisories/59118",
+ "http://secunia.com/advisories/59228",
+ "http://secunia.com/advisories/59245",
+ "http://secunia.com/advisories/59246",
+ "http://secunia.com/advisories/59430",
+ "http://secunia.com/advisories/59464",
+ "http://secunia.com/advisories/59479",
+ "http://secunia.com/advisories/59480",
+ "http://secunia.com/advisories/59704",
+ "http://secunia.com/advisories/59718",
+ "http://secunia.com/advisories/60177",
+ "http://secunia.com/advisories/60703",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21674128",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21674812",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675266",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675387",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675689",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675898",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675972",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676091",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676110",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676303",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676375",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676931",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21677110",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg27042296",
+ "http://www.debian.org/security/2014/dsa-2940",
+ "http://www.ibm.com/support/docview.wss?uid=swg21675496",
+ "http://www.mandriva.com/security/advisories?name=MDVSA-2014:095",
+ "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
+ "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
+ "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
+ "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
+ "http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded",
+ "http://www.securityfocus.com/bid/67121",
+ "http://www.vmware.com/security/advisories/VMSA-2014-0008.html",
+ "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
+ "https://access.redhat.com/solutions/869353",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1091938",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1116665",
+ "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755",
+ "https://issues.apache.org/jira/browse/BEANUTILS-463",
+ "https://security.gentoo.org/glsa/201607-09"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Code Execution Weakness (2021-21344)",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:latest",
+ "impact_path": [
+ "docker://jenkins/jenkins:latest",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/latest/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:48+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-146569",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary code.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21344",
+ "https://x-stream.github.io/CVE-2021-21344.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Apache Commons Compress archivers/zip/ZipFile.java ZipFile::readCentralDirectoryEntry() Function Uncaught Exception DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.commons:commons-compress:1.20",
+ "impacted_artifact": "docker://jenkins/jenkins:latest",
+ "impact_path": [
+ "docker://jenkins/jenkins:latest",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://org.apache.commons:commons-compress:1.20"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/latest/",
+ "fixed_versions": [],
+ "published": "2021-05-18T20:57:33+10:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-175855",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons Compress contains a flaw in the ZipFile::readCentralDirectoryEntry() function in main/java/org/apache/commons/compress/archivers/zip/ZipFile.java related to an uncaught exception. This may allow a context-dependent attacker to crash a process linked against the library.",
+ "references": [
+ "https://github.com/apache/commons-compress/commit/26924e96c7730db014c310757e11c9359db07f3e",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33786",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33507",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33462",
+ "https://github.com/apache/commons-compress/commit/882c6dd12473d7b615d503e08fd6b866d0f866d5"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Code Execution Weakness (2021-21346)",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:latest",
+ "impact_path": [
+ "docker://jenkins/jenkins:latest",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/latest/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:48+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-146571",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary code.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21346",
+ "https://x-stream.github.io/CVE-2021-21346.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc-bin:2.28-10",
+ "impacted_artifact": "docker://jenkins/jenkins:latest",
+ "impact_path": [
+ "docker://jenkins/jenkins:latest",
+ "generic://sha256:0ecb575e629cd60aa802266a3bc6847dcf4073aa2a6d7d43f717dd61e7b90e0b/sha256__0ecb575e629cd60aa802266a3bc6847dcf4073aa2a6d7d43f717dd61e7b90e0b.tar.gz",
+ "deb://debian:buster:libc-bin:2.28-10"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/latest/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Code Execution Weakness (2021-21351)",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:50+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-146576",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary code.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21351",
+ "https://x-stream.github.io/CVE-2021-21351.html",
+ "https://s.tencent.com/research/bsafe/1271.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc-l10n:2.28-10",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "generic://sha256:69979fa7a6b362ce93e59780449b4fc767d75857a0fa93a05c4d3beedcdb6a2d/sha256__69979fa7a6b362ce93e59780449b4fc767d75857a0fa93a05c4d3beedcdb6a2d.tar.gz",
+ "deb://debian:buster:libc-l10n:2.28-10"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.5,
+ "summary": "Java Native Access (JNA) Advapi32Util.registryGetValues() Method REG_SZ, REG_MULTI_SZ / REG_EXPAND_SZ Data Type Handling DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://net.java.dev.jna:jna:4.5.2",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://org.jenkins-ci.plugins:pam-auth:1.5.1",
+ "gav://net.java.dev.jna:jna:4.5.2"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9/",
+ "fixed_versions": [
+ "5.0.0"
+ ],
+ "published": "2020-07-27T01:38:45+10:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-114349",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Java Native Access (JNA) contains a flaw in the Advapi32Util.registryGetValues() method that is triggered when handling a string with the REG_SZ, REG_MULTI_SZ or REG_EXPAND_SZ data types that is stored without properly null terminating characters. This may allow an attacker to crash the program.",
+ "references": [
+ "https://github.com/java-native-access/jna/commit/12493ba771a50fae7d6303e8b58b31eacf903327",
+ "https://github.com/java-native-access/jna/issues/340",
+ "https://github.com/java-native-access/jna/blob/master/CHANGES.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:locales:2.28-10",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "generic://sha256:69979fa7a6b362ce93e59780449b4fc767d75857a0fa93a05c4d3beedcdb6a2d/sha256__69979fa7a6b362ce93e59780449b4fc767d75857a0fa93a05c4d3beedcdb6a2d.tar.gz",
+ "deb://debian:buster:locales:2.28-10"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Code Execution Weakness (2021-21350)",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:49+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-146575",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary code.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21350",
+ "https://x-stream.github.io/CVE-2021-21350.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc-bin:2.28-10",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "generic://sha256:0ecb575e629cd60aa802266a3bc6847dcf4073aa2a6d7d43f717dd61e7b90e0b/sha256__0ecb575e629cd60aa802266a3bc6847dcf4073aa2a6d7d43f717dd61e7b90e0b.tar.gz",
+ "deb://debian:buster:libc-bin:2.28-10"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Code Execution Weakness (2021-21344)",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:48+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-146569",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary code.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21344",
+ "https://x-stream.github.io/CVE-2021-21344.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-1000027",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Pivotal Spring Framework 4.1.4 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication may be required.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.springframework:spring-web:5.2.12.RELEASE",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://org.springframework:spring-web:5.2.12.RELEASE"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9/",
+ "fixed_versions": [
+ "5.3.0-M2",
+ "5.3.0"
+ ],
+ "published": "2020-10-04T19:14:47+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-125778",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Pivotal Spring Framework 4.1.4 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication may be required.",
+ "references": [
+ "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1000027",
+ "https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/1000xxx/CVE-2016-1000027.json",
+ "https://security-tracker.debian.org/tracker/CVE-2016-1000027",
+ "https://www.tenable.com/security/research/tra-2016-20"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2014-0114",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "summary": "Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-beanutils:commons-beanutils:1.9.3",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://commons-beanutils:commons-beanutils:1.9.3"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9/",
+ "fixed_versions": [
+ "1.9.4"
+ ],
+ "published": "2017-07-05T21:31:08+10:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-55616",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.",
+ "references": [
+ "http://advisories.mageia.org/MGASA-2014-0219.html",
+ "http://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.2/RELEASE-NOTES.txt",
+ "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136958.html",
+ "http://marc.info/?l=bugtraq\u0026m=140119284401582\u0026w=2",
+ "http://marc.info/?l=bugtraq\u0026m=140801096002766\u0026w=2",
+ "http://marc.info/?l=bugtraq\u0026m=141451023707502\u0026w=2",
+ "http://openwall.com/lists/oss-security/2014/06/15/10",
+ "http://openwall.com/lists/oss-security/2014/07/08/1",
+ "http://seclists.org/fulldisclosure/2014/Dec/23",
+ "http://secunia.com/advisories/57477",
+ "http://secunia.com/advisories/58710",
+ "http://secunia.com/advisories/58851",
+ "http://secunia.com/advisories/58947",
+ "http://secunia.com/advisories/59014",
+ "http://secunia.com/advisories/59118",
+ "http://secunia.com/advisories/59228",
+ "http://secunia.com/advisories/59245",
+ "http://secunia.com/advisories/59246",
+ "http://secunia.com/advisories/59430",
+ "http://secunia.com/advisories/59464",
+ "http://secunia.com/advisories/59479",
+ "http://secunia.com/advisories/59480",
+ "http://secunia.com/advisories/59704",
+ "http://secunia.com/advisories/59718",
+ "http://secunia.com/advisories/60177",
+ "http://secunia.com/advisories/60703",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21674128",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21674812",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675266",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675387",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675689",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675898",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675972",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676091",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676110",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676303",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676375",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676931",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21677110",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg27042296",
+ "http://www.debian.org/security/2014/dsa-2940",
+ "http://www.ibm.com/support/docview.wss?uid=swg21675496",
+ "http://www.mandriva.com/security/advisories?name=MDVSA-2014:095",
+ "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
+ "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
+ "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
+ "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
+ "http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded",
+ "http://www.securityfocus.com/bid/67121",
+ "http://www.vmware.com/security/advisories/VMSA-2014-0008.html",
+ "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
+ "https://access.redhat.com/solutions/869353",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1091938",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1116665",
+ "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755",
+ "https://issues.apache.org/jira/browse/BEANUTILS-463",
+ "https://security.gentoo.org/glsa/201607-09"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Apache Commons Compress archivers/zip/ZipFile.java ZipFile::readCentralDirectoryEntry() Function Uncaught Exception DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.commons:commons-compress:1.20",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://org.apache.commons:commons-compress:1.20"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9/",
+ "fixed_versions": [],
+ "published": "2021-05-18T20:57:33+10:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-175855",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons Compress contains a flaw in the ZipFile::readCentralDirectoryEntry() function in main/java/org/apache/commons/compress/archivers/zip/ZipFile.java related to an uncaught exception. This may allow a context-dependent attacker to crash a process linked against the library.",
+ "references": [
+ "https://github.com/apache/commons-compress/commit/26924e96c7730db014c310757e11c9359db07f3e",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33786",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33507",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33462",
+ "https://github.com/apache/commons-compress/commit/882c6dd12473d7b615d503e08fd6b866d0f866d5"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "XStream Insecure Stream Deserialization Regular Expression Handling DoS Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:49+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-146573",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data and can cause the parsing of user-supplied data with an improper regular expression. This may allow a context-dependent attacker to slow down or hang a process linked against the library.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21348",
+ "https://x-stream.github.io/CVE-2021-21348.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Code Execution Weakness (2021-21346)",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:48+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-146571",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary code.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21346",
+ "https://x-stream.github.io/CVE-2021-21346.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "XStream Insecure Stream Deserialization Infinite Loop CPU Consumption DoS Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:47+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-146566",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains an infinite loop condition that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to consume available CPU resources and hang a process linked against the library.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21341",
+ "https://x-stream.github.io/CVE-2021-21341.html",
+ "https://x-stream.github.io/changes.html#1.4.16"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Code Execution Weakness (2021-21347)",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:49+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-146572",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary code.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21347",
+ "https://x-stream.github.io/CVE-2021-21347.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Command Execution Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9/",
+ "fixed_versions": [
+ "1.4.16"
+ ],
+ "published": "2021-03-16T22:31:48+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-146570",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary commands.",
+ "references": [
+ "https://x-stream.github.io/changes.html#1.4.16",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-21345",
+ "https://x-stream.github.io/CVE-2021-21345.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 9.8,
+ "summary": "XStream Insecure Stream Deserialization Arbitrary Code Execution Weakness (2021-29505)",
+ "severity": "High",
+ "vulnerable_component": "gav://com.thoughtworks.xstream:xstream:1.4.15",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://com.thoughtworks.xstream:xstream:1.4.15"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9/",
+ "fixed_versions": [
+ "1.4.17"
+ ],
+ "published": "2021-05-19T02:57:32+10:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-175914",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XStream contains a flaw that is triggered when insecurely deserializing stream data. This may allow a context-dependent attacker to execute arbitrary commands.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-29505",
+ "https://x-stream.github.io/CVE-2021-29505.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-10086",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 7.3,
+ "summary": "In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-beanutils:commons-beanutils:1.9.3",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "generic://sha256:01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4/sha256__01220adeefd4d1f001b7e0ece8255da440f0f95d66862fa522d6b8f75d01b7b4.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.281",
+ "gav://commons-beanutils:commons-beanutils:1.9.3"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9/",
+ "fixed_versions": [
+ "1.9.4"
+ ],
+ "published": "2019-08-22T19:58:17+10:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-86096",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.",
+ "references": [
+ "http://mail-archives.apache.org/mod_mbox/www-announce/201908.mbox/%3cC628798F-315D-4428-8CB1-4ED1ECC958E4@apache.org%3e"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc6:2.28-10",
+ "impacted_artifact": "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "impact_path": [
+ "docker://jenkins/jenkins:sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9",
+ "generic://sha256:0ecb575e629cd60aa802266a3bc6847dcf4073aa2a6d7d43f717dd61e7b90e0b/sha256__0ecb575e629cd60aa802266a3bc6847dcf4073aa2a6d7d43f717dd61e7b90e0b.tar.gz",
+ "deb://debian:buster:libc6:2.28-10"
+ ],
+ "path": "dockerhub-remote/jenkins/jenkins/sha256__ae792926e42354238fcad1b8a0b6dfe4ed93f04d9472739200cc20a374cadbf9/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-03-02T16:25:54+11:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000487",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0.15",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:3.0.15",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:3.0.15"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/3.0.15/plexus-utils-3.0.15.jar",
+ "fixed_versions": [
+ "3.0.16"
+ ],
+ "published": "2019-06-10T18:42:32+10:00",
+ "artifact_scan_time": "2021-03-05T16:22:51+11:00",
+ "issue_id": "XRAY-83897",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1322",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522",
+ "https://www.debian.org/security/2018/dsa-4149",
+ "https://www.debian.org/security/2018/dsa-4146",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "Plexus-utils util/xml/XmlWriterUtil.java XmlWriterUtil::writeComment() Function Comment String Escape XML Injection Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0.15",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:3.0.15",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:3.0.15"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/3.0.15/plexus-utils-3.0.15.jar",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-09-15T21:14:39+10:00",
+ "artifact_scan_time": "2021-03-05T16:22:51+11:00",
+ "issue_id": "XRAY-88166",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils contains a flaw in the XmlWriterUtil::writeComment() function in util/xml/XmlWriterUtil.java that is triggered as comment strings are not properly sanitized. This may allow a context-dependent attacker to inject unexpected content through XML code and have an unspecified impact.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/issues/3",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "Apache Maven External Repository Validation Failure Arbitrary Code Execution",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.maven:maven-settings:3.0.1",
+ "impacted_artifact": "gav://org.apache.maven:maven-settings:3.0.1",
+ "impact_path": [
+ "gav://org.apache.maven:maven-settings:3.0.1"
+ ],
+ "path": "mavencentral-remote/org/apache/maven/maven-settings/3.0.1/maven-settings-3.0.1.jar",
+ "fixed_versions": [
+ "3.8.1"
+ ],
+ "published": "2021-04-14T16:59:26+10:00",
+ "artifact_scan_time": "2021-03-09T08:43:52+11:00",
+ "issue_id": "XRAY-172725",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Maven contains a flaw that is triggered as the program insecurely uses material from an insecure external repository by default. This may allow a remote attacker with control of a repository that is in use, to potentially inject and execute malicious code.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-26291",
+ "http://maven.apache.org/docs/3.8.1/release-notes.html",
+ "http://mail-archives.apache.org/mod_mbox/maven-announce/202104.mbox/%3CMailbird-0918dc43-dc18-4008-b83b-8bc8b1528177%40apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary smile/SmileParser.java Raw Binary Data Payload Handling Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2/sha256__0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-05-05T20:06:23+10:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-174966",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains a flaw in smile/SmileParser.java that is triggered as memory is improperly allocated when handling raw binary data payloads. This may allow a context-dependent attacker to exhaust available memory resources and potentially crash a process linked against the library.",
+ "references": [
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32180",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/260",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/57400266ce8af0105ed79fb576ac0c9cfe89e37b"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8492",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 6.5,
+ "summary": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-libs:1:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python-libs:1:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [],
+ "published": "2020-02-07T18:07:12+11:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-94468",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
+ "references": [
+ "https://security.netapp.com/advisory/ntap-20200221-0001/",
+ "https://bugs.python.org/issue39503",
+ "https://github.com/python/cpython/pull/18284",
+ "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-1000802",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python:7:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python:7:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [],
+ "published": "2019-11-29T04:40:00+11:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-92291",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.",
+ "references": [
+ "https://bugs.python.org/issue34540",
+ "https://github.com/python/cpython/pull/8985",
+ "https://github.com/python/cpython/pull/8985/commits/add531a1e55b0a739b0f42582f1c9747e5649ace",
+ "https://www.debian.org/security/2018/dsa-4306",
+ "https://mega.nz/#!JUFiCC4R!mq-jQ8ySFwIhX6WMDujaZuNBfttDVt7DETlfOIQE1ig",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
+ "https://usn.ubuntu.com/3817-1/",
+ "https://usn.ubuntu.com/3817-2/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-5827",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.8,
+ "summary": "CVE-2019-5827 chromium-browser: out-of-bounds access in SQLite",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:sqlite:19:3.7.17-8.el7_7.1",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:sqlite:19:3.7.17-8.el7_7.1"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [],
+ "published": "2020-07-13T04:04:32+10:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-109517",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
+ "references": [
+ "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-5382",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Bouncy Castle BKS version 1 keystore (BKS-V1) files use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS-V1 keystore. All BKS-V1 keystores are vulnerable. Bouncy Castle release 1.47 introduces BKS version 2, which uses a 160-bit MAC.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.netbeans.external:bcprov:RELEASE113",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2/sha256__0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2.tar.gz",
+ "gav://org.netbeans.external:bcprov:RELEASE113"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [
+ "1.47"
+ ],
+ "published": "2018-06-11T18:33:48+10:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-68665",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Bouncy Castle BKS version 1 keystore (BKS-V1) files use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS-V1 keystore. All BKS-V1 keystores are vulnerable. Bouncy Castle release 1.47 introduces BKS version 2, which uses a 160-bit MAC.",
+ "references": [
+ "http://www.securityfocus.com/bid/103453",
+ "https://www.bouncycastle.org/releasenotes.html",
+ "https://www.kb.cert.org/vuls/id/306792"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000158",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-libs:1:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python-libs:1:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [],
+ "published": "2019-11-27T03:47:03+11:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-92046",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)",
+ "references": [
+ "https://www.debian.org/security/2018/dsa-4307",
+ "https://security.gentoo.org/glsa/201805-02",
+ "https://bugs.python.org/issue30657",
+ "https://lists.debian.org/debian-lts-announce/2017/11/msg00035.html",
+ "https://lists.debian.org/debian-lts-announce/2017/11/msg00036.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
+ "http://www.securitytracker.com/id/1039890"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-1971",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference (important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:openssl-libs:16:1.0.2k-19.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:openssl-libs:16:1.0.2k-19.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:26+11:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-133959",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A null pointer dereference flaw was found in openssl. A remote attacker, able to control the arguments of the GENERAL_NAME_cmp function, could cause the application, compiled with openssl to crash resulting in a denial of service. The highest threat from this vulnerability is to system availability. STATEMENT: This is a flaw in the GENERAL_NAME_cmp function of openssl which can be triggered when both its arguments are of the same type i.e. EDIPARTYNAME. 1. Red Hat does not ship any applications compiled with openssl, which used the above function in a vulnerable way.2. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes, when comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate and when verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token). If an attacker can control both items being compared then that attacker could trigger a crash. For example, if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then a crash may be triggered.Third party applications compiled with openssl using the function GENERAL_NAME_cmp in a vulnerable way are affected by this flaw.GENERAL_NAME_cmp was added in 0.9.8k, therefore older versions of openssl are not affected by this flaw. MITIGATION: Applications not using the GENERAL_NAME_cmp of openssl are not vulnerable to this flaw. Even when this function is used, if the attacker can control both the arguments of this function, only then the attacker could trigger a crash.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-1971"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-3191",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 9.8,
+ "summary": "CVE-2016-3191 pcre: workspace overflow for (*ACCEPT) with deeply nested parentheses (8.39/13, 10.22/12)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:glib2:0:2.56.1-5.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:glib2:0:2.56.1-5.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [],
+ "published": "2020-07-13T04:18:05+10:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-111036",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "The compile_branch function in pcre_compile.c in PCRE 8.x before 8.39 and pcre2_compile.c in PCRE2 before 10.22 mishandles patterns containing an (*ACCEPT) substring in conjunction with nested parentheses, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-3542.",
+ "references": [],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2014-3215",
+ "cvss_v2_score": 6.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C"
+ }
+ ],
+ "cvss2_max_score": 6.9,
+ "summary": "CVE-2014-3215 policycoreutils: local privilege escalation via seunshare",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:libcap-ng:93:0.7.5-4.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:libcap-ng:93:0.7.5-4.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [],
+ "published": "2020-07-13T04:28:36+10:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-112349",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges by leveraging a program that mistakenly expected that it could permanently drop privileges.",
+ "references": [],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformat-cbor CBORParser.java CBORParser::_finishBytes() Function Object Field Name Parsing Memory Allocation Exception DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2/sha256__0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [],
+ "published": "2021-02-04T03:34:19+11:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-139421",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformat-cbor contains a flaw in the CBORParser::_finishBytes() function in CBORParser.java that is triggered as certain input is not properly validated when allocating memory for object field names. This may allow a context-dependent attacker to cause an out-of-memory exception, potentially resulting in a denial of service.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-28491",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/de072d314af8f5f269c8abec6930652af67bc8e6",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/186"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12049",
+ "cvss_v2_score": 4.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.9,
+ "cvss3_max_score": 6.5,
+ "summary": "RHSA-2020:2894: dbus security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:dbus-libs:0:1.10.24-14.el7_8",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:dbus-libs:0:1.10.24-14.el7_8"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [
+ "≥ 1:1.10.24-14.el7_8"
+ ],
+ "published": "2020-08-25T19:35:04+10:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-119766",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility.Security Fix(es):* dbus: denial of service via file descriptor leak (CVE-2020-12049)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2020:2894",
+ "https://access.redhat.com/security/cve/CVE-2020-12049"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12049",
+ "cvss_v2_score": 4.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.9,
+ "cvss3_max_score": 5.5,
+ "summary": "Red Hat Security Advisory: dbus security update",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:dbus:0:1.10.24-14.el7_8",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:dbus:0:1.10.24-14.el7_8"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [],
+ "published": "2020-07-14T14:04:08+10:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-113084",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "An update for dbus is now available for Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility.Security Fix(es):* dbus: denial of service via file descriptor leak (CVE-2020-12049)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2020:2894",
+ "https://access.redhat.com/security/updates/classification/#important"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.5,
+ "summary": "Netty AbstractDiskHttpData.delete() Function POST Request Handling File Deletion Memory Exhaustion Remote DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://io.netty:netty-codec-http:4.1.49.Final",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2/sha256__0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2.tar.gz",
+ "gav://io.netty:netty-codec-http:4.1.49.Final"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [
+ "4.1.53.Final"
+ ],
+ "published": "2020-10-28T01:16:36+11:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-127557",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Netty contains a flaw in the AbstractDiskHttpData.delete() function in handler/codec/http/multipart/AbstractDiskHttpData.java that is triggered as temporary file entries are added to the 'DeleteOnExitHook' object but not properly removed when processing POST requests that are 16 kB. This may allow a remote attacker to exhaust available memory resources, potentially resulting in a denial of service.",
+ "references": [
+ "https://github.com/netty/netty/pull/10560",
+ "https://github.com/netty/netty/issues/10351",
+ "https://github.com/netty/netty/commit/95ce1b95ea5679f826cdefcbaabb3b7c2d596100"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12049",
+ "cvss_v2_score": 4.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.9,
+ "cvss3_max_score": 6.5,
+ "summary": "RHSA-2020:2894: dbus security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:dbus:0:1.10.24-14.el7_8",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:dbus:0:1.10.24-14.el7_8"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [
+ "≥ 1:1.10.24-14.el7_8"
+ ],
+ "published": "2020-08-25T19:35:04+10:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-119766",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility.Security Fix(es):* dbus: denial of service via file descriptor leak (CVE-2020-12049)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2020:2894",
+ "https://access.redhat.com/security/cve/CVE-2020-12049"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary cbor/CBORParser.java CBORParser::_finishTextToken() Function Integer Overflow Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2/sha256__0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-05-05T20:06:23+10:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-174965",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains an integer overflow condition in the CBORParser::_finishTextToken() function in cbor/CBORParser.java that is triggered as certain input is not properly validated. This may allow a context-dependent attacker to exhaust available memory resources, potentially resulting in a denial of service.",
+ "references": [
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32173",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/259",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/f20cf23f35dd86427d0ef160d4c07c60d9ca7dcd"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2013-7338",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "summary": "Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python:7:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python:7:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [],
+ "published": "2019-11-27T22:47:00+11:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-92223",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.",
+ "references": [
+ "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
+ "http://www.securityfocus.com/bid/65179",
+ "http://bugs.python.org/issue20078",
+ "http://hg.python.org/cpython/rev/79ea4ce431b1",
+ "https://docs.python.org/3.3/whatsnew/changelog.html",
+ "https://support.apple.com/kb/HT205031",
+ "https://security.gentoo.org/glsa/201503-10",
+ "http://seclists.org/oss-sec/2014/q1/592",
+ "http://seclists.org/oss-sec/2014/q1/595",
+ "http://www.securitytracker.com/id/1029973",
+ "http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2015-8385",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "summary": "CVE-2015-8385 pcre: buffer overflow caused by named forward reference to duplicate group number (8.38/30)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:glib2:0:2.56.1-5.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:glib2:0:2.56.1-5.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [],
+ "published": "2020-07-13T04:19:05+10:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-111224",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "PCRE before 8.38 mishandles the /(?|(\\k'Pm')|(?'Pm'))/ pattern and related patterns with certain forward references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.",
+ "references": [],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary smile/SmileParser.java 7-bit Encoded Binary Data Payload Handling Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2/sha256__0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-05-05T20:06:23+10:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-174967",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains a flaw in smile/SmileParser.java that is triggered as memory is improperly allocated when handling 7-bit encoded binary data payloads. This may allow a context-dependent attacker to exhaust available memory resources and potentially crash a process linked against the library.",
+ "references": [
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/01b883505389ba693b430da6ccbbc77fb380c462",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/265",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/7229150e6297ad7f33fdce709447160748feec9d"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 8.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 8.5,
+ "cvss3_max_score": 8.2,
+ "summary": "FasterXML jackson-databind ext/DOMDeserializer.java DOMDeserializer Class XML External Entity (XXE) Expansion Remote Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2/sha256__0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [],
+ "published": "2020-10-15T22:39:55+11:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-126663",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains an XXE (Xml eXternal Entity) expansion flaw in the DOMDeserializer class in ext/DOMDeserializer.java that is triggered during the parsing of XML data. The issue is due to an incorrectly configured XML parser accepting XML external entities from an untrusted source. By sending specially crafted XML data, a remote attacker can potentially consume excessive system resources or disclose sensitive information.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-25649",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1887664",
+ "https://github.com/FasterXML/jackson-databind/issues/2589",
+ "https://github.com/FasterXML/jackson-databind/commit/e588f0af61b18576779ffb95a2a689a5eb1f9d15",
+ "https://github.com/FasterXML/jackson-databind/blob/jackson-databind-2.11.0/release-notes/VERSION-2.x",
+ "https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-1000802",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-libs:1:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python-libs:1:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [],
+ "published": "2019-11-29T04:40:00+11:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-92291",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.",
+ "references": [
+ "https://bugs.python.org/issue34540",
+ "https://github.com/python/cpython/pull/8985",
+ "https://github.com/python/cpython/pull/8985/commits/add531a1e55b0a739b0f42582f1c9747e5649ace",
+ "https://www.debian.org/security/2018/dsa-4306",
+ "https://mega.nz/#!JUFiCC4R!mq-jQ8ySFwIhX6WMDujaZuNBfttDVt7DETlfOIQE1ig",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
+ "https://usn.ubuntu.com/3817-1/",
+ "https://usn.ubuntu.com/3817-2/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27219",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss3_max_score": 9.8,
+ "summary": "CVE-2021-27219 glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:glib2:0:2.56.1-5.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:glib2:0:2.56.1-5.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [],
+ "published": "2021-03-17T00:26:15+11:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-146608",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: An integer wraparound was discovered in glib due to passing a 64 bits size value to function g_memdup() which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application linked against glib library uses g_bytes_new() function or possibly other functions that use g_memdup() underneath and accept a 64 bits argument as size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. STATEMENT: Applications that just use GBytes to access the data are affected by this flaw but the highest threat is to data confidentiality and/or the application availability, due to possible out-of-bounds reads. However, if the data in GBytes is taken through functions such as g_bytes_unref_to_data or g_bytes_unref_to_array it might be possible to have out-of-bounds writes due to the wrongly reported size of the buffer.Applications that use g_memdup to duplicate memory with user-controlled sizes should pay extra attention to the fact that g_memdup accepts a guint size instead of gsize. Thus directly passing a gsize value to g_memdup may results in integer truncation, allocating a buffer smaller than expected.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2021-27219"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "json-smart minidev/json/parser/JSONParserBase.java JSONParserBase::extractFloat() Function Improper Exception Handling DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://net.minidev:json-smart:2.3",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2/sha256__0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2.tar.gz",
+ "gav://net.minidev:json-smart:2.3"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [],
+ "published": "2021-02-24T20:04:52+11:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-141174",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "json-smart contains a flaw in the JSONParserBase::extractFloat() function in minidev/json/parser/JSONParserBase.java that is triggered as a NumberFormatException exception is not properly handled when parsing specially crafted float number values. This may allow a context-dependent attacker to crash a process using the library.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-27568",
+ "https://github.com/netplex/json-smart-v1/issues/7",
+ "https://github.com/netplex/json-smart-v2/issues/60"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8492",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 6.5,
+ "summary": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python:7:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python:7:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [],
+ "published": "2020-02-07T18:07:12+11:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-94468",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
+ "references": [
+ "https://security.netapp.com/advisory/ntap-20200221-0001/",
+ "https://bugs.python.org/issue39503",
+ "https://github.com/python/cpython/pull/18284",
+ "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000158",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python:7:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python:7:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [],
+ "published": "2019-11-27T03:47:03+11:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-92046",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)",
+ "references": [
+ "https://www.debian.org/security/2018/dsa-4307",
+ "https://security.gentoo.org/glsa/201805-02",
+ "https://bugs.python.org/issue30657",
+ "https://lists.debian.org/debian-lts-announce/2017/11/msg00035.html",
+ "https://lists.debian.org/debian-lts-announce/2017/11/msg00036.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
+ "http://www.securitytracker.com/id/1039890"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary SmileParser::nextToken() Function Smile Header Marker Recursion Handling Stack Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2/sha256__0daf89d8c88722c569f26facb467a21e38af75b34216a8950293b676c856a0e2.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-04-01T20:39:14+11:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-160666",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains a flaw in the SmileParser::nextToken() function in smile/src/main/java/com/fasterxml/jackson/dataformat/smile/SmileParser.java that is triggered as recursive function calls are not properly handled when processing a sequence or 4-byte Smile header markers. This may allow a context-dependent attacker to exhaust available stack space and crash a process linked against the library.",
+ "references": [
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/87683e346e732204c769c50166d812eaf62b5ed1",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32665",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/268"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2013-7338",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "summary": "Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-libs:1:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python-libs:1:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__9ddcb04b7b2e6a18b6c57b055b9af44daeb841efa014c0215beb37ed5d270556/",
+ "fixed_versions": [],
+ "published": "2019-11-27T22:47:00+11:00",
+ "artifact_scan_time": "2021-03-11T11:35:51+11:00",
+ "issue_id": "XRAY-92223",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.",
+ "references": [
+ "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
+ "http://www.securityfocus.com/bid/65179",
+ "http://bugs.python.org/issue20078",
+ "http://hg.python.org/cpython/rev/79ea4ce431b1",
+ "https://docs.python.org/3.3/whatsnew/changelog.html",
+ "https://support.apple.com/kb/HT205031",
+ "https://security.gentoo.org/glsa/201503-10",
+ "http://seclists.org/oss-sec/2014/q1/592",
+ "http://seclists.org/oss-sec/2014/q1/595",
+ "http://www.securitytracker.com/id/1029973",
+ "http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "RHSA-2021:1206: gnutls and nettle security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:gnutls:0:3.6.14-7.el8_3",
+ "impacted_artifact": "docker://eck/eck-operator:sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e",
+ "impact_path": [
+ "docker://eck/eck-operator:sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e",
+ "generic://sha256:a6b97b4963f5ace479dbf5bdc821bdb757de2aef502a39a19b236856827250d0/sha256__a6b97b4963f5ace479dbf5bdc821bdb757de2aef502a39a19b236856827250d0.tar.gz",
+ "rpm://8:gnutls:0:3.6.14-7.el8_3"
+ ],
+ "path": "elastic-docker-remote/eck/eck-operator/sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e/",
+ "fixed_versions": [
+ "≥ 0:3.6.14-8.el8_3"
+ ],
+ "published": "2021-04-22T04:15:52+10:00",
+ "artifact_scan_time": "2021-03-05T17:47:05+11:00",
+ "issue_id": "XRAY-173384",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.Security Fix(es):* nettle: Out of bounds memory access in signature verification (CVE-2021-20305)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2021:1206",
+ "https://access.redhat.com/security/cve/CVE-2021-20305"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3450",
+ "cvss_v2_score": 5.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 7.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"
+ },
+ {
+ "cve": "CVE-2021-3449",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.8,
+ "cvss3_max_score": 7.4,
+ "summary": "RHSA-2021:1024: openssl security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:openssl-libs:1:1.1.1g-12.el8_3",
+ "impacted_artifact": "docker://eck/eck-operator:sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e",
+ "impact_path": [
+ "docker://eck/eck-operator:sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e",
+ "generic://sha256:a6b97b4963f5ace479dbf5bdc821bdb757de2aef502a39a19b236856827250d0/sha256__a6b97b4963f5ace479dbf5bdc821bdb757de2aef502a39a19b236856827250d0.tar.gz",
+ "rpm://8:openssl-libs:1:1.1.1g-12.el8_3"
+ ],
+ "path": "elastic-docker-remote/eck/eck-operator/sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e/",
+ "fixed_versions": [
+ "≥ 1:1.1.1g-15.el8_3"
+ ],
+ "published": "2021-04-22T04:15:50+10:00",
+ "artifact_scan_time": "2021-03-05T17:47:05+11:00",
+ "issue_id": "XRAY-173376",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.Security Fix(es):* openssl: NULL pointer dereference in signature_algorithms processing (CVE-2021-3449)* openssl: CA certificate check bypass with X509_V_FLAG_X509_STRICT (CVE-2021-3450)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2021:1024",
+ "https://access.redhat.com/security/cve/CVE-2021-3449",
+ "https://access.redhat.com/security/cve/CVE-2021-3450"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "RHSA-2021:1206: gnutls and nettle security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:nettle:0:3.4.1-2.el8",
+ "impacted_artifact": "docker://eck/eck-operator:sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e",
+ "impact_path": [
+ "docker://eck/eck-operator:sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e",
+ "generic://sha256:a6b97b4963f5ace479dbf5bdc821bdb757de2aef502a39a19b236856827250d0/sha256__a6b97b4963f5ace479dbf5bdc821bdb757de2aef502a39a19b236856827250d0.tar.gz",
+ "rpm://8:nettle:0:3.4.1-2.el8"
+ ],
+ "path": "elastic-docker-remote/eck/eck-operator/sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e/",
+ "fixed_versions": [
+ "≥ 0:3.4.1-4.el8_3"
+ ],
+ "published": "2021-04-22T04:15:52+10:00",
+ "artifact_scan_time": "2021-03-05T17:47:05+11:00",
+ "issue_id": "XRAY-173384",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.Security Fix(es):* nettle: Out of bounds memory access in signature verification (CVE-2021-20305)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2021:1206",
+ "https://access.redhat.com/security/cve/CVE-2021-20305"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "CVE-2021-20305 nettle: Out of bounds memory access in signature verification",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:nettle:0:3.4.1-2.el8",
+ "impacted_artifact": "docker://eck/eck-operator:sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e",
+ "impact_path": [
+ "docker://eck/eck-operator:sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e",
+ "generic://sha256:a6b97b4963f5ace479dbf5bdc821bdb757de2aef502a39a19b236856827250d0/sha256__a6b97b4963f5ace479dbf5bdc821bdb757de2aef502a39a19b236856827250d0.tar.gz",
+ "rpm://8:nettle:0:3.4.1-2.el8"
+ ],
+ "path": "elastic-docker-remote/eck/eck-operator/sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e/",
+ "fixed_versions": [],
+ "published": "2021-04-01T21:08:25+11:00",
+ "artifact_scan_time": "2021-03-05T17:47:05+11:00",
+ "issue_id": "XRAY-160674",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "references": [
+ "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "RHSA-2021:1245: gnutls and nettle security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:nettle:0:3.4.1-2.el8",
+ "impacted_artifact": "docker://eck/eck-operator:sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e",
+ "impact_path": [
+ "docker://eck/eck-operator:sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e",
+ "generic://sha256:a6b97b4963f5ace479dbf5bdc821bdb757de2aef502a39a19b236856827250d0/sha256__a6b97b4963f5ace479dbf5bdc821bdb757de2aef502a39a19b236856827250d0.tar.gz",
+ "rpm://8:nettle:0:3.4.1-2.el8"
+ ],
+ "path": "elastic-docker-remote/eck/eck-operator/sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e/",
+ "fixed_versions": [
+ "≥ 0:3.4.1-2.el8_1"
+ ],
+ "published": "2021-04-22T03:06:04+10:00",
+ "artifact_scan_time": "2021-03-05T17:47:05+11:00",
+ "issue_id": "XRAY-173345",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.Security Fix(es):* nettle: Out of bounds memory access in signature verification (CVE-2021-20305)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2021:1245",
+ "https://access.redhat.com/security/cve/CVE-2021-20305"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "RHSA-2021:1246: gnutls and nettle security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:nettle:0:3.4.1-2.el8",
+ "impacted_artifact": "docker://eck/eck-operator:sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e",
+ "impact_path": [
+ "docker://eck/eck-operator:sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e",
+ "generic://sha256:a6b97b4963f5ace479dbf5bdc821bdb757de2aef502a39a19b236856827250d0/sha256__a6b97b4963f5ace479dbf5bdc821bdb757de2aef502a39a19b236856827250d0.tar.gz",
+ "rpm://8:nettle:0:3.4.1-2.el8"
+ ],
+ "path": "elastic-docker-remote/eck/eck-operator/sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e/",
+ "fixed_versions": [
+ "≥ 0:3.4.1-2.el8_2"
+ ],
+ "published": "2021-04-22T03:24:20+10:00",
+ "artifact_scan_time": "2021-03-05T17:47:05+11:00",
+ "issue_id": "XRAY-173361",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space.Security Fix(es):* nettle: Out of bounds memory access in signature verification (CVE-2021-20305)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2021:1246",
+ "https://access.redhat.com/security/cve/CVE-2021-20305"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27219",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss3_max_score": 9.8,
+ "summary": "CVE-2021-27219 glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:glib2:0:2.56.4-8.el8",
+ "impacted_artifact": "docker://eck/eck-operator:sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e",
+ "impact_path": [
+ "docker://eck/eck-operator:sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e",
+ "generic://sha256:a6b97b4963f5ace479dbf5bdc821bdb757de2aef502a39a19b236856827250d0/sha256__a6b97b4963f5ace479dbf5bdc821bdb757de2aef502a39a19b236856827250d0.tar.gz",
+ "rpm://8:glib2:0:2.56.4-8.el8"
+ ],
+ "path": "elastic-docker-remote/eck/eck-operator/sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e/",
+ "fixed_versions": [],
+ "published": "2021-03-17T00:26:15+11:00",
+ "artifact_scan_time": "2021-03-05T17:47:05+11:00",
+ "issue_id": "XRAY-146608",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: An integer wraparound was discovered in glib due to passing a 64 bits size value to function g_memdup() which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application linked against glib library uses g_bytes_new() function or possibly other functions that use g_memdup() underneath and accept a 64 bits argument as size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. STATEMENT: Applications that just use GBytes to access the data are affected by this flaw but the highest threat is to data confidentiality and/or the application availability, due to possible out-of-bounds reads. However, if the data in GBytes is taken through functions such as g_bytes_unref_to_data or g_bytes_unref_to_array it might be possible to have out-of-bounds writes due to the wrongly reported size of the buffer.Applications that use g_memdup to duplicate memory with user-controlled sizes should pay extra attention to the fact that g_memdup accepts a guint size instead of gsize. Thus directly passing a gsize value to g_memdup may results in integer truncation, allocating a buffer smaller than expected.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2021-27219"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "CVE-2021-20305 nettle: Out of bounds memory access in signature verification",
+ "severity": "High",
+ "vulnerable_component": "rpm://8:gnutls:0:3.6.14-7.el8_3",
+ "impacted_artifact": "docker://eck/eck-operator:sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e",
+ "impact_path": [
+ "docker://eck/eck-operator:sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e",
+ "generic://sha256:a6b97b4963f5ace479dbf5bdc821bdb757de2aef502a39a19b236856827250d0/sha256__a6b97b4963f5ace479dbf5bdc821bdb757de2aef502a39a19b236856827250d0.tar.gz",
+ "rpm://8:gnutls:0:3.6.14-7.el8_3"
+ ],
+ "path": "elastic-docker-remote/eck/eck-operator/sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e/",
+ "fixed_versions": [],
+ "published": "2021-04-01T21:08:25+11:00",
+ "artifact_scan_time": "2021-03-05T17:47:05+11:00",
+ "issue_id": "XRAY-160674",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "references": [
+ "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3121",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "severity": "High",
+ "vulnerable_component": "go://github.com/gogo/protobuf:1.3.1",
+ "impacted_artifact": "docker://eck/eck-operator:sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e",
+ "impact_path": [
+ "docker://eck/eck-operator:sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e",
+ "generic://sha256:06e04365fee7a20c55572ad9ddb60e10b499a66bb667f5d54593110eb3643ae8/sha256__06e04365fee7a20c55572ad9ddb60e10b499a66bb667f5d54593110eb3643ae8.tar.gz",
+ "generic://sha256:2d5c9582b45643e4545443e988846e395c6d2381bba853d24d5576cdf8cd8346/elastic-operator",
+ "go://github.com/gogo/protobuf:1.3.1"
+ ],
+ "path": "elastic-docker-remote/eck/eck-operator/sha256__0929401008dd8a92b7ecc74400426441aee277c9656777d2b881d14d50c9e90e/",
+ "fixed_versions": [
+ "1.3.2"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-03-05T17:47:05+11:00",
+ "issue_id": "XRAY-139136",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "references": [
+ "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E",
+ "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E",
+ "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2",
+ "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000487",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:1.5.1",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:1.5.1",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:1.5.1"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/1.5.1/plexus-utils-1.5.1.jar",
+ "fixed_versions": [
+ "3.0.16"
+ ],
+ "published": "2019-06-10T18:42:32+10:00",
+ "artifact_scan_time": "2021-03-09T08:46:51+11:00",
+ "issue_id": "XRAY-83897",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1322",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522",
+ "https://www.debian.org/security/2018/dsa-4149",
+ "https://www.debian.org/security/2018/dsa-4146",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000487",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:1.1",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:1.1",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:1.1"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/1.1/plexus-utils-1.1.jar",
+ "fixed_versions": [
+ "3.0.16"
+ ],
+ "published": "2019-06-10T18:42:32+10:00",
+ "artifact_scan_time": "2021-03-05T17:11:51+11:00",
+ "issue_id": "XRAY-83897",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1322",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522",
+ "https://www.debian.org/security/2018/dsa-4149",
+ "https://www.debian.org/security/2018/dsa-4146",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2013-7338",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "summary": "Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python:0:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:python:0:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [],
+ "published": "2019-11-27T22:47:00+11:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-92223",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.",
+ "references": [
+ "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
+ "http://www.securityfocus.com/bid/65179",
+ "http://bugs.python.org/issue20078",
+ "http://hg.python.org/cpython/rev/79ea4ce431b1",
+ "https://docs.python.org/3.3/whatsnew/changelog.html",
+ "https://support.apple.com/kb/HT205031",
+ "https://security.gentoo.org/glsa/201503-10",
+ "http://seclists.org/oss-sec/2014/q1/592",
+ "http://seclists.org/oss-sec/2014/q1/595",
+ "http://www.securitytracker.com/id/1029973",
+ "http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-5827",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.8,
+ "summary": "CVE-2019-5827 chromium-browser: out-of-bounds access in SQLite",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:sqlite:0:3.7.17-8.el7_7.1",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:sqlite:0:3.7.17-8.el7_7.1"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [],
+ "published": "2020-07-13T04:04:32+10:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-109517",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
+ "references": [
+ "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10716"
+ },
+ {
+ "cve": "CVE-2019-12086",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2019-10086",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ },
+ {
+ "cve": "CVE-2019-0231",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2017-17718",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 7.5,
+ "summary": "Red Hat Security Advisory: Satellite 6.7 release.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-pycurl:0:7.19.0-19.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:python-pycurl:0:7.19.0-19.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [],
+ "published": "2020-04-15T14:48:02+10:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-96265",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "An update is now available for Red Hat Satellite 6.7 for RHEL 7.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool.Security Fix(es):* apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086)* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)* mina-core: Retaining an open socket in close_notify SSL-TLS leading to Information disclosure (CVE-2019-0231)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Additional Changes:* Ansible Runner is now the default way to utilize Ansible for remote execution jobs.* Users now have the ability to log into hosts using the Web Console directly from the Satellite UI.* Azure has been added to the list of supported compute resources for provisioning along with many bug fixes for Google Compute, RHEV, VMWare, and Kubevirt.* Content views have been improved with many bug fixes, performance improvement, and the addition of filtering on modules.* Content syncing has been improved with many fixes, and the ability to add proxy definitions to each product in Satellite.* The installation process has been improved to include better tuning defaults and several other bug fixes. * Subscription Management has been improved with many bug fixes in Satellite, new reporting, as well as in the inventory upload plugin which allows customers to view their inventory in Subscription Watch at cloud.redhat.com* Security improvements ",
+ "references": [
+ "https://access.redhat.com/security/updates/classification/#important",
+ "https://access.redhat.com/errata/RHSA-2020:1454"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-3191",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 9.8,
+ "summary": "CVE-2016-3191 pcre: workspace overflow for (*ACCEPT) with deeply nested parentheses (8.39/13, 10.22/12)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:glib2:0:2.56.1-5.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:glib2:0:2.56.1-5.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [],
+ "published": "2020-07-13T04:18:05+10:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-111036",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "The compile_branch function in pcre_compile.c in PCRE 8.x before 8.39 and pcre2_compile.c in PCRE2 before 10.22 mishandles patterns containing an (*ACCEPT) substring in conjunction with nested parentheses, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-3542.",
+ "references": [],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000158",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-libs:0:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:python-libs:0:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [],
+ "published": "2019-11-27T03:47:03+11:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-92046",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)",
+ "references": [
+ "https://www.debian.org/security/2018/dsa-4307",
+ "https://security.gentoo.org/glsa/201805-02",
+ "https://bugs.python.org/issue30657",
+ "https://lists.debian.org/debian-lts-announce/2017/11/msg00035.html",
+ "https://lists.debian.org/debian-lts-announce/2017/11/msg00036.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
+ "http://www.securitytracker.com/id/1039890"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-9547",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-9546",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-7943",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2020-7238",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
+ },
+ {
+ "cve": "CVE-2020-5216",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 5.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N"
+ },
+ {
+ "cve": "CVE-2019-16782",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2019-12781",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2020-14380"
+ },
+ {
+ "cve": "CVE-2018-3258",
+ "cvss_v2_score": 6.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2018-11751",
+ "cvss_v2_score": 4.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:A/AC:L/Au:N/C:N/I:P/A:P",
+ "cvss_v3_score": 5.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"
+ },
+ {
+ "cve": "CVE-2020-10969",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-10968",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-9548",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-8161",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2020-5267",
+ "cvss_v2_score": 3.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:S/C:N/I:P/A:N",
+ "cvss_v3_score": 4.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"
+ },
+ {
+ "cve": "CVE-2020-14195",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-11619",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-8840",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-7942",
+ "cvss_v2_score": 4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:N/A:N",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2020-5217",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 5.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N"
+ },
+ {
+ "cve": "CVE-2020-14061",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-14062",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-10693",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
+ },
+ {
+ "cve": "CVE-2020-8184",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
+ },
+ {
+ "cve": "CVE-2020-7663",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ },
+ {
+ "cve": "CVE-2020-14334",
+ "cvss_v2_score": 4.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Red Hat Security Advisory: Satellite 6.8 release",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-pycurl:0:7.19.0-19.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:python-pycurl:0:7.19.0-19.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [],
+ "published": "2020-10-28T15:35:59+11:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-127577",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "An update is now available for Red Hat Satellite 6.8 for RHEL 7.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.Red Hat Satellite is a systems management tool for Linux-basedinfrastructure. It allows for provisioning, remote management, andmonitoring of multiple Linux deployments with a single centralized tool.Security Fix(es):* mysql-connector-java: Connector/J unspecified vulnerability (CPU October 2018) (CVE-2018-3258)* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)* rubygem-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser (CVE-2020-7663)* puppet: puppet server and puppetDB may leak sensitive information via metrics API (CVE-2020-7943)* jackson-databind: multiple serialization gadgets (CVE-2020-8840 CVE-2020-9546 CVE-2020-9547 CVE-2020-9548 CVE-2020-10968 CVE-2020-10969 CVE-2020-11619 CVE-2020-14061 CVE-2020-14062 CVE-2020-14195)* foreman: unauthorized cache read on RPM-based installations through local user (CVE-2020-14334)* Satellite: Local user impersonation by Single sign-on (SSO) user leads to account takeover (CVE-2020-14380)* Django: Incorrect HTTP detection with reverse-proxy connecting via HTTPS (CVE-2019-12781)* rubygem-rack: hijack sessions by using timing attacks targeting the session id (CVE-2019-16782)* rubygem-secure_headers: limited header injection when using dynamic overrides with user input (CVE-2020-5216)* rubygem-secure_headers: directive injection when using dynamic overrides with user input (CVE-2020-5217)* rubygem-actionview: views that use the `j` or `escape_javascript` methods are susceptible to XSS attacks (CVE-2020-5267)* puppet: Arbitrary catalog retrieval (CVE-2020-7942)* rubygem-rack: directory traversal in Rack::Directory (CVE-2020-8161)* rubygem-rack: percent-encoded cookies can be used to",
+ "references": [
+ "https://access.redhat.com/security/updates/classification/#important",
+ "https://access.redhat.com/errata/RHSA-2020:4366"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-1971",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "RHSA-2020:5623: openssl security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:openssl-libs:1:1.0.2k-19.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:openssl-libs:1:1.0.2k-19.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [
+ "≥ 1:1.0.2k-20.el7_7"
+ ],
+ "published": "2020-12-29T08:27:23+11:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-137500",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.Security Fix(es):* openssl: EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-1971",
+ "https://access.redhat.com/errata/RHSA-2020:5623"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8492",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 6.5,
+ "summary": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python:0:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:python:0:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [],
+ "published": "2020-02-07T18:07:12+11:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-94468",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
+ "references": [
+ "https://security.netapp.com/advisory/ntap-20200221-0001/",
+ "https://bugs.python.org/issue39503",
+ "https://github.com/python/cpython/pull/18284",
+ "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000158",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python:0:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:python:0:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [],
+ "published": "2019-11-27T03:47:03+11:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-92046",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)",
+ "references": [
+ "https://www.debian.org/security/2018/dsa-4307",
+ "https://security.gentoo.org/glsa/201805-02",
+ "https://bugs.python.org/issue30657",
+ "https://lists.debian.org/debian-lts-announce/2017/11/msg00035.html",
+ "https://lists.debian.org/debian-lts-announce/2017/11/msg00036.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
+ "http://www.securitytracker.com/id/1039890"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary cbor/CBORParser.java CBORParser::_finishTextToken() Function Integer Overflow Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b/sha256__71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-05-05T20:06:23+10:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-174965",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains an integer overflow condition in the CBORParser::_finishTextToken() function in cbor/CBORParser.java that is triggered as certain input is not properly validated. This may allow a context-dependent attacker to exhaust available memory resources, potentially resulting in a denial of service.",
+ "references": [
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32173",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/259",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/f20cf23f35dd86427d0ef160d4c07c60d9ca7dcd"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27219",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss3_max_score": 9.8,
+ "summary": "CVE-2021-27219 glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:glib2:0:2.56.1-5.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:glib2:0:2.56.1-5.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [],
+ "published": "2021-03-17T00:26:15+11:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-146608",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: An integer wraparound was discovered in glib due to passing a 64 bits size value to function g_memdup() which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application linked against glib library uses g_bytes_new() function or possibly other functions that use g_memdup() underneath and accept a 64 bits argument as size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. STATEMENT: Applications that just use GBytes to access the data are affected by this flaw but the highest threat is to data confidentiality and/or the application availability, due to possible out-of-bounds reads. However, if the data in GBytes is taken through functions such as g_bytes_unref_to_data or g_bytes_unref_to_array it might be possible to have out-of-bounds writes due to the wrongly reported size of the buffer.Applications that use g_memdup to duplicate memory with user-controlled sizes should pay extra attention to the fact that g_memdup accepts a guint size instead of gsize. Thus directly passing a gsize value to g_memdup may results in integer truncation, allocating a buffer smaller than expected.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2021-27219"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8492",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 6.5,
+ "summary": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-libs:0:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:python-libs:0:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [],
+ "published": "2020-02-07T18:07:12+11:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-94468",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
+ "references": [
+ "https://security.netapp.com/advisory/ntap-20200221-0001/",
+ "https://bugs.python.org/issue39503",
+ "https://github.com/python/cpython/pull/18284",
+ "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2015-8385",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "summary": "CVE-2015-8385 pcre: buffer overflow caused by named forward reference to duplicate group number (8.38/30)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:glib2:0:2.56.1-5.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:glib2:0:2.56.1-5.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [],
+ "published": "2020-07-13T04:19:05+10:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-111224",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "PCRE before 8.38 mishandles the /(?|(\\k'Pm')|(?'Pm'))/ pattern and related patterns with certain forward references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.",
+ "references": [],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-1000802",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-libs:0:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:python-libs:0:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [],
+ "published": "2019-11-29T04:40:00+11:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-92291",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.",
+ "references": [
+ "https://bugs.python.org/issue34540",
+ "https://github.com/python/cpython/pull/8985",
+ "https://github.com/python/cpython/pull/8985/commits/add531a1e55b0a739b0f42582f1c9747e5649ace",
+ "https://www.debian.org/security/2018/dsa-4306",
+ "https://mega.nz/#!JUFiCC4R!mq-jQ8ySFwIhX6WMDujaZuNBfttDVt7DETlfOIQE1ig",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
+ "https://usn.ubuntu.com/3817-1/",
+ "https://usn.ubuntu.com/3817-2/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.5,
+ "summary": "Netty AbstractDiskHttpData.delete() Function POST Request Handling File Deletion Memory Exhaustion Remote DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://io.netty:netty-codec-http:4.1.49.Final",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b/sha256__71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b.tar.gz",
+ "gav://io.netty:netty-codec-http:4.1.49.Final"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [
+ "4.1.53.Final"
+ ],
+ "published": "2020-10-28T01:16:36+11:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-127557",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Netty contains a flaw in the AbstractDiskHttpData.delete() function in handler/codec/http/multipart/AbstractDiskHttpData.java that is triggered as temporary file entries are added to the 'DeleteOnExitHook' object but not properly removed when processing POST requests that are 16 kB. This may allow a remote attacker to exhaust available memory resources, potentially resulting in a denial of service.",
+ "references": [
+ "https://github.com/netty/netty/pull/10560",
+ "https://github.com/netty/netty/issues/10351",
+ "https://github.com/netty/netty/commit/95ce1b95ea5679f826cdefcbaabb3b7c2d596100"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "json-smart minidev/json/parser/JSONParserBase.java JSONParserBase::extractFloat() Function Improper Exception Handling DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://net.minidev:json-smart:2.3",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b/sha256__71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b.tar.gz",
+ "gav://net.minidev:json-smart:2.3"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [],
+ "published": "2021-02-24T20:04:52+11:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-141174",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "json-smart contains a flaw in the JSONParserBase::extractFloat() function in minidev/json/parser/JSONParserBase.java that is triggered as a NumberFormatException exception is not properly handled when parsing specially crafted float number values. This may allow a context-dependent attacker to crash a process using the library.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-27568",
+ "https://github.com/netplex/json-smart-v1/issues/7",
+ "https://github.com/netplex/json-smart-v2/issues/60"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary smile/SmileParser.java 7-bit Encoded Binary Data Payload Handling Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b/sha256__71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-05-05T20:06:23+10:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-174967",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains a flaw in smile/SmileParser.java that is triggered as memory is improperly allocated when handling 7-bit encoded binary data payloads. This may allow a context-dependent attacker to exhaust available memory resources and potentially crash a process linked against the library.",
+ "references": [
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/01b883505389ba693b430da6ccbbc77fb380c462",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/265",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/7229150e6297ad7f33fdce709447160748feec9d"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8625",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "RHSA-2021:0671: bind security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:bind-license:32:9.11.4-16.P2.el7_8.6",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:bind-license:32:9.11.4-16.P2.el7_8.6"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [
+ "≥ 32:9.11.4-26.P2.el7_9.4"
+ ],
+ "published": "2021-03-08T08:29:31+11:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-141795",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.Security Fix(es):* bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation (CVE-2020-8625)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-8625",
+ "https://access.redhat.com/errata/RHSA-2021:0671"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-1971",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference (important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:openssl-libs:1:1.0.2k-19.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:openssl-libs:1:1.0.2k-19.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:26+11:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-133959",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A null pointer dereference flaw was found in openssl. A remote attacker, able to control the arguments of the GENERAL_NAME_cmp function, could cause the application, compiled with openssl to crash resulting in a denial of service. The highest threat from this vulnerability is to system availability. STATEMENT: This is a flaw in the GENERAL_NAME_cmp function of openssl which can be triggered when both its arguments are of the same type i.e. EDIPARTYNAME. 1. Red Hat does not ship any applications compiled with openssl, which used the above function in a vulnerable way.2. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes, when comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate and when verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token). If an attacker can control both items being compared then that attacker could trigger a crash. For example, if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then a crash may be triggered.Third party applications compiled with openssl using the function GENERAL_NAME_cmp in a vulnerable way are affected by this flaw.GENERAL_NAME_cmp was added in 0.9.8k, therefore older versions of openssl are not affected by this flaw. MITIGATION: Applications not using the GENERAL_NAME_cmp of openssl are not vulnerable to this flaw. Even when this function is used, if the attacker can control both the arguments of this function, only then the attacker could trigger a crash.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-1971"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformat-cbor CBORParser.java CBORParser::_finishBytes() Function Object Field Name Parsing Memory Allocation Exception DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b/sha256__71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [],
+ "published": "2021-02-04T03:34:19+11:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-139421",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformat-cbor contains a flaw in the CBORParser::_finishBytes() function in CBORParser.java that is triggered as certain input is not properly validated when allocating memory for object field names. This may allow a context-dependent attacker to cause an out-of-memory exception, potentially resulting in a denial of service.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-28491",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/de072d314af8f5f269c8abec6930652af67bc8e6",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/186"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-1000802",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python:0:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:python:0:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [],
+ "published": "2019-11-29T04:40:00+11:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-92291",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.",
+ "references": [
+ "https://bugs.python.org/issue34540",
+ "https://github.com/python/cpython/pull/8985",
+ "https://github.com/python/cpython/pull/8985/commits/add531a1e55b0a739b0f42582f1c9747e5649ace",
+ "https://www.debian.org/security/2018/dsa-4306",
+ "https://mega.nz/#!JUFiCC4R!mq-jQ8ySFwIhX6WMDujaZuNBfttDVt7DETlfOIQE1ig",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
+ "https://usn.ubuntu.com/3817-1/",
+ "https://usn.ubuntu.com/3817-2/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2014-3215",
+ "cvss_v2_score": 6.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C"
+ }
+ ],
+ "cvss2_max_score": 6.9,
+ "summary": "CVE-2014-3215 policycoreutils: local privilege escalation via seunshare",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:libcap-ng:0:0.7.5-4.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:libcap-ng:0:0.7.5-4.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [],
+ "published": "2020-07-13T04:28:36+10:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-112349",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges by leveraging a program that mistakenly expected that it could permanently drop privileges.",
+ "references": [],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-1971",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "RHSA-2020:5566: openssl security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:openssl-libs:1:1.0.2k-19.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:openssl-libs:1:1.0.2k-19.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [
+ "≥ 1:1.0.2k-21.el7_9"
+ ],
+ "published": "2020-12-29T07:09:45+11:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-137484",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.Security Fix(es):* openssl: EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-1971",
+ "https://access.redhat.com/errata/RHSA-2020:5566"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary smile/SmileParser.java Raw Binary Data Payload Handling Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b/sha256__71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-05-05T20:06:23+10:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-174966",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains a flaw in smile/SmileParser.java that is triggered as memory is improperly allocated when handling raw binary data payloads. This may allow a context-dependent attacker to exhaust available memory resources and potentially crash a process linked against the library.",
+ "references": [
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32180",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/260",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/57400266ce8af0105ed79fb576ac0c9cfe89e37b"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10716"
+ },
+ {
+ "cve": "CVE-2019-12086",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2019-10086",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ },
+ {
+ "cve": "CVE-2019-0231",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2017-17718",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 7.5,
+ "summary": "Red Hat Security Advisory: Satellite 6.7 release.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-chardet:0:2.2.1-3.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:python-chardet:0:2.2.1-3.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [],
+ "published": "2020-04-15T14:48:02+10:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-96265",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "An update is now available for Red Hat Satellite 6.7 for RHEL 7.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool.Security Fix(es):* apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086)* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)* mina-core: Retaining an open socket in close_notify SSL-TLS leading to Information disclosure (CVE-2019-0231)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Additional Changes:* Ansible Runner is now the default way to utilize Ansible for remote execution jobs.* Users now have the ability to log into hosts using the Web Console directly from the Satellite UI.* Azure has been added to the list of supported compute resources for provisioning along with many bug fixes for Google Compute, RHEV, VMWare, and Kubevirt.* Content views have been improved with many bug fixes, performance improvement, and the addition of filtering on modules.* Content syncing has been improved with many fixes, and the ability to add proxy definitions to each product in Satellite.* The installation process has been improved to include better tuning defaults and several other bug fixes. * Subscription Management has been improved with many bug fixes in Satellite, new reporting, as well as in the inventory upload plugin which allows customers to view their inventory in Subscription Watch at cloud.redhat.com* Security improvements ",
+ "references": [
+ "https://access.redhat.com/security/updates/classification/#important",
+ "https://access.redhat.com/errata/RHSA-2020:1454"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 8.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 8.5,
+ "cvss3_max_score": 8.2,
+ "summary": "FasterXML jackson-databind ext/DOMDeserializer.java DOMDeserializer Class XML External Entity (XXE) Expansion Remote Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b/sha256__71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [],
+ "published": "2020-10-15T22:39:55+11:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-126663",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains an XXE (Xml eXternal Entity) expansion flaw in the DOMDeserializer class in ext/DOMDeserializer.java that is triggered during the parsing of XML data. The issue is due to an incorrectly configured XML parser accepting XML external entities from an untrusted source. By sending specially crafted XML data, a remote attacker can potentially consume excessive system resources or disclose sensitive information.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-25649",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1887664",
+ "https://github.com/FasterXML/jackson-databind/issues/2589",
+ "https://github.com/FasterXML/jackson-databind/commit/e588f0af61b18576779ffb95a2a689a5eb1f9d15",
+ "https://github.com/FasterXML/jackson-databind/blob/jackson-databind-2.11.0/release-notes/VERSION-2.x",
+ "https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary SmileParser::nextToken() Function Smile Header Marker Recursion Handling Stack Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b/sha256__71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-04-01T20:39:14+11:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-160666",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains a flaw in the SmileParser::nextToken() function in smile/src/main/java/com/fasterxml/jackson/dataformat/smile/SmileParser.java that is triggered as recursive function calls are not properly handled when processing a sequence or 4-byte Smile header markers. This may allow a context-dependent attacker to exhaust available stack space and crash a process linked against the library.",
+ "references": [
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/87683e346e732204c769c50166d812eaf62b5ed1",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32665",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/268"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2013-7338",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "summary": "Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-libs:0:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:python-libs:0:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [],
+ "published": "2019-11-27T22:47:00+11:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-92223",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.",
+ "references": [
+ "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
+ "http://www.securityfocus.com/bid/65179",
+ "http://bugs.python.org/issue20078",
+ "http://hg.python.org/cpython/rev/79ea4ce431b1",
+ "https://docs.python.org/3.3/whatsnew/changelog.html",
+ "https://support.apple.com/kb/HT205031",
+ "https://security.gentoo.org/glsa/201503-10",
+ "http://seclists.org/oss-sec/2014/q1/592",
+ "http://seclists.org/oss-sec/2014/q1/595",
+ "http://www.securitytracker.com/id/1029973",
+ "http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-9547",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-9546",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-7943",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2020-7238",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
+ },
+ {
+ "cve": "CVE-2020-5216",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 5.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N"
+ },
+ {
+ "cve": "CVE-2019-16782",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2019-12781",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2020-14380"
+ },
+ {
+ "cve": "CVE-2018-3258",
+ "cvss_v2_score": 6.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2018-11751",
+ "cvss_v2_score": 4.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:A/AC:L/Au:N/C:N/I:P/A:P",
+ "cvss_v3_score": 5.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"
+ },
+ {
+ "cve": "CVE-2020-10969",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-10968",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-9548",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-8161",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2020-5267",
+ "cvss_v2_score": 3.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:S/C:N/I:P/A:N",
+ "cvss_v3_score": 4.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"
+ },
+ {
+ "cve": "CVE-2020-14195",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-11619",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-8840",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-7942",
+ "cvss_v2_score": 4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:N/A:N",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2020-5217",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 5.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N"
+ },
+ {
+ "cve": "CVE-2020-14061",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-14062",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-10693",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
+ },
+ {
+ "cve": "CVE-2020-8184",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
+ },
+ {
+ "cve": "CVE-2020-7663",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ },
+ {
+ "cve": "CVE-2020-14334",
+ "cvss_v2_score": 4.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Red Hat Security Advisory: Satellite 6.8 release",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-chardet:0:2.2.1-3.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:python-chardet:0:2.2.1-3.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [],
+ "published": "2020-10-28T15:35:59+11:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-127577",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "An update is now available for Red Hat Satellite 6.8 for RHEL 7.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.Red Hat Satellite is a systems management tool for Linux-basedinfrastructure. It allows for provisioning, remote management, andmonitoring of multiple Linux deployments with a single centralized tool.Security Fix(es):* mysql-connector-java: Connector/J unspecified vulnerability (CPU October 2018) (CVE-2018-3258)* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)* rubygem-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser (CVE-2020-7663)* puppet: puppet server and puppetDB may leak sensitive information via metrics API (CVE-2020-7943)* jackson-databind: multiple serialization gadgets (CVE-2020-8840 CVE-2020-9546 CVE-2020-9547 CVE-2020-9548 CVE-2020-10968 CVE-2020-10969 CVE-2020-11619 CVE-2020-14061 CVE-2020-14062 CVE-2020-14195)* foreman: unauthorized cache read on RPM-based installations through local user (CVE-2020-14334)* Satellite: Local user impersonation by Single sign-on (SSO) user leads to account takeover (CVE-2020-14380)* Django: Incorrect HTTP detection with reverse-proxy connecting via HTTPS (CVE-2019-12781)* rubygem-rack: hijack sessions by using timing attacks targeting the session id (CVE-2019-16782)* rubygem-secure_headers: limited header injection when using dynamic overrides with user input (CVE-2020-5216)* rubygem-secure_headers: directive injection when using dynamic overrides with user input (CVE-2020-5217)* rubygem-actionview: views that use the `j` or `escape_javascript` methods are susceptible to XSS attacks (CVE-2020-5267)* puppet: Arbitrary catalog retrieval (CVE-2020-7942)* rubygem-rack: directory traversal in Rack::Directory (CVE-2020-8161)* rubygem-rack: percent-encoded cookies can be used to",
+ "references": [
+ "https://access.redhat.com/security/updates/classification/#important",
+ "https://access.redhat.com/errata/RHSA-2020:4366"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-5382",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Bouncy Castle BKS version 1 keystore (BKS-V1) files use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS-V1 keystore. All BKS-V1 keystores are vulnerable. Bouncy Castle release 1.47 introduces BKS version 2, which uses a 160-bit MAC.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.netbeans.external:bcprov:RELEASE113",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6",
+ "generic://sha256:71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b/sha256__71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b.tar.gz",
+ "gav://org.netbeans.external:bcprov:RELEASE113"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/sha256__75eb8112f5c51ac421cf5bb68d72f5a46720a38dc39f4c19c653b1439a9229f6/",
+ "fixed_versions": [
+ "1.47"
+ ],
+ "published": "2018-06-11T18:33:48+10:00",
+ "artifact_scan_time": "2021-03-11T11:32:51+11:00",
+ "issue_id": "XRAY-68665",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Bouncy Castle BKS version 1 keystore (BKS-V1) files use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS-V1 keystore. All BKS-V1 keystores are vulnerable. Bouncy Castle release 1.47 introduces BKS version 2, which uses a 160-bit MAC.",
+ "references": [
+ "http://www.securityfocus.com/bid/103453",
+ "https://www.bouncycastle.org/releasenotes.html",
+ "https://www.kb.cert.org/vuls/id/306792"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "Apache Maven External Repository Validation Failure Arbitrary Code Execution",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.maven:maven-settings:3.0",
+ "impacted_artifact": "gav://org.apache.maven:maven-settings:3.0",
+ "impact_path": [
+ "gav://org.apache.maven:maven-settings:3.0"
+ ],
+ "path": "mavencentral-remote/org/apache/maven/maven-settings/3.0/maven-settings-3.0.jar",
+ "fixed_versions": [
+ "3.8.1"
+ ],
+ "published": "2021-04-14T16:59:26+10:00",
+ "artifact_scan_time": "2020-10-21T17:23:06+11:00",
+ "issue_id": "XRAY-172725",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Maven contains a flaw that is triggered as the program insecurely uses material from an insecure external repository by default. This may allow a remote attacker with control of a repository that is in use, to potentially inject and execute malicious code.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-26291",
+ "http://maven.apache.org/docs/3.8.1/release-notes.html",
+ "http://mail-archives.apache.org/mod_mbox/maven-announce/202104.mbox/%3CMailbird-0918dc43-dc18-4008-b83b-8bc8b1528177%40apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000487",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:2.0.4",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:2.0.4",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:2.0.4"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/2.0.4/plexus-utils-2.0.4.jar",
+ "fixed_versions": [
+ "3.0.16"
+ ],
+ "published": "2019-06-10T18:42:32+10:00",
+ "artifact_scan_time": "2020-10-21T17:24:06+11:00",
+ "issue_id": "XRAY-83897",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1322",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522",
+ "https://www.debian.org/security/2018/dsa-4149",
+ "https://www.debian.org/security/2018/dsa-4146",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "Plexus-utils util/xml/XmlWriterUtil.java XmlWriterUtil::writeComment() Function Comment String Escape XML Injection Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:2.0.4",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:2.0.4",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:2.0.4"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/2.0.4/plexus-utils-2.0.4.jar",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-09-15T21:14:39+10:00",
+ "artifact_scan_time": "2020-10-21T17:24:06+11:00",
+ "issue_id": "XRAY-88166",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils contains a flaw in the XmlWriterUtil::writeComment() function in util/xml/XmlWriterUtil.java that is triggered as comment strings are not properly sanitized. This may allow a context-dependent attacker to inject unexpected content through XML code and have an unspecified impact.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/issues/3",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Apache Commons Compress archivers/zip/ZipFile.java ZipFile::readCentralDirectoryEntry() Function Uncaught Exception DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.commons:commons-compress:1.20",
+ "impacted_artifact": "gav://org.apache.commons:commons-compress:1.20",
+ "impact_path": [
+ "gav://org.apache.commons:commons-compress:1.20"
+ ],
+ "path": "mavencentral-remote/org/apache/commons/commons-compress/1.20/commons-compress-1.20.jar",
+ "fixed_versions": [],
+ "published": "2021-05-18T20:57:33+10:00",
+ "artifact_scan_time": "2020-10-21T17:27:12+11:00",
+ "issue_id": "XRAY-175855",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons Compress contains a flaw in the ZipFile::readCentralDirectoryEntry() function in main/java/org/apache/commons/compress/archivers/zip/ZipFile.java related to an uncaught exception. This may allow a context-dependent attacker to crash a process linked against the library.",
+ "references": [
+ "https://github.com/apache/commons-compress/commit/26924e96c7730db014c310757e11c9359db07f3e",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33786",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33507",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33462",
+ "https://github.com/apache/commons-compress/commit/882c6dd12473d7b615d503e08fd6b866d0f866d5"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Apache Commons IO input/InfiniteCircularInputStream.java InfiniteCircularInputStream::read() Function Buffer Handling Divide-by-zero DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-io:commons-io:2.6",
+ "impacted_artifact": "gav://commons-io:commons-io:2.6",
+ "impact_path": [
+ "gav://commons-io:commons-io:2.6"
+ ],
+ "path": "mavencentral-remote/commons-io/commons-io/2.6/commons-io-2.6.jar",
+ "fixed_versions": [
+ "2.8.0"
+ ],
+ "published": "2020-09-27T18:46:21+10:00",
+ "artifact_scan_time": "2020-10-21T17:27:07+11:00",
+ "issue_id": "XRAY-125253",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons IO contains a divide-by-zero condition in the InfiniteCircularInputStream::read() function in input/InfiniteCircularInputStream.java that is triggered when the input buffer is of size 0. This may allow a context-dependent attacker to crash a process linked against the library.",
+ "references": [
+ "https://github.com/apache/commons-io/commit/0de91c048fb575b9e7906e966a4428574fd03695",
+ "https://github.com/apache/commons-io/commit/97ae01c95837f50a2e9be34c370b271c4d8fc88b",
+ "https://issues.apache.org/jira/browse/IO-675",
+ "https://commons.apache.org/proper/commons-io/changes-report.html#a2.8.0"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "Apache Maven External Repository Validation Failure Arbitrary Code Execution",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.maven:maven-compat:3.0",
+ "impacted_artifact": "gav://org.apache.maven:maven-compat:3.0",
+ "impact_path": [
+ "gav://org.apache.maven:maven-compat:3.0"
+ ],
+ "path": "mavencentral-remote/org/apache/maven/maven-compat/3.0/maven-compat-3.0.jar",
+ "fixed_versions": [
+ "3.8.1"
+ ],
+ "published": "2021-04-14T16:59:26+10:00",
+ "artifact_scan_time": "2020-10-21T17:27:12+11:00",
+ "issue_id": "XRAY-172725",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Maven contains a flaw that is triggered as the program insecurely uses material from an insecure external repository by default. This may allow a remote attacker with control of a repository that is in use, to potentially inject and execute malicious code.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-26291",
+ "http://maven.apache.org/docs/3.8.1/release-notes.html",
+ "http://mail-archives.apache.org/mod_mbox/maven-announce/202104.mbox/%3CMailbird-0918dc43-dc18-4008-b83b-8bc8b1528177%40apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2014-0114",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "summary": "Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-beanutils:commons-beanutils:1.7.0",
+ "impacted_artifact": "gav://commons-beanutils:commons-beanutils:1.7.0",
+ "impact_path": [
+ "gav://commons-beanutils:commons-beanutils:1.7.0"
+ ],
+ "path": "mavencentral-remote/commons-beanutils/commons-beanutils/1.7.0/commons-beanutils-1.7.0.jar",
+ "fixed_versions": [
+ "1.9.4"
+ ],
+ "published": "2017-07-05T21:31:08+10:00",
+ "artifact_scan_time": "2020-10-21T17:27:09+11:00",
+ "issue_id": "XRAY-55616",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.",
+ "references": [
+ "http://advisories.mageia.org/MGASA-2014-0219.html",
+ "http://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.2/RELEASE-NOTES.txt",
+ "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136958.html",
+ "http://marc.info/?l=bugtraq\u0026m=140119284401582\u0026w=2",
+ "http://marc.info/?l=bugtraq\u0026m=140801096002766\u0026w=2",
+ "http://marc.info/?l=bugtraq\u0026m=141451023707502\u0026w=2",
+ "http://openwall.com/lists/oss-security/2014/06/15/10",
+ "http://openwall.com/lists/oss-security/2014/07/08/1",
+ "http://seclists.org/fulldisclosure/2014/Dec/23",
+ "http://secunia.com/advisories/57477",
+ "http://secunia.com/advisories/58710",
+ "http://secunia.com/advisories/58851",
+ "http://secunia.com/advisories/58947",
+ "http://secunia.com/advisories/59014",
+ "http://secunia.com/advisories/59118",
+ "http://secunia.com/advisories/59228",
+ "http://secunia.com/advisories/59245",
+ "http://secunia.com/advisories/59246",
+ "http://secunia.com/advisories/59430",
+ "http://secunia.com/advisories/59464",
+ "http://secunia.com/advisories/59479",
+ "http://secunia.com/advisories/59480",
+ "http://secunia.com/advisories/59704",
+ "http://secunia.com/advisories/59718",
+ "http://secunia.com/advisories/60177",
+ "http://secunia.com/advisories/60703",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21674128",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21674812",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675266",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675387",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675689",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675898",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675972",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676091",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676110",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676303",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676375",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676931",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21677110",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg27042296",
+ "http://www.debian.org/security/2014/dsa-2940",
+ "http://www.ibm.com/support/docview.wss?uid=swg21675496",
+ "http://www.mandriva.com/security/advisories?name=MDVSA-2014:095",
+ "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
+ "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
+ "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
+ "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
+ "http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded",
+ "http://www.securityfocus.com/bid/67121",
+ "http://www.vmware.com/security/advisories/VMSA-2014-0008.html",
+ "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
+ "https://access.redhat.com/solutions/869353",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1091938",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1116665",
+ "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755",
+ "https://issues.apache.org/jira/browse/BEANUTILS-463",
+ "https://security.gentoo.org/glsa/201607-09"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-10086",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 7.3,
+ "summary": "In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-beanutils:commons-beanutils:1.7.0",
+ "impacted_artifact": "gav://commons-beanutils:commons-beanutils:1.7.0",
+ "impact_path": [
+ "gav://commons-beanutils:commons-beanutils:1.7.0"
+ ],
+ "path": "mavencentral-remote/commons-beanutils/commons-beanutils/1.7.0/commons-beanutils-1.7.0.jar",
+ "fixed_versions": [
+ "1.9.4"
+ ],
+ "published": "2019-08-22T19:58:17+10:00",
+ "artifact_scan_time": "2020-10-21T17:27:09+11:00",
+ "issue_id": "XRAY-86096",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.",
+ "references": [
+ "http://mail-archives.apache.org/mod_mbox/www-announce/201908.mbox/%3cC628798F-315D-4428-8CB1-4ED1ECC958E4@apache.org%3e"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10683",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "dom4j before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.",
+ "severity": "High",
+ "vulnerable_component": "gav://dom4j:dom4j:1.1",
+ "impacted_artifact": "gav://dom4j:dom4j:1.1",
+ "impact_path": [
+ "gav://dom4j:dom4j:1.1"
+ ],
+ "path": "mavencentral-remote/dom4j/dom4j/1.1/dom4j-1.1.jar",
+ "fixed_versions": [],
+ "published": "2020-05-04T01:33:58+10:00",
+ "artifact_scan_time": "2020-10-21T17:27:10+11:00",
+ "issue_id": "XRAY-97250",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "dom4j before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.",
+ "references": [
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1694235",
+ "https://github.com/dom4j/dom4j/releases/tag/version-2.1.3",
+ "https://github.com/dom4j/dom4j/commit/a8228522a99a02146106672a34c104adbda5c658"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000487",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:1.5.15",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:1.5.15",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:1.5.15"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/1.5.15/plexus-utils-1.5.15.jar",
+ "fixed_versions": [
+ "3.0.16"
+ ],
+ "published": "2019-06-10T18:42:32+10:00",
+ "artifact_scan_time": "2020-10-21T17:28:07+11:00",
+ "issue_id": "XRAY-83897",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1322",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522",
+ "https://www.debian.org/security/2018/dsa-4149",
+ "https://www.debian.org/security/2018/dsa-4146",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "Plexus-utils util/xml/XmlWriterUtil.java XmlWriterUtil::writeComment() Function Comment String Escape XML Injection Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:1.5.15",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:1.5.15",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:1.5.15"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/1.5.15/plexus-utils-1.5.15.jar",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-09-15T21:14:39+10:00",
+ "artifact_scan_time": "2020-10-21T17:28:07+11:00",
+ "issue_id": "XRAY-88166",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils contains a flaw in the XmlWriterUtil::writeComment() function in util/xml/XmlWriterUtil.java that is triggered as comment strings are not properly sanitized. This may allow a context-dependent attacker to inject unexpected content through XML code and have an unspecified impact.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/issues/3",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000487",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:3.0",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:3.0"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/3.0/plexus-utils-3.0.jar",
+ "fixed_versions": [
+ "3.0.16"
+ ],
+ "published": "2019-06-10T18:42:32+10:00",
+ "artifact_scan_time": "2020-10-21T17:29:09+11:00",
+ "issue_id": "XRAY-83897",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1322",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522",
+ "https://www.debian.org/security/2018/dsa-4149",
+ "https://www.debian.org/security/2018/dsa-4146",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "Plexus-utils util/xml/XmlWriterUtil.java XmlWriterUtil::writeComment() Function Comment String Escape XML Injection Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:3.0",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:3.0"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/3.0/plexus-utils-3.0.jar",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-09-15T21:14:39+10:00",
+ "artifact_scan_time": "2020-10-21T17:29:09+11:00",
+ "issue_id": "XRAY-88166",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils contains a flaw in the XmlWriterUtil::writeComment() function in util/xml/XmlWriterUtil.java that is triggered as comment strings are not properly sanitized. This may allow a context-dependent attacker to inject unexpected content through XML code and have an unspecified impact.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/issues/3",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Apache Commons Compress archivers/zip/ZipFile.java ZipFile::readCentralDirectoryEntry() Function Uncaught Exception DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.commons:commons-compress:1.19",
+ "impacted_artifact": "gav://org.apache.commons:commons-compress:1.19",
+ "impact_path": [
+ "gav://org.apache.commons:commons-compress:1.19"
+ ],
+ "path": "mavencentral-remote/org/apache/commons/commons-compress/1.19/commons-compress-1.19.jar",
+ "fixed_versions": [],
+ "published": "2021-05-18T20:57:33+10:00",
+ "artifact_scan_time": "2020-10-21T17:29:10+11:00",
+ "issue_id": "XRAY-175855",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons Compress contains a flaw in the ZipFile::readCentralDirectoryEntry() function in main/java/org/apache/commons/compress/archivers/zip/ZipFile.java related to an uncaught exception. This may allow a context-dependent attacker to crash a process linked against the library.",
+ "references": [
+ "https://github.com/apache/commons-compress/commit/26924e96c7730db014c310757e11c9359db07f3e",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33786",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33507",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33462",
+ "https://github.com/apache/commons-compress/commit/882c6dd12473d7b615d503e08fd6b866d0f866d5"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Apache Commons Compress archivers/zip/ZipFile.java ZipFile::readCentralDirectoryEntry() Function Uncaught Exception DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.commons:commons-compress:1.11",
+ "impacted_artifact": "gav://org.apache.commons:commons-compress:1.11",
+ "impact_path": [
+ "gav://org.apache.commons:commons-compress:1.11"
+ ],
+ "path": "mavencentral-remote/org/apache/commons/commons-compress/1.11/commons-compress-1.11.jar",
+ "fixed_versions": [],
+ "published": "2021-05-18T20:57:33+10:00",
+ "artifact_scan_time": "2020-10-21T17:30:07+11:00",
+ "issue_id": "XRAY-175855",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons Compress contains a flaw in the ZipFile::readCentralDirectoryEntry() function in main/java/org/apache/commons/compress/archivers/zip/ZipFile.java related to an uncaught exception. This may allow a context-dependent attacker to crash a process linked against the library.",
+ "references": [
+ "https://github.com/apache/commons-compress/commit/26924e96c7730db014c310757e11c9359db07f3e",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33786",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33507",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33462",
+ "https://github.com/apache/commons-compress/commit/882c6dd12473d7b615d503e08fd6b866d0f866d5"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2015-7501",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 9.8,
+ "summary": "Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.commons:commons-collections4:4.0",
+ "impacted_artifact": "gav://org.apache.commons:commons-collections4:4.0",
+ "impact_path": [
+ "gav://org.apache.commons:commons-collections4:4.0"
+ ],
+ "path": "mavencentral-remote/org/apache/commons/commons-collections4/4.0/commons-collections4-4.0.jar",
+ "fixed_versions": [
+ "4.1"
+ ],
+ "published": "2017-12-12T20:50:15+11:00",
+ "artifact_scan_time": "2020-10-21T17:31:07+11:00",
+ "issue_id": "XRAY-60228",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.",
+ "references": [
+ "http://www.securityfocus.com/bid/78215",
+ "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
+ "https://access.redhat.com/security/vulnerabilities/2059393",
+ "https://access.redhat.com/solutions/2045023",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1279330",
+ "http://rhn.redhat.com/errata/RHSA-2015-2500.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2501.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2502.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2514.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2516.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2517.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2521.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2522.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2524.html",
+ "https://rhn.redhat.com/errata/RHSA-2015-2536.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2670.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2671.html",
+ "http://rhn.redhat.com/errata/RHSA-2016-0040.html",
+ "http://rhn.redhat.com/errata/RHSA-2016-1773.html",
+ "http://www.securitytracker.com/id/1034097",
+ "http://www.securitytracker.com/id/1037052",
+ "http://www.securitytracker.com/id/1037053",
+ "http://www.securitytracker.com/id/1037640"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-4373",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-2000",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2015-7501",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2015-8103",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ },
+ {
+ "cve": "CVE-2015-7450",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-4385",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ },
+ {
+ "cve": "CVE-2016-1998",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2015-8765",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L"
+ },
+ {
+ "cve": "CVE-2015-4852",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ },
+ {
+ "cve": "CVE-2015-6420",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ },
+ {
+ "cve": "CVE-2016-4398",
+ "cvss_v2_score": 6.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-4369",
+ "cvss_v2_score": 6.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-1999",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-1114",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-2009",
+ "cvss_v2_score": 6.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-1986",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-4405",
+ "cvss_v2_score": 6.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2015-6934",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ },
+ {
+ "cve": "CVE-2016-4372",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-4368",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-2003",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-1997",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-1985",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 10,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 10,
+ "summary": "The Apache Commons Collections library contains various classes in the \"functor\" package which are serializable and use reflection. This can be exploited for remote code execution attacks by injecting specially crafted objects to applications that de-serialize java objects from untrusted sources and have the Apache Commons Collections library in their classpath and do not perform any kind of input validation.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.commons:commons-collections4:4.0",
+ "impacted_artifact": "gav://org.apache.commons:commons-collections4:4.0",
+ "impact_path": [
+ "gav://org.apache.commons:commons-collections4:4.0"
+ ],
+ "path": "mavencentral-remote/org/apache/commons/commons-collections4/4.0/commons-collections4-4.0.jar",
+ "fixed_versions": [
+ "4.1"
+ ],
+ "published": "2018-03-29T23:58:27+11:00",
+ "artifact_scan_time": "2020-10-21T17:31:07+11:00",
+ "issue_id": "XRAY-65665",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "The Apache Commons Collections library contains various classes in the \"functor\" package which are serializable and use reflection. This can be exploited for remote code execution attacks by injecting specially crafted objects to applications that de-serialize java objects from untrusted sources and have the Apache Commons Collections library in their classpath and do not perform any kind of input validation.",
+ "references": [
+ "https://commons.apache.org/proper/commons-collections/security-reports.html",
+ "https://exchange.xforce.ibmcloud.com/vulnerabilities/107918"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML Jackson Core WRITE_BIGDECIMAL_AS_PLAIN Setting BigDecimal Writing Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-core:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-core:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-core:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-core/2.6.0/jackson-core-2.6.0.jar",
+ "fixed_versions": [
+ "2.7.7"
+ ],
+ "published": "2021-01-31T22:46:06+11:00",
+ "artifact_scan_time": "2020-10-21T17:34:06+11:00",
+ "issue_id": "XRAY-139063",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML Jackson Core contains a flaw in the WRITE_BIGDECIMAL_AS_PLAIN settings that is triggered as there are no size limits when writing BigDecimal. This may allow an attacker to exhaust available memory resources.",
+ "references": [
+ "https://support.hcltechsw.com/community?id=community_blog\u0026sys_id=6fa12489db02a810a45ad9fcd39619e7",
+ "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0086419\u0026sys_kb_id=5926e8a01b312818534c4159cc4bcbcc"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "json-smart minidev/json/parser/JSONParserBase.java JSONParserBase::extractFloat() Function Improper Exception Handling DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://net.minidev:json-smart:1.1.1",
+ "impacted_artifact": "gav://net.minidev:json-smart:1.1.1",
+ "impact_path": [
+ "gav://net.minidev:json-smart:1.1.1"
+ ],
+ "path": "mavencentral-remote/net/minidev/json-smart/1.1.1/json-smart-1.1.1.jar",
+ "fixed_versions": [],
+ "published": "2021-02-24T20:04:52+11:00",
+ "artifact_scan_time": "2020-10-21T17:34:07+11:00",
+ "issue_id": "XRAY-141174",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "json-smart contains a flaw in the JSONParserBase::extractFloat() function in minidev/json/parser/JSONParserBase.java that is triggered as a NumberFormatException exception is not properly handled when parsing specially crafted float number values. This may allow a context-dependent attacker to crash a process using the library.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-27568",
+ "https://github.com/netplex/json-smart-v1/issues/7",
+ "https://github.com/netplex/json-smart-v2/issues/60"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2009-4611",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "summary": "Mort Bay Jetty 6.x and 7.0.0 writes backtrace data without sanitizing non-printable characters, which might allow remote attackers to modify a window?s title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator, related to (1) a string value in the Age parameter to the default URI for the Cookie Dump Servlet in test-jetty-webapp/src/main/java/com/acme/CookieDump.java under cookie/, (2) an alphabetic value in the A parameter to jsp/expr.jsp, or (3) an alphabetic value in the Content-Length HTTP header to an arbitrary application.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.mortbay.jetty:jetty:6.1.26",
+ "impacted_artifact": "gav://org.mortbay.jetty:jetty:6.1.26",
+ "impact_path": [
+ "gav://org.mortbay.jetty:jetty:6.1.26"
+ ],
+ "path": "mavencentral-remote/org/mortbay/jetty/jetty/6.1.26/jetty-6.1.26.jar",
+ "fixed_versions": [],
+ "published": "2017-07-05T21:31:06+10:00",
+ "artifact_scan_time": "2020-10-21T17:34:07+11:00",
+ "issue_id": "XRAY-55464",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Mort Bay Jetty 6.x and 7.0.0 writes backtrace data without sanitizing non-printable characters, which might allow remote attackers to modify a window?s title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator, related to (1) a string value in the Age parameter to the default URI for the Cookie Dump Servlet in test-jetty-webapp/src/main/java/com/acme/CookieDump.java under cookie/, (2) an alphabetic value in the A parameter to jsp/expr.jsp, or (3) an alphabetic value in the Content-Length HTTP header to an arbitrary application.",
+ "references": [
+ "http://www.ush.it/team/ush/hack_httpd_escape/adv.txt",
+ "http://www.ush.it/team/ush/hack-jetty6x7x/jetty-adv.txt",
+ "http://www.securityfocus.com/archive/1/archive/1/508830/100/0/threaded"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-19360",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.6.0/jackson-databind-2.6.0.jar",
+ "fixed_versions": [
+ "2.9.8",
+ "2.8.11.3",
+ "2.7.9.5",
+ "2.6.7.3"
+ ],
+ "published": "2019-01-29T23:31:53+11:00",
+ "artifact_scan_time": "2020-10-21T17:34:08+11:00",
+ "issue_id": "XRAY-74871",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.",
+ "references": [
+ "http://www.securityfocus.com/bid/107985",
+ "https://seclists.org/bugtraq/2019/May/68",
+ "https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b",
+ "https://github.com/FasterXML/jackson-databind/issues/2186",
+ "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8",
+ "https://issues.apache.org/jira/browse/TINKERPOP-2121",
+ "https://security.netapp.com/advisory/ntap-20190530-0003/",
+ "https://www.debian.org/security/2019/dsa-4452",
+ "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
+ "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
+ "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html",
+ "https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E",
+ "https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c@%3Ccommits.pulsar.apache.org%3E",
+ "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E",
+ "https://access.redhat.com/errata/RHBA-2019:0959",
+ "https://access.redhat.com/errata/RHSA-2019:0782",
+ "https://access.redhat.com/errata/RHSA-2019:0877",
+ "https://access.redhat.com/errata/RHSA-2019:1782",
+ "https://access.redhat.com/errata/RHSA-2019:1797",
+ "https://access.redhat.com/errata/RHSA-2019:1822",
+ "https://access.redhat.com/errata/RHSA-2019:1823",
+ "https://access.redhat.com/errata/RHSA-2019:2804"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-17267",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.6.0/jackson-databind-2.6.0.jar",
+ "fixed_versions": [
+ "2.10.0",
+ "2.8.11.5",
+ "2.9.10",
+ "2.6.7.3"
+ ],
+ "published": "2019-10-11T00:16:45+11:00",
+ "artifact_scan_time": "2020-10-21T17:34:08+11:00",
+ "issue_id": "XRAY-89694",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.",
+ "references": [
+ "https://security.netapp.com/advisory/ntap-20191017-0006/",
+ "https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.3...jackson-databind-2.9.10",
+ "https://github.com/FasterXML/jackson-databind/issues/2460",
+ "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E",
+ "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "FasterXML jackson-databind Multiple Gadgets Insecure Deserialization Unspecified Remote Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.6.0/jackson-databind-2.6.0.jar",
+ "fixed_versions": [
+ "2.9.10.8"
+ ],
+ "published": "2021-01-10T23:41:04+11:00",
+ "artifact_scan_time": "2020-10-21T17:34:08+11:00",
+ "issue_id": "XRAY-138371",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains a flaw that is triggered if an application deserializes JSON content from an untrusted source, as the oadd.org.apache.commons.dbcp.datasources.PerUserPoolDataSource and oadd.org.apache.commons.dbcp.datasources.SharedPoolDataSource gadgets may allow performing sensitive actions. This may allow a remote attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/commit/ac7232e3f9004bdb4f11dcb5bc6c1fadf074f5f7"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-17485",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring libraries are available in the classpath.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.6.0/jackson-databind-2.6.0.jar",
+ "fixed_versions": [
+ "2.7.9.2",
+ "2.9.4",
+ "2.6.7.3",
+ "2.8.11"
+ ],
+ "published": "2018-01-29T18:04:49+11:00",
+ "artifact_scan_time": "2020-10-21T17:34:08+11:00",
+ "issue_id": "XRAY-60821",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring libraries are available in the classpath.",
+ "references": [
+ "http://www.securityfocus.com/archive/1/archive/1/541652/100/0/threaded",
+ "https://access.redhat.com/errata/RHSA-2018:0116",
+ "https://github.com/FasterXML/jackson-databind/issues/1855",
+ "https://github.com/irsl/jackson-rce-via-spel/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-7489",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.6.0/jackson-databind-2.6.0.jar",
+ "fixed_versions": [
+ "2.7.9.3",
+ "2.8.11.1",
+ "2.9.5"
+ ],
+ "published": "2018-04-04T21:15:10+10:00",
+ "artifact_scan_time": "2020-10-21T17:34:08+11:00",
+ "issue_id": "XRAY-66736",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.",
+ "references": [
+ "http://www.securityfocus.com/bid/103203",
+ "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
+ "https://github.com/FasterXML/jackson-databind/issues/1931",
+ "https://security.netapp.com/advisory/ntap-20180328-0001/",
+ "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03902en_us",
+ "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
+ "https://www.debian.org/security/2018/dsa-4190",
+ "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
+ "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
+ "https://access.redhat.com/errata/RHSA-2018:1447",
+ "https://access.redhat.com/errata/RHSA-2018:1448",
+ "https://access.redhat.com/errata/RHSA-2018:1449",
+ "https://access.redhat.com/errata/RHSA-2018:1450",
+ "https://access.redhat.com/errata/RHSA-2018:1451",
+ "https://access.redhat.com/errata/RHSA-2018:1786",
+ "https://access.redhat.com/errata/RHSA-2018:2088",
+ "https://access.redhat.com/errata/RHSA-2018:2089",
+ "https://access.redhat.com/errata/RHSA-2018:2090",
+ "https://access.redhat.com/errata/RHSA-2018:2938",
+ "https://access.redhat.com/errata/RHSA-2018:2939",
+ "https://access.redhat.com/errata/RHSA-2019:2858",
+ "http://www.securitytracker.com/id/1040693",
+ "http://www.securitytracker.com/id/1041890"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-14718",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.6.0/jackson-databind-2.6.0.jar",
+ "fixed_versions": [
+ "2.9.7",
+ "2.8.11.3",
+ "2.7.9.5",
+ "2.6.7.3"
+ ],
+ "published": "2019-01-29T23:31:54+11:00",
+ "artifact_scan_time": "2020-10-21T17:34:08+11:00",
+ "issue_id": "XRAY-74876",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.",
+ "references": [
+ "http://www.securityfocus.com/bid/106601",
+ "https://seclists.org/bugtraq/2019/May/68",
+ "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44",
+ "https://github.com/FasterXML/jackson-databind/issues/2097",
+ "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7",
+ "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
+ "https://www.debian.org/security/2019/dsa-4452",
+ "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
+ "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html",
+ "https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E",
+ "https://access.redhat.com/errata/RHBA-2019:0959",
+ "https://access.redhat.com/errata/RHSA-2019:0782",
+ "https://access.redhat.com/errata/RHSA-2019:0877"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "FasterXML jackson-databind Multiple Gadget Insecure Deserialization Unspecified Remote Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.6.0/jackson-databind-2.6.0.jar",
+ "fixed_versions": [
+ "2.9.10.4",
+ "2.6.7.4"
+ ],
+ "published": "2020-05-10T22:34:24+10:00",
+ "artifact_scan_time": "2020-10-21T17:34:08+11:00",
+ "issue_id": "XRAY-97675",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains a flaw that is triggered if an application deserializes JSON content from an untrusted source, as the org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory, and org.quartz.utils.JNDIConnectionProvider gadgets may allow performing sensitive actions. This may allow a remote attacker to potentially have an unspecified impact.",
+ "references": [
+ "https://www.oracle.com/security-alerts/cpujan2021.html#AppendixRAPP",
+ "https://www.oracle.com/security-alerts/cpujan2021.html#AppendixSCP",
+ "https://github.com/FasterXML/jackson-databind/commit/b59b611f82c546c13753421f79103c6f6e584606",
+ "https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixINSU",
+ "https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixIFLX",
+ "https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixCGBU",
+ "https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixRAPP",
+ "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixCGBU",
+ "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixGLM",
+ "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixIFLX",
+ "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixEM",
+ "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixPVA",
+ "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixFMW",
+ "https://docs.itrsgroup.com/docs/all/release-notes/geneos/geneos-release-notes.htm",
+ "https://github.com/FasterXML/jackson-databind/issues/2658",
+ "https://sid.softek.jp/content/show/35081",
+ "https://github.com/FasterXML/jackson-databind/commit/a424c038ba0c0d65e579e22001dec925902ac0ef",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-10650"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-7525",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.6.0/jackson-databind-2.6.0.jar",
+ "fixed_versions": [
+ "2.9.0.pr3",
+ "2.8.9",
+ "2.7.9.1",
+ "2.6.7.1"
+ ],
+ "published": "2017-11-22T20:02:40+11:00",
+ "artifact_scan_time": "2020-10-21T17:34:08+11:00",
+ "issue_id": "XRAY-59969",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
+ "references": [
+ "http://www.securityfocus.com/bid/99623",
+ "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1462702",
+ "https://cwiki.apache.org/confluence/display/WW/S2-055",
+ "https://github.com/FasterXML/jackson-databind/issues/1599",
+ "https://github.com/FasterXML/jackson-databind/issues/1723",
+ "https://security.netapp.com/advisory/ntap-20171214-0002/",
+ "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03902en_us",
+ "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
+ "https://www.debian.org/security/2017/dsa-4004",
+ "https://www.oracle.com/security-alerts/cpuoct2020.html",
+ "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
+ "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
+ "https://lists.apache.org/thread.html/4641ed8616ccc2c1fbddac2c3dc9900c96387bc226eaf0232d61909b@%3Ccommits.cassandra.apache.org%3E",
+ "https://lists.debian.org/debian-lts-announce/2020/01/msg00037.html",
+ "https://lists.debian.org/debian-lts-announce/2020/08/msg00039.html",
+ "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E",
+ "https://lists.apache.org/thread.html/c2ed4c0126b43e324cf740012a0edd371fd36096fd777be7bfe7a2a6@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/f60afd3c7e9ebaaf70fad4a4beb75cf8740ac959017a31e7006c7486@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/c10a2bf0fdc3d25faf17bd191d6ec46b29a353fa9c97bebd7c4e5913@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/3c87dc8bca99a2b3b4743713b33d1de05b1d6b761fdf316224e9c81f@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/b1f33fe5ade396bb903fdcabe9f243f7692c7dfce5418d3743c2d346@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/5008bcbd45ee65ce39e4220b6ac53d28a24d6bc67d5804e9773a7399@%3Csolr-user.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/c9d5ff20929e8a3c8794facf4c4b326a9c10618812eec356caa20b87@%3Csolr-user.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/f095a791bda6c0595f691eddd0febb2d396987eec5cbd29120d8c629@%3Csolr-user.lucene.apache.org%3E",
+ "https://access.redhat.com/errata/RHSA-2017:1834",
+ "https://access.redhat.com/errata/RHSA-2017:1835",
+ "https://access.redhat.com/errata/RHSA-2017:1836",
+ "https://access.redhat.com/errata/RHSA-2017:1837",
+ "https://access.redhat.com/errata/RHSA-2017:1839",
+ "https://access.redhat.com/errata/RHSA-2017:1840",
+ "https://access.redhat.com/errata/RHSA-2017:2477",
+ "https://access.redhat.com/errata/RHSA-2017:2546",
+ "https://access.redhat.com/errata/RHSA-2017:2547",
+ "https://access.redhat.com/errata/RHSA-2017:2633",
+ "https://access.redhat.com/errata/RHSA-2017:2635",
+ "https://access.redhat.com/errata/RHSA-2017:2636",
+ "https://access.redhat.com/errata/RHSA-2017:2637",
+ "https://access.redhat.com/errata/RHSA-2017:2638",
+ "https://access.redhat.com/errata/RHSA-2017:3141",
+ "https://access.redhat.com/errata/RHSA-2017:3454",
+ "https://access.redhat.com/errata/RHSA-2017:3455",
+ "https://access.redhat.com/errata/RHSA-2017:3456",
+ "https://access.redhat.com/errata/RHSA-2017:3458",
+ "https://access.redhat.com/errata/RHSA-2018:0294",
+ "https://access.redhat.com/errata/RHSA-2018:0342",
+ "https://access.redhat.com/errata/RHSA-2018:1449",
+ "https://access.redhat.com/errata/RHSA-2018:1450",
+ "https://access.redhat.com/errata/RHSA-2019:0910",
+ "https://access.redhat.com/errata/RHSA-2019:2858",
+ "https://access.redhat.com/errata/RHSA-2019:3149",
+ "http://www.securitytracker.com/id/1039744",
+ "http://www.securitytracker.com/id/1039947",
+ "http://www.securitytracker.com/id/1040360"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-16335",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.6.0/jackson-databind-2.6.0.jar",
+ "fixed_versions": [
+ "2.9.10",
+ "2.8.11.5",
+ "2.7.9.7",
+ "2.6.7.3"
+ ],
+ "published": "2019-09-16T20:36:23+10:00",
+ "artifact_scan_time": "2020-10-21T17:34:08+11:00",
+ "issue_id": "XRAY-88210",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/issues/2449",
+ "https://lists.apache.org/thread.html/e90c3feb21702e68a8c08afce37045adb3870f2bf8223fa403fb93fb@%3Ccommits.hbase.apache.org%3E",
+ "https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1@%3Cissues.hbase.apache.org%3E",
+ "https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E",
+ "https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9@%3Cissues.hbase.apache.org%3E",
+ "https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0@%3Cissues.hbase.apache.org%3E",
+ "https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-14719",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.6.0/jackson-databind-2.6.0.jar",
+ "fixed_versions": [
+ "2.9.7",
+ "2.8.11.3",
+ "2.7.9.5",
+ "2.6.7.2"
+ ],
+ "published": "2019-01-29T23:31:53+11:00",
+ "artifact_scan_time": "2020-10-21T17:34:08+11:00",
+ "issue_id": "XRAY-74875",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.",
+ "references": [
+ "https://seclists.org/bugtraq/2019/May/68",
+ "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44",
+ "https://github.com/FasterXML/jackson-databind/issues/2097",
+ "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7",
+ "https://security.netapp.com/advisory/ntap-20190530-0003/",
+ "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
+ "https://www.debian.org/security/2019/dsa-4452",
+ "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
+ "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
+ "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html",
+ "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E",
+ "https://access.redhat.com/errata/RHBA-2019:0959",
+ "https://access.redhat.com/errata/RHSA-2019:0782",
+ "https://access.redhat.com/errata/RHSA-2019:0877",
+ "https://access.redhat.com/errata/RHSA-2019:1782",
+ "https://access.redhat.com/errata/RHSA-2019:1797",
+ "https://access.redhat.com/errata/RHSA-2019:1822",
+ "https://access.redhat.com/errata/RHSA-2019:1823",
+ "https://access.redhat.com/errata/RHSA-2019:2804"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-14893",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A flaw was discovered in FasterXML jackson-databind in all versions before 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.6.0/jackson-databind-2.6.0.jar",
+ "fixed_versions": [
+ "2.8.11.5",
+ "2.9.10",
+ "2.7.9.7",
+ "2.6.7.3"
+ ],
+ "published": "2020-03-04T20:15:52+11:00",
+ "artifact_scan_time": "2020-10-21T17:34:08+11:00",
+ "issue_id": "XRAY-95103",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "A flaw was discovered in FasterXML jackson-databind in all versions before 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.",
+ "references": [
+ "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14893",
+ "https://security.netapp.com/advisory/ntap-20200327-0006/",
+ "https://github.com/FasterXML/jackson-databind/issues/2469",
+ "https://access.redhat.com/errata/RHSA-2020:0729"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8840",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.6.0/jackson-databind-2.6.0.jar",
+ "fixed_versions": [
+ "2.9.10.3",
+ "2.8.11.5",
+ "2.7.9.7"
+ ],
+ "published": "2020-02-11T23:24:22+11:00",
+ "artifact_scan_time": "2020-10-21T17:34:08+11:00",
+ "issue_id": "XRAY-94620",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/issues/2620"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-15095",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.6.0/jackson-databind-2.6.0.jar",
+ "fixed_versions": [
+ "2.9.0",
+ "2.8.11",
+ "2.7.9.2",
+ "2.6.7.3"
+ ],
+ "published": "2018-03-29T22:15:10+11:00",
+ "artifact_scan_time": "2020-10-21T17:34:08+11:00",
+ "issue_id": "XRAY-65641",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.",
+ "references": [
+ "http://www.securitytracker.com/id/1039769",
+ "https://access.redhat.com/errata/RHSA-2017:3189",
+ "https://access.redhat.com/errata/RHSA-2017:3190",
+ "https://access.redhat.com/errata/RHSA-2018:0342",
+ "https://access.redhat.com/errata/RHSA-2018:0478",
+ "https://access.redhat.com/errata/RHSA-2018:0479",
+ "https://access.redhat.com/errata/RHSA-2018:0480",
+ "https://access.redhat.com/errata/RHSA-2018:0481",
+ "https://github.com/FasterXML/jackson-databind/issues/1680",
+ "https://github.com/FasterXML/jackson-databind/issues/1737",
+ "https://security.netapp.com/advisory/ntap-20171214-0003/",
+ "https://www.debian.org/security/2017/dsa-4037"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-19362",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.6.0/jackson-databind-2.6.0.jar",
+ "fixed_versions": [
+ "2.9.8",
+ "2.8.11.3",
+ "2.7.9.5",
+ "2.6.7.3"
+ ],
+ "published": "2019-01-29T23:31:53+11:00",
+ "artifact_scan_time": "2020-10-21T17:34:08+11:00",
+ "issue_id": "XRAY-74869",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b",
+ "https://github.com/FasterXML/jackson-databind/issues/2186",
+ "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8",
+ "https://issues.apache.org/jira/browse/TINKERPOP-2121"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-14720",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.6.0/jackson-databind-2.6.0.jar",
+ "fixed_versions": [
+ "2.9.7",
+ "2.8.11.3",
+ "2.7.9.5",
+ "2.6.7.2"
+ ],
+ "published": "2019-01-29T23:31:53+11:00",
+ "artifact_scan_time": "2020-10-21T17:34:08+11:00",
+ "issue_id": "XRAY-74874",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.",
+ "references": [
+ "https://seclists.org/bugtraq/2019/May/68",
+ "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44",
+ "https://github.com/FasterXML/jackson-databind/issues/2097",
+ "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7",
+ "https://security.netapp.com/advisory/ntap-20190530-0003/",
+ "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
+ "https://www.debian.org/security/2019/dsa-4452",
+ "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
+ "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
+ "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html",
+ "https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E",
+ "https://access.redhat.com/errata/RHBA-2019:0959",
+ "https://access.redhat.com/errata/RHSA-2019:0782",
+ "https://access.redhat.com/errata/RHSA-2019:1106",
+ "https://access.redhat.com/errata/RHSA-2019:1107",
+ "https://access.redhat.com/errata/RHSA-2019:1108",
+ "https://access.redhat.com/errata/RHSA-2019:1140",
+ "https://access.redhat.com/errata/RHSA-2019:1822",
+ "https://access.redhat.com/errata/RHSA-2019:1823",
+ "https://access.redhat.com/errata/RHSA-2019:2858"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-16942",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.6.0/jackson-databind-2.6.0.jar",
+ "fixed_versions": [
+ "2.8.11.5",
+ "2.9.10.1",
+ "2.7.9.7",
+ "2.6.7.3"
+ ],
+ "published": "2019-10-02T22:19:49+10:00",
+ "artifact_scan_time": "2020-10-21T17:34:08+11:00",
+ "issue_id": "XRAY-89105",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.",
+ "references": [
+ "https://seclists.org/bugtraq/2019/Oct/6",
+ "https://www.debian.org/security/2019/dsa-4542",
+ "https://github.com/FasterXML/jackson-databind/issues/2478",
+ "https://issues.apache.org/jira/browse/GEODE-7255",
+ "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062",
+ "https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html",
+ "https://lists.apache.org/thread.html/b2e23c94f9dfef53e04c492e5d02e5c75201734be7adc73a49ef2370@%3Cissues.geode.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "FasterXML jackson-databind org.arrah.framework.rdbms.UpdatableJdbcRowsetImpl Gadget Insecure Deserialization Unspecified Remote Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.6.0/jackson-databind-2.6.0.jar",
+ "fixed_versions": [
+ "2.9.10.6"
+ ],
+ "published": "2020-09-02T23:19:05+10:00",
+ "artifact_scan_time": "2020-10-21T17:34:08+11:00",
+ "issue_id": "XRAY-122084",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains a flaw that is triggered if an application deserializes JSON content from an untrusted source, as the org.arrah.framework.rdbms.UpdatableJdbcRowsetImpl gadget may allow performing sensitive actions. This may allow a remote attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/issues/2827",
+ "https://github.com/FasterXML/jackson-databind/commit/e701bd852ca9a22e04743104987f11ae575a6fe2"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-14721",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 10,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 10,
+ "summary": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.6.0/jackson-databind-2.6.0.jar",
+ "fixed_versions": [
+ "2.7.9.5",
+ "2.8.11.3",
+ "2.9.7",
+ "2.6.7.2"
+ ],
+ "published": "2019-01-29T23:31:53+11:00",
+ "artifact_scan_time": "2020-10-21T17:34:08+11:00",
+ "issue_id": "XRAY-74873",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.",
+ "references": [
+ "https://seclists.org/bugtraq/2019/May/68",
+ "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44",
+ "https://github.com/FasterXML/jackson-databind/issues/2097",
+ "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7",
+ "https://security.netapp.com/advisory/ntap-20190530-0003/",
+ "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
+ "https://www.debian.org/security/2019/dsa-4452",
+ "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
+ "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
+ "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html",
+ "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E",
+ "https://access.redhat.com/errata/RHBA-2019:0959",
+ "https://access.redhat.com/errata/RHSA-2019:0782",
+ "https://access.redhat.com/errata/RHSA-2019:1106",
+ "https://access.redhat.com/errata/RHSA-2019:1107",
+ "https://access.redhat.com/errata/RHSA-2019:1108",
+ "https://access.redhat.com/errata/RHSA-2019:1140",
+ "https://access.redhat.com/errata/RHSA-2019:1822",
+ "https://access.redhat.com/errata/RHSA-2019:1823",
+ "https://access.redhat.com/errata/RHSA-2019:2858"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-14379",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.6.0/jackson-databind-2.6.0.jar",
+ "fixed_versions": [
+ "2.9.9.2",
+ "2.8.11.4",
+ "2.7.9.6",
+ "2.6.7.3"
+ ],
+ "published": "2019-07-30T21:04:13+10:00",
+ "artifact_scan_time": "2020-10-21T17:34:08+11:00",
+ "issue_id": "XRAY-85453",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.",
+ "references": [
+ "https://security.netapp.com/advisory/ntap-20190814-0001/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UKUALE2TUCKEKOHE2D342PQXN4MWCSLC/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OVRZDN2T6AZ6DJCZJ3VSIQIVHBVMVWBL/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXRVXNRFHJSQWFHPRJQRI5UPMZ63B544/",
+ "https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.1...jackson-databind-2.9.9.2",
+ "https://github.com/FasterXML/jackson-databind/issues/2387",
+ "https://lists.apache.org/thread.html/e25e734c315f70d8876a846926cfe3bfa1a4888044f146e844caf72f@%3Ccommits.ambari.apache.org%3E",
+ "https://lists.apache.org/thread.html/f17f63b0f8a57e4a5759e01d25cffc0548f0b61ff5c6bfd704ad2f2a@%3Ccommits.ambari.apache.org%3E",
+ "https://lists.debian.org/debian-lts-announce/2019/08/msg00011.html",
+ "https://lists.apache.org/thread.html/75f482fdc84abe6d0c8f438a76437c335a7bbeb5cddd4d70b4bc0cbf@%3Cissues.iceberg.apache.org%3E",
+ "https://lists.apache.org/thread.html/689c6bcc6c7612eee71e453a115a4c8581e7b718537025d4b265783d@%3Cissues.iceberg.apache.org%3E",
+ "https://lists.apache.org/thread.html/99944f86abefde389da9b4040ea2327c6aa0b53a2ff9352bd4cfec17@%3Cissues.iceberg.apache.org%3E",
+ "https://lists.apache.org/thread.html/d161ff3d59c5a8213400dd6afb1cce1fac4f687c32d1e0c0bfbfaa2d@%3Cissues.iceberg.apache.org%3E",
+ "https://lists.apache.org/thread.html/2766188be238a446a250ef76801037d452979152d85bce5e46805815@%3Cissues.iceberg.apache.org%3E",
+ "https://lists.apache.org/thread.html/8723b52c2544e6cb804bc8a36622c584acd1bd6c53f2b6034c9fea54@%3Cissues.iceberg.apache.org%3E",
+ "https://lists.apache.org/thread.html/859815b2e9f1575acbb2b260b73861c16ca49bca627fa0c46419051f@%3Cissues.iceberg.apache.org%3E",
+ "https://lists.apache.org/thread.html/525bcf949a4b0da87a375cbad2680b8beccde749522f24c49befe7fb@%3Ccommits.pulsar.apache.org%3E",
+ "https://lists.apache.org/thread.html/940b4c3fef002461b89a050935337056d4a036a65ef68e0bbd4621ef@%3Cdev.struts.apache.org%3E",
+ "https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E",
+ "https://lists.apache.org/thread.html/56c8042873595b8c863054c7bfccab4bf2c01c6f5abedae249d914b9@%3Cdev.tomee.apache.org%3E",
+ "https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E",
+ "https://lists.apache.org/thread.html/ee0a051428d2c719acfa297d0854a189ea5e284ef3ed491fa672f4be@%3Cdev.tomee.apache.org%3E",
+ "https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E",
+ "https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d@%3Cdev.tomee.apache.org%3E",
+ "https://lists.apache.org/thread.html/5ecc333113b139429f4f05000d4aa2886974d4df3269c1dd990bb319@%3Cdev.tomee.apache.org%3E",
+ "https://lists.apache.org/thread.html/87e46591de8925f719664a845572d184027258c5a7af0a471b53c77b@%3Cdev.tomee.apache.org%3E",
+ "https://lists.apache.org/thread.html/5fc0e16b7af2590bf1e97c76c136291c4fdb244ee63c65c485c9a7a1@%3Cdev.tomee.apache.org%3E",
+ "https://access.redhat.com/errata/RHBA-2019:2824",
+ "https://access.redhat.com/errata/RHSA-2019:2743",
+ "https://access.redhat.com/errata/RHSA-2019:2858",
+ "https://access.redhat.com/errata/RHSA-2019:2935",
+ "https://access.redhat.com/errata/RHSA-2019:2936",
+ "https://access.redhat.com/errata/RHSA-2019:2937",
+ "https://access.redhat.com/errata/RHSA-2019:2938",
+ "https://access.redhat.com/errata/RHSA-2019:2998",
+ "https://access.redhat.com/errata/RHSA-2019:3044",
+ "https://access.redhat.com/errata/RHSA-2019:3045",
+ "https://access.redhat.com/errata/RHSA-2019:3046",
+ "https://access.redhat.com/errata/RHSA-2019:3050"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "FasterXML jackson-databind CXF JAX-RS Implementation jsontype/impl/SubTypeValidator.java Insecure Deserialization Remote Code Execution",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.6.0/jackson-databind-2.6.0.jar",
+ "fixed_versions": [
+ "2.8.11.5",
+ "2.6.7.3",
+ "2.9.10",
+ "2.7.9.7"
+ ],
+ "published": "2019-08-14T19:47:15+10:00",
+ "artifact_scan_time": "2020-10-21T17:34:08+11:00",
+ "issue_id": "XRAY-85877",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML contains a flaw in jackson-databind jsontype/impl/SubTypeValidator.java related to the CXF JAX-RS implemtation that is triggered as user-supplied JavaScript content is insecurely deserialized. This may allow a remote attacker to potentially execute arbitrary code.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/commit/d4983c740fec7d5576b207a8c30a63d3ea7443de",
+ "https://github.com/FasterXML/jackson-databind/issues/2420"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-20330",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.6.0/jackson-databind-2.6.0.jar",
+ "fixed_versions": [
+ "2.9.10.2",
+ "2.8.11.5",
+ "2.7.9.7"
+ ],
+ "published": "2020-01-05T22:55:41+11:00",
+ "artifact_scan_time": "2020-10-21T17:34:08+11:00",
+ "issue_id": "XRAY-93354",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.10.1...jackson-databind-2.9.10.2",
+ "https://github.com/FasterXML/jackson-databind/issues/2526"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 8.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 8.5,
+ "cvss3_max_score": 8.2,
+ "summary": "FasterXML jackson-databind ext/DOMDeserializer.java DOMDeserializer Class XML External Entity (XXE) Expansion Remote Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.6.0/jackson-databind-2.6.0.jar",
+ "fixed_versions": [],
+ "published": "2020-10-15T22:39:55+11:00",
+ "artifact_scan_time": "2020-10-21T17:34:08+11:00",
+ "issue_id": "XRAY-126663",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains an XXE (Xml eXternal Entity) expansion flaw in the DOMDeserializer class in ext/DOMDeserializer.java that is triggered during the parsing of XML data. The issue is due to an incorrectly configured XML parser accepting XML external entities from an untrusted source. By sending specially crafted XML data, a remote attacker can potentially consume excessive system resources or disclose sensitive information.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-25649",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1887664",
+ "https://github.com/FasterXML/jackson-databind/issues/2589",
+ "https://github.com/FasterXML/jackson-databind/commit/e588f0af61b18576779ffb95a2a689a5eb1f9d15",
+ "https://github.com/FasterXML/jackson-databind/blob/jackson-databind-2.11.0/release-notes/VERSION-2.x",
+ "https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "FasterXML jackson-databind com.nqadmin.rowset.JdbcRowSetImpl Gadget Insecure Deserialization Unspecified Remote Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.6.0/jackson-databind-2.6.0.jar",
+ "fixed_versions": [
+ "2.9.10.6"
+ ],
+ "published": "2020-09-02T23:19:05+10:00",
+ "artifact_scan_time": "2020-10-21T17:34:08+11:00",
+ "issue_id": "XRAY-122085",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains a flaw that is triggered if an application deserializes JSON content from an untrusted source, as the com.nqadmin.rowset.JdbcRowSetImpl gadget may allow performing sensitive actions. This may allow a remote attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/commit/e701bd852ca9a22e04743104987f11ae575a6fe2",
+ "https://github.com/FasterXML/jackson-databind/issues/2826"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-19361",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.6.0/jackson-databind-2.6.0.jar",
+ "fixed_versions": [
+ "2.9.8",
+ "2.8.11.3",
+ "2.7.9.5",
+ "\u003c 2.6.7.3"
+ ],
+ "published": "2019-01-29T23:31:53+11:00",
+ "artifact_scan_time": "2020-10-21T17:34:08+11:00",
+ "issue_id": "XRAY-74870",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.",
+ "references": [
+ "http://www.securityfocus.com/bid/107985",
+ "https://seclists.org/bugtraq/2019/May/68",
+ "https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b",
+ "https://github.com/FasterXML/jackson-databind/issues/2186",
+ "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8",
+ "https://issues.apache.org/jira/browse/TINKERPOP-2121",
+ "https://security.netapp.com/advisory/ntap-20190530-0003/",
+ "https://www.debian.org/security/2019/dsa-4452",
+ "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
+ "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
+ "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html",
+ "https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E",
+ "https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c@%3Ccommits.pulsar.apache.org%3E",
+ "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E",
+ "https://access.redhat.com/errata/RHBA-2019:0959",
+ "https://access.redhat.com/errata/RHSA-2019:0782",
+ "https://access.redhat.com/errata/RHSA-2019:0877",
+ "https://access.redhat.com/errata/RHSA-2019:1782",
+ "https://access.redhat.com/errata/RHSA-2019:1797",
+ "https://access.redhat.com/errata/RHSA-2019:1822",
+ "https://access.redhat.com/errata/RHSA-2019:1823",
+ "https://access.redhat.com/errata/RHSA-2019:2804"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-14892",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.6.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.6.0/jackson-databind-2.6.0.jar",
+ "fixed_versions": [
+ "2.7.9.7",
+ "2.9.10",
+ "2.8.11.5",
+ "2.6.7.3"
+ ],
+ "published": "2020-03-06T20:15:52+11:00",
+ "artifact_scan_time": "2020-10-21T17:34:08+11:00",
+ "issue_id": "XRAY-95121",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code.",
+ "references": [
+ "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14892",
+ "https://github.com/FasterXML/jackson-databind/issues/2462"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000487",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:2.0.5",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:2.0.5",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:2.0.5"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/2.0.5/plexus-utils-2.0.5.jar",
+ "fixed_versions": [
+ "3.0.16"
+ ],
+ "published": "2019-06-10T18:42:32+10:00",
+ "artifact_scan_time": "2020-10-21T17:47:06+11:00",
+ "issue_id": "XRAY-83897",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1322",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522",
+ "https://www.debian.org/security/2018/dsa-4149",
+ "https://www.debian.org/security/2018/dsa-4146",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "Plexus-utils util/xml/XmlWriterUtil.java XmlWriterUtil::writeComment() Function Comment String Escape XML Injection Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:2.0.5",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:2.0.5",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:2.0.5"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/2.0.5/plexus-utils-2.0.5.jar",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-09-15T21:14:39+10:00",
+ "artifact_scan_time": "2020-10-21T17:47:06+11:00",
+ "issue_id": "XRAY-88166",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils contains a flaw in the XmlWriterUtil::writeComment() function in util/xml/XmlWriterUtil.java that is triggered as comment strings are not properly sanitized. This may allow a context-dependent attacker to inject unexpected content through XML code and have an unspecified impact.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/issues/3",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML Jackson Core WRITE_BIGDECIMAL_AS_PLAIN Setting BigDecimal Writing Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-core:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-core:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-core:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-core/2.2.0/jackson-core-2.2.0.jar",
+ "fixed_versions": [
+ "2.7.7"
+ ],
+ "published": "2021-01-31T22:46:06+11:00",
+ "artifact_scan_time": "2020-10-21T17:46:06+11:00",
+ "issue_id": "XRAY-139063",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML Jackson Core contains a flaw in the WRITE_BIGDECIMAL_AS_PLAIN settings that is triggered as there are no size limits when writing BigDecimal. This may allow an attacker to exhaust available memory resources.",
+ "references": [
+ "https://support.hcltechsw.com/community?id=community_blog\u0026sys_id=6fa12489db02a810a45ad9fcd39619e7",
+ "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0086419\u0026sys_kb_id=5926e8a01b312818534c4159cc4bcbcc"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2014-0114",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "summary": "Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-beanutils:commons-beanutils:1.8.0",
+ "impacted_artifact": "gav://commons-beanutils:commons-beanutils:1.8.0",
+ "impact_path": [
+ "gav://commons-beanutils:commons-beanutils:1.8.0"
+ ],
+ "path": "mavencentral-remote/commons-beanutils/commons-beanutils/1.8.0/commons-beanutils-1.8.0.jar",
+ "fixed_versions": [
+ "1.9.4"
+ ],
+ "published": "2017-07-05T21:31:08+10:00",
+ "artifact_scan_time": "2020-10-21T17:45:07+11:00",
+ "issue_id": "XRAY-55616",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.",
+ "references": [
+ "http://advisories.mageia.org/MGASA-2014-0219.html",
+ "http://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.2/RELEASE-NOTES.txt",
+ "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136958.html",
+ "http://marc.info/?l=bugtraq\u0026m=140119284401582\u0026w=2",
+ "http://marc.info/?l=bugtraq\u0026m=140801096002766\u0026w=2",
+ "http://marc.info/?l=bugtraq\u0026m=141451023707502\u0026w=2",
+ "http://openwall.com/lists/oss-security/2014/06/15/10",
+ "http://openwall.com/lists/oss-security/2014/07/08/1",
+ "http://seclists.org/fulldisclosure/2014/Dec/23",
+ "http://secunia.com/advisories/57477",
+ "http://secunia.com/advisories/58710",
+ "http://secunia.com/advisories/58851",
+ "http://secunia.com/advisories/58947",
+ "http://secunia.com/advisories/59014",
+ "http://secunia.com/advisories/59118",
+ "http://secunia.com/advisories/59228",
+ "http://secunia.com/advisories/59245",
+ "http://secunia.com/advisories/59246",
+ "http://secunia.com/advisories/59430",
+ "http://secunia.com/advisories/59464",
+ "http://secunia.com/advisories/59479",
+ "http://secunia.com/advisories/59480",
+ "http://secunia.com/advisories/59704",
+ "http://secunia.com/advisories/59718",
+ "http://secunia.com/advisories/60177",
+ "http://secunia.com/advisories/60703",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21674128",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21674812",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675266",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675387",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675689",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675898",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675972",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676091",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676110",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676303",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676375",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676931",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21677110",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg27042296",
+ "http://www.debian.org/security/2014/dsa-2940",
+ "http://www.ibm.com/support/docview.wss?uid=swg21675496",
+ "http://www.mandriva.com/security/advisories?name=MDVSA-2014:095",
+ "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
+ "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
+ "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
+ "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
+ "http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded",
+ "http://www.securityfocus.com/bid/67121",
+ "http://www.vmware.com/security/advisories/VMSA-2014-0008.html",
+ "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
+ "https://access.redhat.com/solutions/869353",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1091938",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1116665",
+ "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755",
+ "https://issues.apache.org/jira/browse/BEANUTILS-463",
+ "https://security.gentoo.org/glsa/201607-09"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-10086",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 7.3,
+ "summary": "In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-beanutils:commons-beanutils:1.8.0",
+ "impacted_artifact": "gav://commons-beanutils:commons-beanutils:1.8.0",
+ "impact_path": [
+ "gav://commons-beanutils:commons-beanutils:1.8.0"
+ ],
+ "path": "mavencentral-remote/commons-beanutils/commons-beanutils/1.8.0/commons-beanutils-1.8.0.jar",
+ "fixed_versions": [
+ "1.9.4"
+ ],
+ "published": "2019-08-22T19:58:17+10:00",
+ "artifact_scan_time": "2020-10-21T17:45:07+11:00",
+ "issue_id": "XRAY-86096",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.",
+ "references": [
+ "http://mail-archives.apache.org/mod_mbox/www-announce/201908.mbox/%3cC628798F-315D-4428-8CB1-4ED1ECC958E4@apache.org%3e"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-15095",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.2.0/jackson-databind-2.2.0.jar",
+ "fixed_versions": [
+ "2.9.0",
+ "2.8.11",
+ "2.7.9.2",
+ "2.6.7.3"
+ ],
+ "published": "2018-03-29T22:15:10+11:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-65641",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.",
+ "references": [
+ "http://www.securitytracker.com/id/1039769",
+ "https://access.redhat.com/errata/RHSA-2017:3189",
+ "https://access.redhat.com/errata/RHSA-2017:3190",
+ "https://access.redhat.com/errata/RHSA-2018:0342",
+ "https://access.redhat.com/errata/RHSA-2018:0478",
+ "https://access.redhat.com/errata/RHSA-2018:0479",
+ "https://access.redhat.com/errata/RHSA-2018:0480",
+ "https://access.redhat.com/errata/RHSA-2018:0481",
+ "https://github.com/FasterXML/jackson-databind/issues/1680",
+ "https://github.com/FasterXML/jackson-databind/issues/1737",
+ "https://security.netapp.com/advisory/ntap-20171214-0003/",
+ "https://www.debian.org/security/2017/dsa-4037"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-16942",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.2.0/jackson-databind-2.2.0.jar",
+ "fixed_versions": [
+ "2.8.11.5",
+ "2.9.10.1",
+ "2.7.9.7",
+ "2.6.7.3"
+ ],
+ "published": "2019-10-02T22:19:49+10:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-89105",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling.",
+ "references": [
+ "https://seclists.org/bugtraq/2019/Oct/6",
+ "https://www.debian.org/security/2019/dsa-4542",
+ "https://github.com/FasterXML/jackson-databind/issues/2478",
+ "https://issues.apache.org/jira/browse/GEODE-7255",
+ "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062",
+ "https://lists.debian.org/debian-lts-announce/2019/10/msg00001.html",
+ "https://lists.apache.org/thread.html/b2e23c94f9dfef53e04c492e5d02e5c75201734be7adc73a49ef2370@%3Cissues.geode.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "FasterXML jackson-databind Multiple Gadget Insecure Deserialization Unspecified Remote Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.2.0/jackson-databind-2.2.0.jar",
+ "fixed_versions": [
+ "2.9.10.4",
+ "2.6.7.4"
+ ],
+ "published": "2020-05-10T22:34:24+10:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-97675",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains a flaw that is triggered if an application deserializes JSON content from an untrusted source, as the org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory, and org.quartz.utils.JNDIConnectionProvider gadgets may allow performing sensitive actions. This may allow a remote attacker to potentially have an unspecified impact.",
+ "references": [
+ "https://www.oracle.com/security-alerts/cpujan2021.html#AppendixRAPP",
+ "https://www.oracle.com/security-alerts/cpujan2021.html#AppendixSCP",
+ "https://github.com/FasterXML/jackson-databind/commit/b59b611f82c546c13753421f79103c6f6e584606",
+ "https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixINSU",
+ "https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixIFLX",
+ "https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixCGBU",
+ "https://www.oracle.com/security-alerts/cpuoct2020.html#AppendixRAPP",
+ "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixCGBU",
+ "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixGLM",
+ "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixIFLX",
+ "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixEM",
+ "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixPVA",
+ "https://www.oracle.com/security-alerts/cpujul2020.html#AppendixFMW",
+ "https://docs.itrsgroup.com/docs/all/release-notes/geneos/geneos-release-notes.htm",
+ "https://github.com/FasterXML/jackson-databind/issues/2658",
+ "https://sid.softek.jp/content/show/35081",
+ "https://github.com/FasterXML/jackson-databind/commit/a424c038ba0c0d65e579e22001dec925902ac0ef",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-10650"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-19361",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.2.0/jackson-databind-2.2.0.jar",
+ "fixed_versions": [
+ "2.9.8",
+ "2.8.11.3",
+ "2.7.9.5",
+ "\u003c 2.6.7.3"
+ ],
+ "published": "2019-01-29T23:31:53+11:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-74870",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.",
+ "references": [
+ "http://www.securityfocus.com/bid/107985",
+ "https://seclists.org/bugtraq/2019/May/68",
+ "https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b",
+ "https://github.com/FasterXML/jackson-databind/issues/2186",
+ "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8",
+ "https://issues.apache.org/jira/browse/TINKERPOP-2121",
+ "https://security.netapp.com/advisory/ntap-20190530-0003/",
+ "https://www.debian.org/security/2019/dsa-4452",
+ "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
+ "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
+ "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html",
+ "https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E",
+ "https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c@%3Ccommits.pulsar.apache.org%3E",
+ "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E",
+ "https://access.redhat.com/errata/RHBA-2019:0959",
+ "https://access.redhat.com/errata/RHSA-2019:0782",
+ "https://access.redhat.com/errata/RHSA-2019:0877",
+ "https://access.redhat.com/errata/RHSA-2019:1782",
+ "https://access.redhat.com/errata/RHSA-2019:1797",
+ "https://access.redhat.com/errata/RHSA-2019:1822",
+ "https://access.redhat.com/errata/RHSA-2019:1823",
+ "https://access.redhat.com/errata/RHSA-2019:2804"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "FasterXML jackson-databind org.arrah.framework.rdbms.UpdatableJdbcRowsetImpl Gadget Insecure Deserialization Unspecified Remote Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.2.0/jackson-databind-2.2.0.jar",
+ "fixed_versions": [
+ "2.9.10.6"
+ ],
+ "published": "2020-09-02T23:19:05+10:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-122084",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains a flaw that is triggered if an application deserializes JSON content from an untrusted source, as the org.arrah.framework.rdbms.UpdatableJdbcRowsetImpl gadget may allow performing sensitive actions. This may allow a remote attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/issues/2827",
+ "https://github.com/FasterXML/jackson-databind/commit/e701bd852ca9a22e04743104987f11ae575a6fe2"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-7489",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.2.0/jackson-databind-2.2.0.jar",
+ "fixed_versions": [
+ "2.7.9.3",
+ "2.8.11.1",
+ "2.9.5"
+ ],
+ "published": "2018-04-04T21:15:10+10:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-66736",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.",
+ "references": [
+ "http://www.securityfocus.com/bid/103203",
+ "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
+ "https://github.com/FasterXML/jackson-databind/issues/1931",
+ "https://security.netapp.com/advisory/ntap-20180328-0001/",
+ "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03902en_us",
+ "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
+ "https://www.debian.org/security/2018/dsa-4190",
+ "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
+ "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
+ "https://access.redhat.com/errata/RHSA-2018:1447",
+ "https://access.redhat.com/errata/RHSA-2018:1448",
+ "https://access.redhat.com/errata/RHSA-2018:1449",
+ "https://access.redhat.com/errata/RHSA-2018:1450",
+ "https://access.redhat.com/errata/RHSA-2018:1451",
+ "https://access.redhat.com/errata/RHSA-2018:1786",
+ "https://access.redhat.com/errata/RHSA-2018:2088",
+ "https://access.redhat.com/errata/RHSA-2018:2089",
+ "https://access.redhat.com/errata/RHSA-2018:2090",
+ "https://access.redhat.com/errata/RHSA-2018:2938",
+ "https://access.redhat.com/errata/RHSA-2018:2939",
+ "https://access.redhat.com/errata/RHSA-2019:2858",
+ "http://www.securitytracker.com/id/1040693",
+ "http://www.securitytracker.com/id/1041890"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-14379",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.2.0/jackson-databind-2.2.0.jar",
+ "fixed_versions": [
+ "2.9.9.2",
+ "2.8.11.4",
+ "2.7.9.6",
+ "2.6.7.3"
+ ],
+ "published": "2019-07-30T21:04:13+10:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-85453",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.",
+ "references": [
+ "https://security.netapp.com/advisory/ntap-20190814-0001/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UKUALE2TUCKEKOHE2D342PQXN4MWCSLC/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OVRZDN2T6AZ6DJCZJ3VSIQIVHBVMVWBL/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXRVXNRFHJSQWFHPRJQRI5UPMZ63B544/",
+ "https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.1...jackson-databind-2.9.9.2",
+ "https://github.com/FasterXML/jackson-databind/issues/2387",
+ "https://lists.apache.org/thread.html/e25e734c315f70d8876a846926cfe3bfa1a4888044f146e844caf72f@%3Ccommits.ambari.apache.org%3E",
+ "https://lists.apache.org/thread.html/f17f63b0f8a57e4a5759e01d25cffc0548f0b61ff5c6bfd704ad2f2a@%3Ccommits.ambari.apache.org%3E",
+ "https://lists.debian.org/debian-lts-announce/2019/08/msg00011.html",
+ "https://lists.apache.org/thread.html/75f482fdc84abe6d0c8f438a76437c335a7bbeb5cddd4d70b4bc0cbf@%3Cissues.iceberg.apache.org%3E",
+ "https://lists.apache.org/thread.html/689c6bcc6c7612eee71e453a115a4c8581e7b718537025d4b265783d@%3Cissues.iceberg.apache.org%3E",
+ "https://lists.apache.org/thread.html/99944f86abefde389da9b4040ea2327c6aa0b53a2ff9352bd4cfec17@%3Cissues.iceberg.apache.org%3E",
+ "https://lists.apache.org/thread.html/d161ff3d59c5a8213400dd6afb1cce1fac4f687c32d1e0c0bfbfaa2d@%3Cissues.iceberg.apache.org%3E",
+ "https://lists.apache.org/thread.html/2766188be238a446a250ef76801037d452979152d85bce5e46805815@%3Cissues.iceberg.apache.org%3E",
+ "https://lists.apache.org/thread.html/8723b52c2544e6cb804bc8a36622c584acd1bd6c53f2b6034c9fea54@%3Cissues.iceberg.apache.org%3E",
+ "https://lists.apache.org/thread.html/859815b2e9f1575acbb2b260b73861c16ca49bca627fa0c46419051f@%3Cissues.iceberg.apache.org%3E",
+ "https://lists.apache.org/thread.html/525bcf949a4b0da87a375cbad2680b8beccde749522f24c49befe7fb@%3Ccommits.pulsar.apache.org%3E",
+ "https://lists.apache.org/thread.html/940b4c3fef002461b89a050935337056d4a036a65ef68e0bbd4621ef@%3Cdev.struts.apache.org%3E",
+ "https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E",
+ "https://lists.apache.org/thread.html/56c8042873595b8c863054c7bfccab4bf2c01c6f5abedae249d914b9@%3Cdev.tomee.apache.org%3E",
+ "https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E",
+ "https://lists.apache.org/thread.html/ee0a051428d2c719acfa297d0854a189ea5e284ef3ed491fa672f4be@%3Cdev.tomee.apache.org%3E",
+ "https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E",
+ "https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d@%3Cdev.tomee.apache.org%3E",
+ "https://lists.apache.org/thread.html/5ecc333113b139429f4f05000d4aa2886974d4df3269c1dd990bb319@%3Cdev.tomee.apache.org%3E",
+ "https://lists.apache.org/thread.html/87e46591de8925f719664a845572d184027258c5a7af0a471b53c77b@%3Cdev.tomee.apache.org%3E",
+ "https://lists.apache.org/thread.html/5fc0e16b7af2590bf1e97c76c136291c4fdb244ee63c65c485c9a7a1@%3Cdev.tomee.apache.org%3E",
+ "https://access.redhat.com/errata/RHBA-2019:2824",
+ "https://access.redhat.com/errata/RHSA-2019:2743",
+ "https://access.redhat.com/errata/RHSA-2019:2858",
+ "https://access.redhat.com/errata/RHSA-2019:2935",
+ "https://access.redhat.com/errata/RHSA-2019:2936",
+ "https://access.redhat.com/errata/RHSA-2019:2937",
+ "https://access.redhat.com/errata/RHSA-2019:2938",
+ "https://access.redhat.com/errata/RHSA-2019:2998",
+ "https://access.redhat.com/errata/RHSA-2019:3044",
+ "https://access.redhat.com/errata/RHSA-2019:3045",
+ "https://access.redhat.com/errata/RHSA-2019:3046",
+ "https://access.redhat.com/errata/RHSA-2019:3050"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-17267",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.2.0/jackson-databind-2.2.0.jar",
+ "fixed_versions": [
+ "2.10.0",
+ "2.8.11.5",
+ "2.9.10",
+ "2.6.7.3"
+ ],
+ "published": "2019-10-11T00:16:45+11:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-89694",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.",
+ "references": [
+ "https://security.netapp.com/advisory/ntap-20191017-0006/",
+ "https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.3...jackson-databind-2.9.10",
+ "https://github.com/FasterXML/jackson-databind/issues/2460",
+ "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E",
+ "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-14892",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.2.0/jackson-databind-2.2.0.jar",
+ "fixed_versions": [
+ "2.7.9.7",
+ "2.9.10",
+ "2.8.11.5",
+ "2.6.7.3"
+ ],
+ "published": "2020-03-06T20:15:52+11:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-95121",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code.",
+ "references": [
+ "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14892",
+ "https://github.com/FasterXML/jackson-databind/issues/2462"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-20330",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.2.0/jackson-databind-2.2.0.jar",
+ "fixed_versions": [
+ "2.9.10.2",
+ "2.8.11.5",
+ "2.7.9.7"
+ ],
+ "published": "2020-01-05T22:55:41+11:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-93354",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.10.1...jackson-databind-2.9.10.2",
+ "https://github.com/FasterXML/jackson-databind/issues/2526"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-14893",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A flaw was discovered in FasterXML jackson-databind in all versions before 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.2.0/jackson-databind-2.2.0.jar",
+ "fixed_versions": [
+ "2.8.11.5",
+ "2.9.10",
+ "2.7.9.7",
+ "2.6.7.3"
+ ],
+ "published": "2020-03-04T20:15:52+11:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-95103",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "A flaw was discovered in FasterXML jackson-databind in all versions before 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.",
+ "references": [
+ "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14893",
+ "https://security.netapp.com/advisory/ntap-20200327-0006/",
+ "https://github.com/FasterXML/jackson-databind/issues/2469",
+ "https://access.redhat.com/errata/RHSA-2020:0729"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "FasterXML jackson-databind Multiple Gadgets Insecure Deserialization Unspecified Remote Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.2.0/jackson-databind-2.2.0.jar",
+ "fixed_versions": [
+ "2.9.10.8"
+ ],
+ "published": "2021-01-10T23:41:04+11:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-138371",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains a flaw that is triggered if an application deserializes JSON content from an untrusted source, as the oadd.org.apache.commons.dbcp.datasources.PerUserPoolDataSource and oadd.org.apache.commons.dbcp.datasources.SharedPoolDataSource gadgets may allow performing sensitive actions. This may allow a remote attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/commit/ac7232e3f9004bdb4f11dcb5bc6c1fadf074f5f7"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-14719",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.2.0/jackson-databind-2.2.0.jar",
+ "fixed_versions": [
+ "2.9.7",
+ "2.8.11.3",
+ "2.7.9.5",
+ "2.6.7.2"
+ ],
+ "published": "2019-01-29T23:31:53+11:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-74875",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.",
+ "references": [
+ "https://seclists.org/bugtraq/2019/May/68",
+ "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44",
+ "https://github.com/FasterXML/jackson-databind/issues/2097",
+ "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7",
+ "https://security.netapp.com/advisory/ntap-20190530-0003/",
+ "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
+ "https://www.debian.org/security/2019/dsa-4452",
+ "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
+ "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
+ "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html",
+ "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E",
+ "https://access.redhat.com/errata/RHBA-2019:0959",
+ "https://access.redhat.com/errata/RHSA-2019:0782",
+ "https://access.redhat.com/errata/RHSA-2019:0877",
+ "https://access.redhat.com/errata/RHSA-2019:1782",
+ "https://access.redhat.com/errata/RHSA-2019:1797",
+ "https://access.redhat.com/errata/RHSA-2019:1822",
+ "https://access.redhat.com/errata/RHSA-2019:1823",
+ "https://access.redhat.com/errata/RHSA-2019:2804"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-14718",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.2.0/jackson-databind-2.2.0.jar",
+ "fixed_versions": [
+ "2.9.7",
+ "2.8.11.3",
+ "2.7.9.5",
+ "2.6.7.3"
+ ],
+ "published": "2019-01-29T23:31:54+11:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-74876",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.",
+ "references": [
+ "http://www.securityfocus.com/bid/106601",
+ "https://seclists.org/bugtraq/2019/May/68",
+ "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44",
+ "https://github.com/FasterXML/jackson-databind/issues/2097",
+ "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7",
+ "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
+ "https://www.debian.org/security/2019/dsa-4452",
+ "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
+ "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html",
+ "https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E",
+ "https://access.redhat.com/errata/RHBA-2019:0959",
+ "https://access.redhat.com/errata/RHSA-2019:0782",
+ "https://access.redhat.com/errata/RHSA-2019:0877"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8840",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.2.0/jackson-databind-2.2.0.jar",
+ "fixed_versions": [
+ "2.9.10.3",
+ "2.8.11.5",
+ "2.7.9.7"
+ ],
+ "published": "2020-02-11T23:24:22+11:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-94620",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/issues/2620"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-19362",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.2.0/jackson-databind-2.2.0.jar",
+ "fixed_versions": [
+ "2.9.8",
+ "2.8.11.3",
+ "2.7.9.5",
+ "2.6.7.3"
+ ],
+ "published": "2019-01-29T23:31:53+11:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-74869",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b",
+ "https://github.com/FasterXML/jackson-databind/issues/2186",
+ "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8",
+ "https://issues.apache.org/jira/browse/TINKERPOP-2121"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-16335",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.2.0/jackson-databind-2.2.0.jar",
+ "fixed_versions": [
+ "2.9.10",
+ "2.8.11.5",
+ "2.7.9.7",
+ "2.6.7.3"
+ ],
+ "published": "2019-09-16T20:36:23+10:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-88210",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/issues/2449",
+ "https://lists.apache.org/thread.html/e90c3feb21702e68a8c08afce37045adb3870f2bf8223fa403fb93fb@%3Ccommits.hbase.apache.org%3E",
+ "https://lists.apache.org/thread.html/40c00861b53bb611dee7d6f35f864aa7d1c1bd77df28db597cbf27e1@%3Cissues.hbase.apache.org%3E",
+ "https://lists.apache.org/thread.html/a360b46061c91c5cad789b6c3190aef9b9f223a2b75c9c9f046fe016@%3Cissues.hbase.apache.org%3E",
+ "https://lists.apache.org/thread.html/ad0d238e97a7da5eca47a014f0f7e81f440ed6bf74a93183825e18b9@%3Cissues.hbase.apache.org%3E",
+ "https://lists.apache.org/thread.html/dc6b5cad721a4f6b3b62ed1163894941140d9d5656140fb757505ca0@%3Cissues.hbase.apache.org%3E",
+ "https://lists.apache.org/thread.html/0fcef7321095ce0bc597d468d150cff3d647f4cb3aef3bd4d20e1c69@%3Ccommits.tinkerpop.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "FasterXML jackson-databind CXF JAX-RS Implementation jsontype/impl/SubTypeValidator.java Insecure Deserialization Remote Code Execution",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.2.0/jackson-databind-2.2.0.jar",
+ "fixed_versions": [
+ "2.8.11.5",
+ "2.6.7.3",
+ "2.9.10",
+ "2.7.9.7"
+ ],
+ "published": "2019-08-14T19:47:15+10:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-85877",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML contains a flaw in jackson-databind jsontype/impl/SubTypeValidator.java related to the CXF JAX-RS implemtation that is triggered as user-supplied JavaScript content is insecurely deserialized. This may allow a remote attacker to potentially execute arbitrary code.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/commit/d4983c740fec7d5576b207a8c30a63d3ea7443de",
+ "https://github.com/FasterXML/jackson-databind/issues/2420"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-19360",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.2.0/jackson-databind-2.2.0.jar",
+ "fixed_versions": [
+ "2.9.8",
+ "2.8.11.3",
+ "2.7.9.5",
+ "2.6.7.3"
+ ],
+ "published": "2019-01-29T23:31:53+11:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-74871",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.",
+ "references": [
+ "http://www.securityfocus.com/bid/107985",
+ "https://seclists.org/bugtraq/2019/May/68",
+ "https://github.com/FasterXML/jackson-databind/commit/42912cac4753f3f718ece875e4d486f8264c2f2b",
+ "https://github.com/FasterXML/jackson-databind/issues/2186",
+ "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.8",
+ "https://issues.apache.org/jira/browse/TINKERPOP-2121",
+ "https://security.netapp.com/advisory/ntap-20190530-0003/",
+ "https://www.debian.org/security/2019/dsa-4452",
+ "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
+ "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
+ "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html",
+ "https://lists.apache.org/thread.html/37e1ed724a1b0e5d191d98c822c426670bdfde83804567131847d2a3@%3Cdevnull.infra.apache.org%3E",
+ "https://lists.apache.org/thread.html/c70da3cb6e3f03e0ad8013e38b6959419d866c4a7c80fdd34b73f25c@%3Ccommits.pulsar.apache.org%3E",
+ "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E",
+ "https://access.redhat.com/errata/RHBA-2019:0959",
+ "https://access.redhat.com/errata/RHSA-2019:0782",
+ "https://access.redhat.com/errata/RHSA-2019:0877",
+ "https://access.redhat.com/errata/RHSA-2019:1782",
+ "https://access.redhat.com/errata/RHSA-2019:1797",
+ "https://access.redhat.com/errata/RHSA-2019:1822",
+ "https://access.redhat.com/errata/RHSA-2019:1823",
+ "https://access.redhat.com/errata/RHSA-2019:2804"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-14720",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.2.0/jackson-databind-2.2.0.jar",
+ "fixed_versions": [
+ "2.9.7",
+ "2.8.11.3",
+ "2.7.9.5",
+ "2.6.7.2"
+ ],
+ "published": "2019-01-29T23:31:53+11:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-74874",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.",
+ "references": [
+ "https://seclists.org/bugtraq/2019/May/68",
+ "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44",
+ "https://github.com/FasterXML/jackson-databind/issues/2097",
+ "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7",
+ "https://security.netapp.com/advisory/ntap-20190530-0003/",
+ "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
+ "https://www.debian.org/security/2019/dsa-4452",
+ "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
+ "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
+ "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html",
+ "https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E",
+ "https://access.redhat.com/errata/RHBA-2019:0959",
+ "https://access.redhat.com/errata/RHSA-2019:0782",
+ "https://access.redhat.com/errata/RHSA-2019:1106",
+ "https://access.redhat.com/errata/RHSA-2019:1107",
+ "https://access.redhat.com/errata/RHSA-2019:1108",
+ "https://access.redhat.com/errata/RHSA-2019:1140",
+ "https://access.redhat.com/errata/RHSA-2019:1822",
+ "https://access.redhat.com/errata/RHSA-2019:1823",
+ "https://access.redhat.com/errata/RHSA-2019:2858"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-17485",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring libraries are available in the classpath.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.2.0/jackson-databind-2.2.0.jar",
+ "fixed_versions": [
+ "2.7.9.2",
+ "2.9.4",
+ "2.6.7.3",
+ "2.8.11"
+ ],
+ "published": "2018-01-29T18:04:49+11:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-60821",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring libraries are available in the classpath.",
+ "references": [
+ "http://www.securityfocus.com/archive/1/archive/1/541652/100/0/threaded",
+ "https://access.redhat.com/errata/RHSA-2018:0116",
+ "https://github.com/FasterXML/jackson-databind/issues/1855",
+ "https://github.com/irsl/jackson-rce-via-spel/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 8.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 8.5,
+ "cvss3_max_score": 8.2,
+ "summary": "FasterXML jackson-databind ext/DOMDeserializer.java DOMDeserializer Class XML External Entity (XXE) Expansion Remote Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.2.0/jackson-databind-2.2.0.jar",
+ "fixed_versions": [],
+ "published": "2020-10-15T22:39:55+11:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-126663",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains an XXE (Xml eXternal Entity) expansion flaw in the DOMDeserializer class in ext/DOMDeserializer.java that is triggered during the parsing of XML data. The issue is due to an incorrectly configured XML parser accepting XML external entities from an untrusted source. By sending specially crafted XML data, a remote attacker can potentially consume excessive system resources or disclose sensitive information.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-25649",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1887664",
+ "https://github.com/FasterXML/jackson-databind/issues/2589",
+ "https://github.com/FasterXML/jackson-databind/commit/e588f0af61b18576779ffb95a2a689a5eb1f9d15",
+ "https://github.com/FasterXML/jackson-databind/blob/jackson-databind-2.11.0/release-notes/VERSION-2.x",
+ "https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-7525",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.2.0/jackson-databind-2.2.0.jar",
+ "fixed_versions": [
+ "2.9.0.pr3",
+ "2.8.9",
+ "2.7.9.1",
+ "2.6.7.1"
+ ],
+ "published": "2017-11-22T20:02:40+11:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-59969",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
+ "references": [
+ "http://www.securityfocus.com/bid/99623",
+ "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1462702",
+ "https://cwiki.apache.org/confluence/display/WW/S2-055",
+ "https://github.com/FasterXML/jackson-databind/issues/1599",
+ "https://github.com/FasterXML/jackson-databind/issues/1723",
+ "https://security.netapp.com/advisory/ntap-20171214-0002/",
+ "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03902en_us",
+ "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
+ "https://www.debian.org/security/2017/dsa-4004",
+ "https://www.oracle.com/security-alerts/cpuoct2020.html",
+ "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
+ "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
+ "https://lists.apache.org/thread.html/4641ed8616ccc2c1fbddac2c3dc9900c96387bc226eaf0232d61909b@%3Ccommits.cassandra.apache.org%3E",
+ "https://lists.debian.org/debian-lts-announce/2020/01/msg00037.html",
+ "https://lists.debian.org/debian-lts-announce/2020/08/msg00039.html",
+ "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E",
+ "https://lists.apache.org/thread.html/c2ed4c0126b43e324cf740012a0edd371fd36096fd777be7bfe7a2a6@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/f60afd3c7e9ebaaf70fad4a4beb75cf8740ac959017a31e7006c7486@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/c10a2bf0fdc3d25faf17bd191d6ec46b29a353fa9c97bebd7c4e5913@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/3c87dc8bca99a2b3b4743713b33d1de05b1d6b761fdf316224e9c81f@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/b1f33fe5ade396bb903fdcabe9f243f7692c7dfce5418d3743c2d346@%3Cdev.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/5008bcbd45ee65ce39e4220b6ac53d28a24d6bc67d5804e9773a7399@%3Csolr-user.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/c9d5ff20929e8a3c8794facf4c4b326a9c10618812eec356caa20b87@%3Csolr-user.lucene.apache.org%3E",
+ "https://lists.apache.org/thread.html/f095a791bda6c0595f691eddd0febb2d396987eec5cbd29120d8c629@%3Csolr-user.lucene.apache.org%3E",
+ "https://access.redhat.com/errata/RHSA-2017:1834",
+ "https://access.redhat.com/errata/RHSA-2017:1835",
+ "https://access.redhat.com/errata/RHSA-2017:1836",
+ "https://access.redhat.com/errata/RHSA-2017:1837",
+ "https://access.redhat.com/errata/RHSA-2017:1839",
+ "https://access.redhat.com/errata/RHSA-2017:1840",
+ "https://access.redhat.com/errata/RHSA-2017:2477",
+ "https://access.redhat.com/errata/RHSA-2017:2546",
+ "https://access.redhat.com/errata/RHSA-2017:2547",
+ "https://access.redhat.com/errata/RHSA-2017:2633",
+ "https://access.redhat.com/errata/RHSA-2017:2635",
+ "https://access.redhat.com/errata/RHSA-2017:2636",
+ "https://access.redhat.com/errata/RHSA-2017:2637",
+ "https://access.redhat.com/errata/RHSA-2017:2638",
+ "https://access.redhat.com/errata/RHSA-2017:3141",
+ "https://access.redhat.com/errata/RHSA-2017:3454",
+ "https://access.redhat.com/errata/RHSA-2017:3455",
+ "https://access.redhat.com/errata/RHSA-2017:3456",
+ "https://access.redhat.com/errata/RHSA-2017:3458",
+ "https://access.redhat.com/errata/RHSA-2018:0294",
+ "https://access.redhat.com/errata/RHSA-2018:0342",
+ "https://access.redhat.com/errata/RHSA-2018:1449",
+ "https://access.redhat.com/errata/RHSA-2018:1450",
+ "https://access.redhat.com/errata/RHSA-2019:0910",
+ "https://access.redhat.com/errata/RHSA-2019:2858",
+ "https://access.redhat.com/errata/RHSA-2019:3149",
+ "http://www.securitytracker.com/id/1039744",
+ "http://www.securitytracker.com/id/1039947",
+ "http://www.securitytracker.com/id/1040360"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-14721",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 10,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 10,
+ "summary": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.2.0/jackson-databind-2.2.0.jar",
+ "fixed_versions": [
+ "2.7.9.5",
+ "2.8.11.3",
+ "2.9.7",
+ "2.6.7.2"
+ ],
+ "published": "2019-01-29T23:31:53+11:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-74873",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.",
+ "references": [
+ "https://seclists.org/bugtraq/2019/May/68",
+ "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44",
+ "https://github.com/FasterXML/jackson-databind/issues/2097",
+ "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7",
+ "https://security.netapp.com/advisory/ntap-20190530-0003/",
+ "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
+ "https://www.debian.org/security/2019/dsa-4452",
+ "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
+ "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
+ "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html",
+ "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E",
+ "https://access.redhat.com/errata/RHBA-2019:0959",
+ "https://access.redhat.com/errata/RHSA-2019:0782",
+ "https://access.redhat.com/errata/RHSA-2019:1106",
+ "https://access.redhat.com/errata/RHSA-2019:1107",
+ "https://access.redhat.com/errata/RHSA-2019:1108",
+ "https://access.redhat.com/errata/RHSA-2019:1140",
+ "https://access.redhat.com/errata/RHSA-2019:1822",
+ "https://access.redhat.com/errata/RHSA-2019:1823",
+ "https://access.redhat.com/errata/RHSA-2019:2858"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "FasterXML jackson-databind com.nqadmin.rowset.JdbcRowSetImpl Gadget Insecure Deserialization Unspecified Remote Weakness",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impacted_artifact": "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0",
+ "impact_path": [
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.2.0"
+ ],
+ "path": "mavencentral-remote/com/fasterxml/jackson/core/jackson-databind/2.2.0/jackson-databind-2.2.0.jar",
+ "fixed_versions": [
+ "2.9.10.6"
+ ],
+ "published": "2020-09-02T23:19:05+10:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-122085",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains a flaw that is triggered if an application deserializes JSON content from an untrusted source, as the com.nqadmin.rowset.JdbcRowSetImpl gadget may allow performing sensitive actions. This may allow a remote attacker to have an unspecified impact.",
+ "references": [
+ "https://github.com/FasterXML/jackson-databind/commit/e701bd852ca9a22e04743104987f11ae575a6fe2",
+ "https://github.com/FasterXML/jackson-databind/issues/2826"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000487",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:1.0.4",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:1.0.4",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:1.0.4"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/1.0.4/plexus-utils-1.0.4.jar",
+ "fixed_versions": [
+ "3.0.16"
+ ],
+ "published": "2019-06-10T18:42:32+10:00",
+ "artifact_scan_time": "2020-10-21T17:46:07+11:00",
+ "issue_id": "XRAY-83897",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1322",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522",
+ "https://www.debian.org/security/2018/dsa-4149",
+ "https://www.debian.org/security/2018/dsa-4146",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "Plexus-utils util/xml/XmlWriterUtil.java XmlWriterUtil::writeComment() Function Comment String Escape XML Injection Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:2.1",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:2.1",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:2.1"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/2.1/plexus-utils-2.1.jar",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-09-15T21:14:39+10:00",
+ "artifact_scan_time": "2020-10-21T17:48:06+11:00",
+ "issue_id": "XRAY-88166",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils contains a flaw in the XmlWriterUtil::writeComment() function in util/xml/XmlWriterUtil.java that is triggered as comment strings are not properly sanitized. This may allow a context-dependent attacker to inject unexpected content through XML code and have an unspecified impact.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/issues/3",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000487",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:2.1",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:2.1",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:2.1"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/2.1/plexus-utils-2.1.jar",
+ "fixed_versions": [
+ "3.0.16"
+ ],
+ "published": "2019-06-10T18:42:32+10:00",
+ "artifact_scan_time": "2020-10-21T17:48:06+11:00",
+ "issue_id": "XRAY-83897",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1322",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522",
+ "https://www.debian.org/security/2018/dsa-4149",
+ "https://www.debian.org/security/2018/dsa-4146",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "summary": "Apache Commons IO Java Deserialization Remote Code Execution",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-io:commons-io:2.4",
+ "impacted_artifact": "gav://commons-io:commons-io:2.4",
+ "impact_path": [
+ "gav://commons-io:commons-io:2.4"
+ ],
+ "path": "mavencentral-remote/commons-io/commons-io/2.4/commons-io-2.4.jar",
+ "fixed_versions": [
+ "2.5"
+ ],
+ "published": "2019-03-26T03:42:05+11:00",
+ "artifact_scan_time": "2020-10-21T17:47:07+11:00",
+ "issue_id": "XRAY-79102",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons IO contains a flaw that is due to the program failing to restrict which class can be serialized. This may allow a remote attacker to execute arbitrary Java code via deserialization methods.",
+ "references": [
+ "https://issues.apache.org/jira/browse/IO-487",
+ "http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/",
+ "http://commons.apache.org/proper/commons-io/",
+ "http://www.darkreading.com/informationweek-home/why-the-java-deserialization-bug-is-a-big-deal/d/d-id/1323237"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-15708",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "In Apache Synapse, by default no authentication is required for Java Remote Method Invocation (RMI). So Apache Synapse 3.0.1 or all previous releases (3.0.0, 2.1.0, 2.0.0, 1.2, 1.1.2, 1.1.1) allows remote code execution attacks that can be performed by injecting specially crafted serialized objects. And the presence of Apache Commons Collections 3.2.1 (commons-collections-3.2.1.jar) or previous versions in Synapse distribution makes this exploitable. To mitigate the issue, we need to limit RMI access to trusted users only. Further upgrading to 3.0.1 version will eliminate the risk of having said Commons Collection version. In Synapse 3.0.1, Commons Collection has been updated to 3.2.2 version.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-collections:commons-collections:3.2.1",
+ "impacted_artifact": "gav://commons-collections:commons-collections:3.2.1",
+ "impact_path": [
+ "gav://commons-collections:commons-collections:3.2.1"
+ ],
+ "path": "mavencentral-remote/commons-collections/commons-collections/3.2.1/commons-collections-3.2.1.jar",
+ "fixed_versions": [
+ "3.2.2"
+ ],
+ "published": "2017-12-12T17:36:21+11:00",
+ "artifact_scan_time": "2020-10-21T17:45:07+11:00",
+ "issue_id": "XRAY-60226",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "In Apache Synapse, by default no authentication is required for Java Remote Method Invocation (RMI). So Apache Synapse 3.0.1 or all previous releases (3.0.0, 2.1.0, 2.0.0, 1.2, 1.1.2, 1.1.1) allows remote code execution attacks that can be performed by injecting specially crafted serialized objects. And the presence of Apache Commons Collections 3.2.1 (commons-collections-3.2.1.jar) or previous versions in Synapse distribution makes this exploitable. To mitigate the issue, we need to limit RMI access to trusted users only. Further upgrading to 3.0.1 version will eliminate the risk of having said Commons Collection version. In Synapse 3.0.1, Commons Collection has been updated to 3.2.2 version.",
+ "references": [
+ "http://www.securityfocus.com/bid/102154",
+ "https://lists.apache.org/thread.html/77f2accf240d25d91b47033e2f8ebec84ffbc6e6627112b2f98b66c9@%3Cdev.synapse.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2015-7501",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 9.8,
+ "summary": "Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-collections:commons-collections:3.2.1",
+ "impacted_artifact": "gav://commons-collections:commons-collections:3.2.1",
+ "impact_path": [
+ "gav://commons-collections:commons-collections:3.2.1"
+ ],
+ "path": "mavencentral-remote/commons-collections/commons-collections/3.2.1/commons-collections-3.2.1.jar",
+ "fixed_versions": [
+ "3.2.2"
+ ],
+ "published": "2017-12-12T20:50:15+11:00",
+ "artifact_scan_time": "2020-10-21T17:45:07+11:00",
+ "issue_id": "XRAY-60228",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.",
+ "references": [
+ "http://www.securityfocus.com/bid/78215",
+ "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
+ "https://access.redhat.com/security/vulnerabilities/2059393",
+ "https://access.redhat.com/solutions/2045023",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1279330",
+ "http://rhn.redhat.com/errata/RHSA-2015-2500.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2501.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2502.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2514.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2516.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2517.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2521.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2522.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2524.html",
+ "https://rhn.redhat.com/errata/RHSA-2015-2536.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2670.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2671.html",
+ "http://rhn.redhat.com/errata/RHSA-2016-0040.html",
+ "http://rhn.redhat.com/errata/RHSA-2016-1773.html",
+ "http://www.securitytracker.com/id/1034097",
+ "http://www.securitytracker.com/id/1037052",
+ "http://www.securitytracker.com/id/1037053",
+ "http://www.securitytracker.com/id/1037640"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-4373",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-2000",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2015-7501",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2015-8103",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ },
+ {
+ "cve": "CVE-2015-7450",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-4385",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ },
+ {
+ "cve": "CVE-2016-1998",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2015-8765",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L"
+ },
+ {
+ "cve": "CVE-2015-4852",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ },
+ {
+ "cve": "CVE-2015-6420",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ },
+ {
+ "cve": "CVE-2016-4398",
+ "cvss_v2_score": 6.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-4369",
+ "cvss_v2_score": 6.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-1999",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-1114",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-2009",
+ "cvss_v2_score": 6.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-1986",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-4405",
+ "cvss_v2_score": 6.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2015-6934",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ },
+ {
+ "cve": "CVE-2016-4372",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-4368",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-2003",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-1997",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-1985",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 10,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 10,
+ "summary": "The Apache Commons Collections library contains various classes in the \"functor\" package which are serializable and use reflection. This can be exploited for remote code execution attacks by injecting specially crafted objects to applications that de-serialize java objects from untrusted sources and have the Apache Commons Collections library in their classpath and do not perform any kind of input validation.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-collections:commons-collections:3.2.1",
+ "impacted_artifact": "gav://commons-collections:commons-collections:3.2.1",
+ "impact_path": [
+ "gav://commons-collections:commons-collections:3.2.1"
+ ],
+ "path": "mavencentral-remote/commons-collections/commons-collections/3.2.1/commons-collections-3.2.1.jar",
+ "fixed_versions": [
+ "3.2.2"
+ ],
+ "published": "2018-03-29T23:58:27+11:00",
+ "artifact_scan_time": "2020-10-21T17:45:07+11:00",
+ "issue_id": "XRAY-65665",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "The Apache Commons Collections library contains various classes in the \"functor\" package which are serializable and use reflection. This can be exploited for remote code execution attacks by injecting specially crafted objects to applications that de-serialize java objects from untrusted sources and have the Apache Commons Collections library in their classpath and do not perform any kind of input validation.",
+ "references": [
+ "https://commons.apache.org/proper/commons-collections/security-reports.html",
+ "https://exchange.xforce.ibmcloud.com/vulnerabilities/107918"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-17571",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.",
+ "severity": "High",
+ "vulnerable_component": "gav://log4j:log4j:1.2.17",
+ "impacted_artifact": "gav://log4j:log4j:1.2.17",
+ "impact_path": [
+ "gav://log4j:log4j:1.2.17"
+ ],
+ "path": "mavencentral-remote/log4j/log4j/1.2.17/log4j-1.2.17.jar",
+ "fixed_versions": [],
+ "published": "2019-12-23T18:15:27+11:00",
+ "artifact_scan_time": "2020-10-21T17:45:07+11:00",
+ "issue_id": "XRAY-93075",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.",
+ "references": [
+ "https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.8,
+ "summary": "Go cmd/go/internal/work/exec.go #cgo Directive Compiler Command Handling Arbitrary Code Execution",
+ "severity": "High",
+ "vulnerable_component": "go://github.com/golang/go:1.14.4",
+ "impacted_artifact": "docker://eck/eck-operator:1.2.0",
+ "impact_path": [
+ "docker://eck/eck-operator:1.2.0",
+ "generic://sha256:35ef1ae2ad5c6f788b655f2d2b5182be2f01a794bf3fef46f6552842a59c49f0/sha256__35ef1ae2ad5c6f788b655f2d2b5182be2f01a794bf3fef46f6552842a59c49f0.tar.gz",
+ "generic://sha256:2e6e200fb53d06420a288316b6d48dde4b242065ff2fd5b8bb6e93c4ecea86ad/elastic-operator",
+ "go://github.com/golang/go:1.14.4"
+ ],
+ "path": "elastic-docker-remote/eck/eck-operator/1.2.0/",
+ "fixed_versions": [],
+ "published": "2021-01-21T23:49:22+11:00",
+ "artifact_scan_time": "2020-10-23T16:45:19+11:00",
+ "issue_id": "XRAY-138790",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go contains a flaw in the in cmd/go/internal/work/exec.go that is triggered when handling compiler commands in combination with the #cgo directive. With a specially named binary in a package, a context-dependent attacker can execute arbitrary Go code at build time.",
+ "references": [
+ "https://github.com/golang/go/commit/94200a92cf4d6dfdab5291f9e29785cad566faa0",
+ "https://github.com/golang/go/commit/e749a96e717718e3ac881a75f805776370302a86",
+ "https://github.com/golang/go/commit/07e3195293ec510171d7d43ec8ac2bcb9cf00df4",
+ "https://github.com/golang/go/commit/e8e7facfaa47bf21007c0a1c679debba52ec3ea0",
+ "https://github.com/golang/go/issues/43783",
+ "http://golang.org/issue/43783",
+ "/vulnerabilities/247541",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3115",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3121",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "severity": "High",
+ "vulnerable_component": "go://github.com/gogo/protobuf:1.3.1",
+ "impacted_artifact": "docker://eck/eck-operator:1.2.0",
+ "impact_path": [
+ "docker://eck/eck-operator:1.2.0",
+ "generic://sha256:35ef1ae2ad5c6f788b655f2d2b5182be2f01a794bf3fef46f6552842a59c49f0/sha256__35ef1ae2ad5c6f788b655f2d2b5182be2f01a794bf3fef46f6552842a59c49f0.tar.gz",
+ "generic://sha256:2e6e200fb53d06420a288316b6d48dde4b242065ff2fd5b8bb6e93c4ecea86ad/elastic-operator",
+ "go://github.com/gogo/protobuf:1.3.1"
+ ],
+ "path": "elastic-docker-remote/eck/eck-operator/1.2.0/",
+ "fixed_versions": [
+ "1.3.2"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2020-10-23T16:45:19+11:00",
+ "issue_id": "XRAY-139136",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unmarshal/unmarshal.go lacks certain index validation, aka the \"skippy peanut butter\" issue.",
+ "references": [
+ "https://lists.apache.org/thread.html/rc1e9ff22c5641d73701ba56362fb867d40ed287cca000b131dcf4a44@%3Ccommits.pulsar.apache.org%3E",
+ "https://lists.apache.org/thread.html/r88d69555cb74a129a7bf84838073b61259b4a3830190e05a3b87994e@%3Ccommits.pulsar.apache.org%3E",
+ "https://github.com/gogo/protobuf/compare/v1.3.1...v1.3.2",
+ "https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2013-4002",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "summary": "XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names.",
+ "severity": "High",
+ "vulnerable_component": "gav://xerces:xercesImpl:2.6.2",
+ "impacted_artifact": "gav://xerces:xercesImpl:2.6.2",
+ "impact_path": [
+ "gav://xerces:xercesImpl:2.6.2"
+ ],
+ "path": "mavencentral-remote/xerces/xercesImpl/2.6.2/xercesImpl-2.6.2.jar",
+ "fixed_versions": [
+ "2.12.0"
+ ],
+ "published": "2018-12-24T02:18:38+11:00",
+ "artifact_scan_time": "2020-11-17T14:24:05+11:00",
+ "issue_id": "XRAY-74392",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names.",
+ "references": [
+ "https://exchange.xforce.ibmcloud.com/vulnerabilities/85260",
+ "http://www.ubuntu.com/usn/USN-2089-1",
+ "http://www.ubuntu.com/usn/USN-2033-1",
+ "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html",
+ "http://secunia.com/advisories/56257",
+ "http://rhn.redhat.com/errata/RHSA-2015-0773.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-0765.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-0720.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-0675.html",
+ "http://rhn.redhat.com/errata/RHSA-2014-1823.html",
+ "http://rhn.redhat.com/errata/RHSA-2014-1822.html",
+ "http://rhn.redhat.com/errata/RHSA-2014-1821.html",
+ "http://rhn.redhat.com/errata/RHSA-2014-1818.html",
+ "https://access.redhat.com/errata/RHSA-2014:0414",
+ "http://rhn.redhat.com/errata/RHSA-2013-1505.html",
+ "http://rhn.redhat.com/errata/RHSA-2013-1451.html",
+ "http://rhn.redhat.com/errata/RHSA-2013-1447.html",
+ "http://rhn.redhat.com/errata/RHSA-2013-1440.html",
+ "http://rhn.redhat.com/errata/RHSA-2013-1081.html",
+ "http://rhn.redhat.com/errata/RHSA-2013-1060.html",
+ "http://rhn.redhat.com/errata/RHSA-2013-1059.html",
+ "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73@%3Cj-users.xerces.apache.org%3E",
+ "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013",
+ "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2",
+ "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2",
+ "http://security.gentoo.org/glsa/glsa-201406-32.xml",
+ "https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
+ "https://issues.apache.org/jira/browse/XERCESJ-1679",
+ "http://www.ibm.com/support/docview.wss?uid=swg21648172",
+ "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002",
+ "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21657539",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21653371",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21644197",
+ "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch",
+ "http://support.apple.com/kb/HT5982",
+ "http://www.securityfocus.com/bid/61310",
+ "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "summary": "International Components for Unicode UnicodeSet Pattern Nested Ranges Handling Stack Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.ibm.icu:icu4j:2.6.1",
+ "impacted_artifact": "gav://com.ibm.icu:icu4j:2.6.1",
+ "impact_path": [
+ "gav://com.ibm.icu:icu4j:2.6.1"
+ ],
+ "path": "mavencentral-remote/com/ibm/icu/icu4j/2.6.1/icu4j-2.6.1.jar",
+ "fixed_versions": [
+ "61.1"
+ ],
+ "published": "2021-04-07T20:59:26+10:00",
+ "artifact_scan_time": "2020-11-17T14:24:05+11:00",
+ "issue_id": "XRAY-170048",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "International Components for Unicode contains a flaw that is triggered when handling UnicodeSet pattern nested ranges. This may allow a context-dependent attacker to cause a process linked against the library to exhaust available stack space and crash.",
+ "references": [
+ "https://github.com/unicode-org/icu/commit/fdbe2f371bb701ba52b59700bf517800ac1bf55a",
+ "http://web.archive.org/web/*/http://bugs.icu-project.org/trac/changeset/40979",
+ "http://bugs.icu-project.org/trac/ticket/13547"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "summary": "International Components for Unicode for Java (ICU4J) Multiple Unspecified Issues",
+ "severity": "High",
+ "vulnerable_component": "gav://com.ibm.icu:icu4j:2.6.1",
+ "impacted_artifact": "gav://com.ibm.icu:icu4j:2.6.1",
+ "impact_path": [
+ "gav://com.ibm.icu:icu4j:2.6.1"
+ ],
+ "path": "mavencentral-remote/com/ibm/icu/icu4j/2.6.1/icu4j-2.6.1.jar",
+ "fixed_versions": [
+ "58.1"
+ ],
+ "published": "2021-04-09T00:59:26+10:00",
+ "artifact_scan_time": "2020-11-17T14:24:05+11:00",
+ "issue_id": "XRAY-171679",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "International Components for Unicode for Java (ICU4J) contains multiple unspecified flaws that may allow a context-dependent attacker to have an unspecified impact. No further details have been provided.",
+ "references": [
+ "https://unicode-org.atlassian.net/browse/ICU-12611",
+ "http://bugs.icu-project.org/trac/changeset/39151",
+ "http://bugs.icu-project.org/trac/changeset/39168",
+ "http://bugs.icu-project.org/trac/changeset/38953",
+ "http://bugs.icu-project.org/trac/changeset/38954",
+ "http://bugs.icu-project.org/trac/changeset/38955",
+ "http://bugs.icu-project.org/trac/changeset/38956",
+ "http://bugs.icu-project.org/trac/changeset/38939",
+ "http://bugs.icu-project.org/trac/ticket/12611",
+ "http://bugs.icu-project.org/trac/changeset/38935",
+ "http://bugs.icu-project.org/trac/changeset/38936",
+ "http://bugs.icu-project.org/trac/changeset/38937",
+ "http://bugs.icu-project.org/trac/changeset/38938"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10683",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "dom4j before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.",
+ "severity": "High",
+ "vulnerable_component": "gav://dom4j:dom4j:1.6.1",
+ "impacted_artifact": "gav://dom4j:dom4j:1.6.1",
+ "impact_path": [
+ "gav://dom4j:dom4j:1.6.1"
+ ],
+ "path": "mavencentral-remote/dom4j/dom4j/1.6.1/dom4j-1.6.1.jar",
+ "fixed_versions": [],
+ "published": "2020-05-04T01:33:58+10:00",
+ "artifact_scan_time": "2020-11-17T14:24:05+11:00",
+ "issue_id": "XRAY-97250",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "dom4j before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.",
+ "references": [
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1694235",
+ "https://github.com/dom4j/dom4j/releases/tag/version-2.1.3",
+ "https://github.com/dom4j/dom4j/commit/a8228522a99a02146106672a34c104adbda5c658"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-15708",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "In Apache Synapse, by default no authentication is required for Java Remote Method Invocation (RMI). So Apache Synapse 3.0.1 or all previous releases (3.0.0, 2.1.0, 2.0.0, 1.2, 1.1.2, 1.1.1) allows remote code execution attacks that can be performed by injecting specially crafted serialized objects. And the presence of Apache Commons Collections 3.2.1 (commons-collections-3.2.1.jar) or previous versions in Synapse distribution makes this exploitable. To mitigate the issue, we need to limit RMI access to trusted users only. Further upgrading to 3.0.1 version will eliminate the risk of having said Commons Collection version. In Synapse 3.0.1, Commons Collection has been updated to 3.2.2 version.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-collections:commons-collections:3.2",
+ "impacted_artifact": "gav://commons-collections:commons-collections:3.2",
+ "impact_path": [
+ "gav://commons-collections:commons-collections:3.2"
+ ],
+ "path": "mavencentral-remote/commons-collections/commons-collections/3.2/commons-collections-3.2.jar",
+ "fixed_versions": [
+ "3.2.2"
+ ],
+ "published": "2017-12-12T17:36:21+11:00",
+ "artifact_scan_time": "2020-11-17T14:25:02+11:00",
+ "issue_id": "XRAY-60226",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "In Apache Synapse, by default no authentication is required for Java Remote Method Invocation (RMI). So Apache Synapse 3.0.1 or all previous releases (3.0.0, 2.1.0, 2.0.0, 1.2, 1.1.2, 1.1.1) allows remote code execution attacks that can be performed by injecting specially crafted serialized objects. And the presence of Apache Commons Collections 3.2.1 (commons-collections-3.2.1.jar) or previous versions in Synapse distribution makes this exploitable. To mitigate the issue, we need to limit RMI access to trusted users only. Further upgrading to 3.0.1 version will eliminate the risk of having said Commons Collection version. In Synapse 3.0.1, Commons Collection has been updated to 3.2.2 version.",
+ "references": [
+ "http://www.securityfocus.com/bid/102154",
+ "https://lists.apache.org/thread.html/77f2accf240d25d91b47033e2f8ebec84ffbc6e6627112b2f98b66c9@%3Cdev.synapse.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2015-7501",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 9.8,
+ "summary": "Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-collections:commons-collections:3.2",
+ "impacted_artifact": "gav://commons-collections:commons-collections:3.2",
+ "impact_path": [
+ "gav://commons-collections:commons-collections:3.2"
+ ],
+ "path": "mavencentral-remote/commons-collections/commons-collections/3.2/commons-collections-3.2.jar",
+ "fixed_versions": [
+ "3.2.2"
+ ],
+ "published": "2017-12-12T20:50:15+11:00",
+ "artifact_scan_time": "2020-11-17T14:25:02+11:00",
+ "issue_id": "XRAY-60228",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.",
+ "references": [
+ "http://www.securityfocus.com/bid/78215",
+ "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
+ "https://access.redhat.com/security/vulnerabilities/2059393",
+ "https://access.redhat.com/solutions/2045023",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1279330",
+ "http://rhn.redhat.com/errata/RHSA-2015-2500.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2501.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2502.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2514.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2516.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2517.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2521.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2522.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2524.html",
+ "https://rhn.redhat.com/errata/RHSA-2015-2536.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2670.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-2671.html",
+ "http://rhn.redhat.com/errata/RHSA-2016-0040.html",
+ "http://rhn.redhat.com/errata/RHSA-2016-1773.html",
+ "http://www.securitytracker.com/id/1034097",
+ "http://www.securitytracker.com/id/1037052",
+ "http://www.securitytracker.com/id/1037053",
+ "http://www.securitytracker.com/id/1037640"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-4373",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-2000",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2015-7501",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2015-8103",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ },
+ {
+ "cve": "CVE-2015-7450",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-4385",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ },
+ {
+ "cve": "CVE-2016-1998",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2015-8765",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L"
+ },
+ {
+ "cve": "CVE-2015-4852",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ },
+ {
+ "cve": "CVE-2015-6420",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ },
+ {
+ "cve": "CVE-2016-4398",
+ "cvss_v2_score": 6.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-4369",
+ "cvss_v2_score": 6.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-1999",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-1114",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-2009",
+ "cvss_v2_score": 6.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-1986",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-4405",
+ "cvss_v2_score": 6.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2015-6934",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ },
+ {
+ "cve": "CVE-2016-4372",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-4368",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-2003",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-1997",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2016-1985",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 10,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 10,
+ "summary": "The Apache Commons Collections library contains various classes in the \"functor\" package which are serializable and use reflection. This can be exploited for remote code execution attacks by injecting specially crafted objects to applications that de-serialize java objects from untrusted sources and have the Apache Commons Collections library in their classpath and do not perform any kind of input validation.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-collections:commons-collections:3.2",
+ "impacted_artifact": "gav://commons-collections:commons-collections:3.2",
+ "impact_path": [
+ "gav://commons-collections:commons-collections:3.2"
+ ],
+ "path": "mavencentral-remote/commons-collections/commons-collections/3.2/commons-collections-3.2.jar",
+ "fixed_versions": [
+ "3.2.2"
+ ],
+ "published": "2018-03-29T23:58:27+11:00",
+ "artifact_scan_time": "2020-11-17T14:25:02+11:00",
+ "issue_id": "XRAY-65665",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "The Apache Commons Collections library contains various classes in the \"functor\" package which are serializable and use reflection. This can be exploited for remote code execution attacks by injecting specially crafted objects to applications that de-serialize java objects from untrusted sources and have the Apache Commons Collections library in their classpath and do not perform any kind of input validation.",
+ "references": [
+ "https://commons.apache.org/proper/commons-collections/security-reports.html",
+ "https://exchange.xforce.ibmcloud.com/vulnerabilities/107918"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000487",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:1.5.5",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:1.5.5",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:1.5.5"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/1.5.5/plexus-utils-1.5.5.jar",
+ "fixed_versions": [
+ "3.0.16"
+ ],
+ "published": "2019-06-10T18:42:32+10:00",
+ "artifact_scan_time": "2020-11-17T14:25:03+11:00",
+ "issue_id": "XRAY-83897",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1322",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522",
+ "https://www.debian.org/security/2018/dsa-4149",
+ "https://www.debian.org/security/2018/dsa-4146",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "Plexus-utils util/xml/XmlWriterUtil.java XmlWriterUtil::writeComment() Function Comment String Escape XML Injection Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:1.5.5",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:1.5.5",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:1.5.5"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/1.5.5/plexus-utils-1.5.5.jar",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-09-15T21:14:39+10:00",
+ "artifact_scan_time": "2020-11-17T14:25:03+11:00",
+ "issue_id": "XRAY-88166",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils contains a flaw in the XmlWriterUtil::writeComment() function in util/xml/XmlWriterUtil.java that is triggered as comment strings are not properly sanitized. This may allow a context-dependent attacker to inject unexpected content through XML code and have an unspecified impact.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/issues/3",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "summary": "Apache Xalan-Java (XalanJ2) Secure Processing Bypass Remote Code Execution",
+ "severity": "High",
+ "vulnerable_component": "gav://xalan:xalan:2.6.0",
+ "impacted_artifact": "gav://xalan:xalan:2.6.0",
+ "impact_path": [
+ "gav://xalan:xalan:2.6.0"
+ ],
+ "path": "mavencentral-remote/xalan/xalan/2.6.0/xalan-2.6.0.jar",
+ "fixed_versions": [
+ "2.7.2"
+ ],
+ "published": "2019-08-22T21:57:13+10:00",
+ "artifact_scan_time": "2020-11-17T14:25:03+11:00",
+ "issue_id": "XRAY-86121",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Xalan-Java (XalanJ2) contains a flaw that is triggered if the Bean Scripting Framework (BSF) is in the classpath, which can allow available JARs to be spawned with secure processing disabled. This may allow a remote attacker to execute arbitrary code.",
+ "references": [
+ "/vulnerabilities/104942",
+ "/vulnerabilities/104928",
+ "http://svn.apache.org/viewvc?view=revision\u0026revision=1581058",
+ "http://seclists.org/oss-sec/2014/q1/649",
+ "http://www.ocert.org/advisories/ocert-2014-002.html",
+ "http://xml.apache.org/xalan-j"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "summary": "Apache Commons Codec org.apache.commons.codec.language.Soundex.US_ENGLISH_MAPPING Missing MS_PKGPROTECT Field Manipulation Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-codec:commons-codec:1.2",
+ "impacted_artifact": "gav://commons-codec:commons-codec:1.2",
+ "impact_path": [
+ "gav://commons-codec:commons-codec:1.2"
+ ],
+ "path": "mavencentral-remote/commons-codec/commons-codec/1.2/commons-codec-1.2.jar",
+ "fixed_versions": [
+ "1.5"
+ ],
+ "published": "2019-09-04T01:31:03+10:00",
+ "artifact_scan_time": "2020-11-17T14:25:03+11:00",
+ "issue_id": "XRAY-87377",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons Codec contains a flaw related to org.apache.commons.codec.language.Soundex.US_ENGLISH_MAPPING not being package protected via MS_PKGPROTECT. This may allow an attacker to manipulate a mutable static field and have an unspecified impact.",
+ "references": [
+ "http://commons.apache.org/",
+ "https://issues.apache.org/jira/browse/CODEC-114"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-17571",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.",
+ "severity": "High",
+ "vulnerable_component": "gav://log4j:log4j:1.2.12",
+ "impacted_artifact": "gav://log4j:log4j:1.2.12",
+ "impact_path": [
+ "gav://log4j:log4j:1.2.12"
+ ],
+ "path": "mavencentral-remote/log4j/log4j/1.2.12/log4j-1.2.12.jar",
+ "fixed_versions": [],
+ "published": "2019-12-23T18:15:27+11:00",
+ "artifact_scan_time": "2020-11-17T14:25:03+11:00",
+ "issue_id": "XRAY-93075",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.",
+ "references": [
+ "https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "summary": "Apache Lucene org.apache.lucene.search.function.DocValues Infinite Loop DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.lucene:lucene-core:2.3.2",
+ "impacted_artifact": "gav://org.apache.lucene:lucene-core:2.3.2",
+ "impact_path": [
+ "gav://org.apache.lucene:lucene-core:2.3.2"
+ ],
+ "path": "mavencentral-remote/org/apache/lucene/lucene-core/2.3.2/lucene-core-2.3.2.jar",
+ "fixed_versions": [
+ "2.9.0"
+ ],
+ "published": "2019-08-29T15:26:31+10:00",
+ "artifact_scan_time": "2020-11-17T14:25:03+11:00",
+ "issue_id": "XRAY-87253",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Lucene contains a flaw in org.apache.lucene.search.function.DocValues that is triggered when performing calls to the DocValues methods, getMinValue, getMaxValue, getAverageValue, which can result in an infinite loop. This may allow a remote attacker to cause a denial of service.",
+ "references": [
+ "https://lucene.apache.org/",
+ "https://issues.apache.org/jira/browse/LUCENE-1681"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-5382",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Bouncy Castle BKS version 1 keystore (BKS-V1) files use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS-V1 keystore. All BKS-V1 keystores are vulnerable. Bouncy Castle release 1.47 introduces BKS version 2, which uses a 160-bit MAC.",
+ "severity": "High",
+ "vulnerable_component": "gav://bouncycastle:bcprov-jdk15:140",
+ "impacted_artifact": "gav://bouncycastle:bcprov-jdk15:140",
+ "impact_path": [
+ "gav://bouncycastle:bcprov-jdk15:140"
+ ],
+ "path": "mavencentral-remote/bouncycastle/bcprov-jdk15/140/bcprov-jdk15-140.jar",
+ "fixed_versions": [
+ "1.47"
+ ],
+ "published": "2018-06-11T18:33:48+10:00",
+ "artifact_scan_time": "2020-11-17T14:26:02+11:00",
+ "issue_id": "XRAY-68665",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Bouncy Castle BKS version 1 keystore (BKS-V1) files use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS-V1 keystore. All BKS-V1 keystores are vulnerable. Bouncy Castle release 1.47 introduces BKS version 2, which uses a 160-bit MAC.",
+ "references": [
+ "http://www.securityfocus.com/bid/103453",
+ "https://www.bouncycastle.org/releasenotes.html",
+ "https://www.kb.cert.org/vuls/id/306792"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000487",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:1.5.8",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:1.5.8",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:1.5.8"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/1.5.8/plexus-utils-1.5.8.jar",
+ "fixed_versions": [
+ "3.0.16"
+ ],
+ "published": "2019-06-10T18:42:32+10:00",
+ "artifact_scan_time": "2020-11-17T14:27:02+11:00",
+ "issue_id": "XRAY-83897",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1322",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html",
+ "https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522",
+ "https://www.debian.org/security/2018/dsa-4149",
+ "https://www.debian.org/security/2018/dsa-4146",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "Plexus-utils util/xml/XmlWriterUtil.java XmlWriterUtil::writeComment() Function Comment String Escape XML Injection Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:1.5.8",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:1.5.8",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:1.5.8"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/1.5.8/plexus-utils-1.5.8.jar",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-09-15T21:14:39+10:00",
+ "artifact_scan_time": "2020-11-17T14:27:02+11:00",
+ "issue_id": "XRAY-88166",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils contains a flaw in the XmlWriterUtil::writeComment() function in util/xml/XmlWriterUtil.java that is triggered as comment strings are not properly sanitized. This may allow a context-dependent attacker to inject unexpected content through XML code and have an unspecified impact.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/issues/3",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc6:2.28-10",
+ "impacted_artifact": "docker://bitnami/mongodb-exporter:latest",
+ "impact_path": [
+ "docker://bitnami/mongodb-exporter:latest",
+ "generic://sha256:ff7c165d667c6c3e17b2fb70ab39e45d4f4a5f5178ba91d0b5dc2d99402c73ef/sha256__ff7c165d667c6c3e17b2fb70ab39e45d4f4a5f5178ba91d0b5dc2d99402c73ef.tar.gz",
+ "deb://debian:buster:libc6:2.28-10"
+ ],
+ "path": "dockerhub-remote/bitnami/mongodb-exporter/latest/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-01-12T23:29:24+11:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:buster:libc-bin:2.28-10",
+ "impacted_artifact": "docker://bitnami/mongodb-exporter:latest",
+ "impact_path": [
+ "docker://bitnami/mongodb-exporter:latest",
+ "generic://sha256:ff7c165d667c6c3e17b2fb70ab39e45d4f4a5f5178ba91d0b5dc2d99402c73ef/sha256__ff7c165d667c6c3e17b2fb70ab39e45d4f4a5f5178ba91d0b5dc2d99402c73ef.tar.gz",
+ "deb://debian:buster:libc-bin:2.28-10"
+ ],
+ "path": "dockerhub-remote/bitnami/mongodb-exporter/latest/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-01-12T23:29:24+11:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-18269",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:multiarch-support:2.24-11+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:multiarch-support:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-05-19T18:22:29+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-68008",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10878",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:perl:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:perl:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "≥ 5.24.1-3+deb9u7"
+ ],
+ "published": "2020-06-03T17:23:29+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-99873",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18314",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:perl-modules-5.24:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:perl-modules-5.24:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-11-30T14:00:18+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-73973",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-2779",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libblkid1:2.29.2-1+deb9u1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libblkid1:2.29.2-1+deb9u1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2016-11-28T00:17:10+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-40740",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-5482",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libcurl3:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:1607093a898cc241de8712e4361dcd907898fff35b945adca42db3963f3827b3/sha256__1607093a898cc241de8712e4361dcd907898fff35b945adca42db3963f3827b3.tar.gz",
+ "deb://debian:stretch:libcurl3:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2019-09-12T02:51:17+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-87998",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc-bin:2.24-11+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libc-bin:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-2779",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:util-linux:2.29.2-1+deb9u1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:util-linux:2.29.2-1+deb9u1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2016-11-28T00:17:10+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-40740",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.5,
+ "summary": "Java Native Access (JNA) Advapi32Util.registryGetValues() Method REG_SZ, REG_MULTI_SZ / REG_EXPAND_SZ Data Type Handling DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://net.java.dev.jna:jna:4.2.1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf/sha256__aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.60.3",
+ "gav://net.java.dev.jna:jna:4.2.1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "5.0.0"
+ ],
+ "published": "2020-07-27T01:38:45+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-114349",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Java Native Access (JNA) contains a flaw in the Advapi32Util.registryGetValues() method that is triggered when handling a string with the REG_SZ, REG_MULTI_SZ or REG_EXPAND_SZ data types that is stored without properly null terminating characters. This may allow an attacker to crash the program.",
+ "references": [
+ "https://github.com/java-native-access/jna/commit/12493ba771a50fae7d6303e8b58b31eacf903327",
+ "https://github.com/java-native-access/jna/issues/340",
+ "https://github.com/java-native-access/jna/blob/master/CHANGES.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-1000001",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc6:2.24-11+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libc6:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-01-13T14:04:15+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-60416",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18312",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libperl5.24:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:libperl5.24:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-11-30T13:59:48+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-73970",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-1353",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as \"WSL\") while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:git-man:1:2.11.0-3+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:git-man:1:2.11.0-3+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2019-12-11T15:15:19+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-92626",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as \"WSL\") while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "Plexus-utils util/xml/XmlWriterUtil.java XmlWriterUtil::writeComment() Function Comment String Escape XML Injection Unspecified Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0.17",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf/sha256__aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.60.3",
+ "gav://org.jenkins-ci.main:maven-plugin:2.14",
+ "gav://org.codehaus.plexus:plexus-utils:3.0.17"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-09-15T21:14:39+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-88166",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Plexus-utils contains a flaw in the XmlWriterUtil::writeComment() function in util/xml/XmlWriterUtil.java that is triggered as comment strings are not properly sanitized. This may allow a context-dependent attacker to inject unexpected content through XML code and have an unspecified impact.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/issues/3",
+ "https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-3462",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 8.1,
+ "summary": "Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:apt:1.4.8",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:apt:1.4.8"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "≥ 1.4.9"
+ ],
+ "published": "2019-01-23T15:29:56+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-74801",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-16997",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the \"./\" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc-bin:2.24-11+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libc-bin:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-01-13T14:06:04+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-60509",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the \"./\" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-20843",
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.5,
+ "summary": "In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libexpat1:2.2.0-2+deb9u1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:libexpat1:2.2.0-2+deb9u1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2019-06-27T04:21:54+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-84375",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-3102",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 7.3,
+ "summary": "The Script Security plugin before 1.18.1 in Jenkins might allow remote attackers to bypass a Groovy sandbox protection mechanism via a plugin that performs (1) direct field access or (2) get/set array operations.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.jenkins-ci.plugins:script-security:1.13",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf/sha256__aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.60.3",
+ "gav://org.jenkins-ci.plugins:script-security:1.13"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "1.18.1"
+ ],
+ "published": "2017-07-05T21:31:12+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-55833",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "The Script Security plugin before 1.18.1 in Jenkins might allow remote attackers to bypass a Groovy sandbox protection mechanism via a plugin that performs (1) direct field access or (2) get/set array operations.",
+ "references": [
+ "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-04-11"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-9169",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc-bin:2.24-11+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libc-bin:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2019-02-28T14:31:09+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-75785",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-12900",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libbz2-1.0:1.0.6-8.1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libbz2-1.0:1.0.6-8.1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2019-06-20T21:40:18+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-84196",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-9169",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc6:2.24-11+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libc6:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2019-02-28T14:31:09+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-75785",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-17458",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 9.8,
+ "summary": "In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be created programmatically.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:mercurial-common:4.0-1+deb9u1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:mercurial-common:4.0-1+deb9u1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2017-12-09T08:04:43+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-60147",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be created programmatically.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-15686",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 9.8,
+ "summary": "A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libudev1:232-25+deb9u4",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libudev1:232-25+deb9u4"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-10-29T12:05:20+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-73267",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-10086",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 7.3,
+ "summary": "In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-beanutils:commons-beanutils:1.8.3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf/sha256__aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.60.3",
+ "gav://commons-beanutils:commons-beanutils:1.8.3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "1.9.4"
+ ],
+ "published": "2019-08-22T19:58:17+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-86096",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.",
+ "references": [
+ "http://mail-archives.apache.org/mod_mbox/www-announce/201908.mbox/%3cC628798F-315D-4428-8CB1-4ED1ECC958E4@apache.org%3e"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3177",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:python2.7-minimal:2.7.13-2+deb9u2",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:python2.7-minimal:2.7.13-2+deb9u2"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2021-01-21T15:17:47+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-138768",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-1000001",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc-bin:2.24-11+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libc-bin:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-01-13T14:04:15+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-60416",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18314",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libperl5.24:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:libperl5.24:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-11-30T14:00:18+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-73973",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-3462",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 8.1,
+ "summary": "Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libapt-pkg5.0:1.4.8",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libapt-pkg5.0:1.4.8"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2019-01-23T15:29:56+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-74801",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18312",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:perl:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:perl:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "≥ 5.24.1-3+deb9u5"
+ ],
+ "published": "2018-11-30T13:59:48+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-73970",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2015-3253",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized object.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-cli:commons-cli:1.2",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf/sha256__aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.60.3",
+ "gav://org.jenkins-ci.main:maven-plugin:2.14",
+ "gav://commons-cli:commons-cli:1.2"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "2.4.4"
+ ],
+ "published": "2017-07-05T21:31:12+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-55823",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized object.",
+ "references": [
+ "http://rhn.redhat.com/errata/RHSA-2016-0066.html",
+ "http://www.zerodayinitiative.com/advisories/ZDI-15-365/",
+ "http://packetstormsecurity.com/files/132714/Apache-Groovy-2.4.3-Code-Execution.html",
+ "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755",
+ "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
+ "http://groovy-lang.org/security.html",
+ "http://www.securityfocus.com/archive/1/archive/1/536012/100/0/threaded",
+ "http://www.securityfocus.com/bid/91787",
+ "http://www.securityfocus.com/bid/75919"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-13347",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:mercurial:4.0-1+deb9u1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:mercurial:4.0-1+deb9u1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "≥ 4.0-1+deb9u2"
+ ],
+ "published": "2018-07-08T17:25:12+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-69302",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "summary": "Apache Commons IO Java Deserialization Remote Code Execution",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-io:commons-io:2.4",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf/sha256__aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.60.3",
+ "gav://commons-io:commons-io:2.4"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "2.5"
+ ],
+ "published": "2019-03-26T03:42:05+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-79102",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons IO contains a flaw that is due to the program failing to restrict which class can be serialized. This may allow a remote attacker to execute arbitrary Java code via deserialization methods.",
+ "references": [
+ "https://issues.apache.org/jira/browse/IO-487",
+ "http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/",
+ "http://commons.apache.org/proper/commons-io/",
+ "http://www.darkreading.com/informationweek-home/why-the-java-deserialization-bug-is-a-big-deal/d/d-id/1323237"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000408",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc-bin:2.24-11+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libc-bin:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2017-12-12T08:36:27+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-60188",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-16997",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the \"./\" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:multiarch-support:2.24-11+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:multiarch-support:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-01-13T14:06:04+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-60509",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the \"./\" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-14618",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 9.8,
+ "summary": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:curl:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:1607093a898cc241de8712e4361dcd907898fff35b945adca42db3963f3827b3/sha256__1607093a898cc241de8712e4361dcd907898fff35b945adca42db3963f3827b3.tar.gz",
+ "deb://debian:stretch:curl:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "≥ 7.52.1-5+deb9u7"
+ ],
+ "published": "2018-09-06T07:44:04+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-71227",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-16839",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libcurl3-gnutls:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:libcurl3-gnutls:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-11-02T05:43:09+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-73428",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-14618",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 9.8,
+ "summary": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libcurl3-gnutls:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:libcurl3-gnutls:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-09-06T07:44:04+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-71227",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-3092",
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.5,
+ "summary": "The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-fileupload:commons-fileupload:1.3.1-jenkins-1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf/sha256__aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.60.3",
+ "gav://commons-fileupload:commons-fileupload:1.3.1-jenkins-1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "1.3.2"
+ ],
+ "published": "2017-07-05T21:31:10+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-55700",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.",
+ "references": [
+ "http://www.securityfocus.com/bid/91453",
+ "http://svn.apache.org/viewvc?view=revision\u0026revision=1743480",
+ "http://svn.apache.org/viewvc?view=revision\u0026revision=1743722",
+ "http://svn.apache.org/viewvc?view=revision\u0026revision=1743738",
+ "http://svn.apache.org/viewvc?view=revision\u0026revision=1743742",
+ "http://tomcat.apache.org/security-7.html",
+ "http://tomcat.apache.org/security-8.html",
+ "http://tomcat.apache.org/security-9.html",
+ "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1349468",
+ "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05204371",
+ "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289840",
+ "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324759",
+ "http://www.debian.org/security/2016/dsa-3609",
+ "http://www.debian.org/security/2016/dsa-3611",
+ "http://www.debian.org/security/2016/dsa-3614",
+ "http://jvn.jp/en/jp/JVN89379547/index.html",
+ "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000121",
+ "http://mail-archives.apache.org/mod_mbox/commons-dev/201606.mbox/%3CCAF8HOZ%2BPq2QH8RnxBuJyoK1dOz6jrTiQypAC%2BH8g6oZkBg%2BCxg%40mail.gmail.com%3E",
+ "http://lists.opensuse.org/opensuse-updates/2016-09/msg00025.html",
+ "http://www.ubuntu.com/usn/USN-3024-1",
+ "http://www.ubuntu.com/usn/USN-3027-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-1003040",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.55 and earlier allows attackers to invoke arbitrary constructors in sandboxed scripts.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.kohsuke:groovy-sandbox:1.8",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf/sha256__aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.60.3",
+ "gav://org.jenkins-ci.plugins:script-security:1.13",
+ "gav://org.kohsuke:groovy-sandbox:1.8"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "1.21"
+ ],
+ "published": "2019-04-03T21:11:49+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-79769",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.55 and earlier allows attackers to invoke arbitrary constructors in sandboxed scripts.",
+ "references": [
+ "http://www.securityfocus.com/bid/107628",
+ "https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1353",
+ "http://www.openwall.com/lists/oss-security/2019/03/28/2"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-2779",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libuuid1:2.29.2-1+deb9u1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libuuid1:2.29.2-1+deb9u1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2016-11-28T00:17:10+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-40740",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-5953",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Buffer overflow in GNU Wget 1.20.1 and earlier allows remote attackers to cause a denial-of-service (DoS) or may execute an arbitrary code via unspecified vectors.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:wget:1.18-5+deb9u2",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:1607093a898cc241de8712e4361dcd907898fff35b945adca42db3963f3827b3/sha256__1607093a898cc241de8712e4361dcd907898fff35b945adca42db3963f3827b3.tar.gz",
+ "deb://debian:stretch:wget:1.18-5+deb9u2"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "≥ 1.18-5+deb9u3"
+ ],
+ "published": "2019-04-06T07:59:57+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-79941",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Buffer overflow in GNU Wget 1.20.1 and earlier allows remote attackers to cause a denial-of-service (DoS) or may execute an arbitrary code via unspecified vectors.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 9,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:C/I:C/A:C",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9,
+ "cvss3_max_score": 8.8,
+ "summary": "Pivotal Spring Security User Session Unspecified Temporarily Elevated Privilege Persistence",
+ "severity": "High",
+ "vulnerable_component": "gav://org.jenkins-ci.main:jenkins-core:2.60.3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf/sha256__aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.60.3",
+ "gav://org.jenkins-ci.main:jenkins-core:2.60.3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2021-02-22T03:46:54+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-140713",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Pivotal Spring Security contains an unspecified flaw that can allow elevated privileges that are temporarily granted to an authenticated user's session to remain after they have expired. No further details have been provided.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-22112",
+ "https://www.jenkins.io/security/advisory/2021-02-19/",
+ "https://tanzu.vmware.com/security/cve-2021-22112",
+ "https://seclists.org/oss-sec/2021/q1/166"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "Apache Maven External Repository Validation Failure Arbitrary Code Execution",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.maven:maven-compat:3.1.0",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf/sha256__aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.60.3",
+ "gav://org.jenkins-ci.main:maven-plugin:2.14",
+ "gav://org.apache.maven:maven-compat:3.1.0"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "3.8.1"
+ ],
+ "published": "2021-04-14T16:59:26+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-172725",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Maven contains a flaw that is triggered as the program insecurely uses material from an insecure external repository by default. This may allow a remote attacker with control of a repository that is in use, to potentially inject and execute malicious code.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-26291",
+ "http://maven.apache.org/docs/3.8.1/release-notes.html",
+ "http://mail-archives.apache.org/mod_mbox/maven-announce/202104.mbox/%3CMailbird-0918dc43-dc18-4008-b83b-8bc8b1528177%40apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-18269",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc-bin:2.24-11+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libc-bin:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-05-19T18:22:29+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-68008",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18311",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libperl5.24:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:libperl5.24:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-11-30T13:56:46+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-73963",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10878",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:perl-base:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:perl-base:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2020-06-03T17:23:29+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-99873",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-17456",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive \"git clone\" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:git-man:1:2.11.0-3+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:git-man:1:2.11.0-3+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-10-07T03:17:12+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-72281",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive \"git clone\" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-5481",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libcurl3-gnutls:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:libcurl3-gnutls:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2019-09-12T02:40:46+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-87996",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-35512",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "A use-after-free flaw was found in D-Bus Development branch \u003c= 1.13.16, dbus-1.12.x stable branch \u003c= 1.12.18, and dbus-1.10.x and older branches \u003c= 1.10.30 when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D-Bus may free some memory in the heap, which is still used by data structures necessary for the other usernames sharing the UID, possibly leading to a crash or other undefined behaviors",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libdbus-1-3:1.10.26-0+deb9u1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:0539c80a02be3183761cc42f94a4f9cd5e3bc455f4ac3f4ecaab6d476b7fe330/sha256__0539c80a02be3183761cc42f94a4f9cd5e3bc455f4ac3f4ecaab6d476b7fe330.tar.gz",
+ "deb://debian:stretch:libdbus-1-3:1.10.26-0+deb9u1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2021-01-08T15:14:37+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-138268",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A use-after-free flaw was found in D-Bus Development branch \u003c= 1.13.16, dbus-1.12.x stable branch \u003c= 1.12.18, and dbus-1.10.x and older branches \u003c= 1.10.30 when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D-Bus may free some memory in the heap, which is still used by data structures necessary for the other usernames sharing the UID, possibly leading to a crash or other undefined behaviors",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-12562",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in libsndfile through 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libsndfile1:1.0.27-3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:0539c80a02be3183761cc42f94a4f9cd5e3bc455f4ac3f4ecaab6d476b7fe330/sha256__0539c80a02be3183761cc42f94a4f9cd5e3bc455f4ac3f4ecaab6d476b7fe330.tar.gz",
+ "deb://debian:stretch:libsndfile1:1.0.27-3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2017-08-06T18:01:56+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-57758",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Heap-based Buffer Overflow in the psf_binheader_writef function in common.c in libsndfile through 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-2779",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libmount1:2.29.2-1+deb9u1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libmount1:2.29.2-1+deb9u1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2016-11-28T00:17:10+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-40740",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-17458",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 9.8,
+ "summary": "In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be created programmatically.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:mercurial:4.0-1+deb9u1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:mercurial:4.0-1+deb9u1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "≥ 4.0-1+deb9u2"
+ ],
+ "published": "2017-12-09T08:04:43+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-60147",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be created programmatically.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-3822",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libcurl3-gnutls:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:libcurl3-gnutls:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2019-02-07T22:57:39+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-75087",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-13347",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:mercurial-common:4.0-1+deb9u1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:mercurial-common:4.0-1+deb9u1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-07-08T17:25:12+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-69302",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-1352",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 8.8,
+ "summary": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:git-man:1:2.11.0-3+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:git-man:1:2.11.0-3+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2019-12-11T15:13:58+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-92625",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-14176",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 8.8,
+ "summary": "Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:python-bzrlib:2.7.0+bzr6619-7+deb9u1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:python-bzrlib:2.7.0+bzr6619-7+deb9u1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2017-09-27T04:23:04+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-58683",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-8457",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libsqlite3-0:3.16.2-5+deb9u1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:9a8ea045c9261c180a34df19cfc9bb3c3f28f29b279bf964ee801536e8244f2f/sha256__9a8ea045c9261c180a34df19cfc9bb3c3f28f29b279bf964ee801536e8244f2f.tar.gz",
+ "deb://debian:stretch:libsqlite3-0:3.16.2-5+deb9u1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2019-05-31T08:34:15+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-83115",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Apache Commons Compress archivers/zip/ZipFile.java ZipFile::readCentralDirectoryEntry() Function Uncaught Exception DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.commons:commons-compress:1.10",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf/sha256__aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.60.3",
+ "gav://org.apache.commons:commons-compress:1.10"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2021-05-18T20:57:33+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-175855",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons Compress contains a flaw in the ZipFile::readCentralDirectoryEntry() function in main/java/org/apache/commons/compress/archivers/zip/ZipFile.java related to an uncaught exception. This may allow a context-dependent attacker to crash a process linked against the library.",
+ "references": [
+ "https://github.com/apache/commons-compress/commit/26924e96c7730db014c310757e11c9359db07f3e",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33786",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33507",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33462",
+ "https://github.com/apache/commons-compress/commit/882c6dd12473d7b615d503e08fd6b866d0f866d5"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-15686",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 9.8,
+ "summary": "A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libsystemd0:232-25+deb9u4",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libsystemd0:232-25+deb9u4"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-10-29T12:05:20+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-73267",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-6814",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it was possible for an attacker to bake a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects were subject to this vulnerability.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-cli:commons-cli:1.2",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf/sha256__aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.60.3",
+ "gav://org.jenkins-ci.main:maven-plugin:2.14",
+ "gav://commons-cli:commons-cli:1.2"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "2.4.8"
+ ],
+ "published": "2018-03-12T23:28:18+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-64722",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it was possible for an attacker to bake a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects were subject to this vulnerability.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2017:2596",
+ "https://access.redhat.com/errata/RHSA-2017:2486",
+ "https://access.redhat.com/errata/RHSA-2017:0868",
+ "http://www.securitytracker.com/id/1039600",
+ "http://www.securityfocus.com/bid/95429",
+ "http://rhn.redhat.com/errata/RHSA-2017-0272.html",
+ "http://mail-archives.apache.org/mod_mbox/www-announce/201701.mbox/%3CCADRx3PMZ2hBCGDTY35zYXFGaDnjAs0tc5-upaVs6QN2sYUejyA%40mail.gmail.com%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-18269",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc6:2.24-11+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libc6:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-05-19T18:22:29+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-68008",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000408",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc6:2.24-11+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libc6:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2017-12-12T08:36:27+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-60188",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18314",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:perl:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:perl:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "≥ 5.24.1-3+deb9u5"
+ ],
+ "published": "2018-11-30T14:00:18+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-73973",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-2779",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:bsdutils:1:2.29.2-1+deb9u1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:bsdutils:1:2.29.2-1+deb9u1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2016-11-28T00:17:10+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-40740",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-17456",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive \"git clone\" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:git:1:2.11.0-3+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:git:1:2.11.0-3+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "≥ 1:2.11.0-3+deb9u4"
+ ],
+ "published": "2018-10-07T03:17:12+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-72281",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive \"git clone\" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-5482",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:curl:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:1607093a898cc241de8712e4361dcd907898fff35b945adca42db3963f3827b3/sha256__1607093a898cc241de8712e4361dcd907898fff35b945adca42db3963f3827b3.tar.gz",
+ "deb://debian:stretch:curl:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "≥ 7.52.1-5+deb9u10"
+ ],
+ "published": "2019-09-12T02:51:17+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-87998",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-9169",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:multiarch-support:2.24-11+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:multiarch-support:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2019-02-28T14:31:09+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-75785",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-12450",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libglib2.0-0:2.50.3-2",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:0539c80a02be3183761cc42f94a4f9cd5e3bc455f4ac3f4ecaab6d476b7fe330/sha256__0539c80a02be3183761cc42f94a4f9cd5e3bc455f4ac3f4ecaab6d476b7fe330.tar.gz",
+ "deb://debian:stretch:libglib2.0-0:2.50.3-2"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2019-05-31T08:32:23+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-83112",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead, default permissions are used.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-1000031",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-fileupload:commons-fileupload:1.3.1-jenkins-1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf/sha256__aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.60.3",
+ "gav://commons-fileupload:commons-fileupload:1.3.1-jenkins-1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "1.3.3"
+ ],
+ "published": "2017-07-05T21:31:10+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-55689",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution",
+ "references": [
+ "http://www.securityfocus.com/bid/93604",
+ "http://www.tenable.com/security/research/tra-2016-12",
+ "http://www.zerodayinitiative.com/advisories/ZDI-16-570/",
+ "https://www.tenable.com/security/research/tra-2016-30"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-6485",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc-bin:2.24-11+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libc-bin:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-02-05T01:13:03+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-64004",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-2099",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.jenkins-ci.main:jenkins-core:2.60.3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf/sha256__aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.60.3",
+ "gav://org.jenkins-ci.main:jenkins-core:2.60.3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "2.214",
+ "2.204.2"
+ ],
+ "published": "2020-02-03T20:02:16+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-94246",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents.",
+ "references": [
+ "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682",
+ "http://www.openwall.com/lists/oss-security/2020/01/29/1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-5481",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:curl:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:1607093a898cc241de8712e4361dcd907898fff35b945adca42db3963f3827b3/sha256__1607093a898cc241de8712e4361dcd907898fff35b945adca42db3963f3827b3.tar.gz",
+ "deb://debian:stretch:curl:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "≥ 7.52.1-5+deb9u10"
+ ],
+ "published": "2019-09-12T02:40:46+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-87996",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-1000001",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:multiarch-support:2.24-11+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:multiarch-support:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-01-13T14:04:15+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-60416",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2015-5211",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 8.6,
+ "summary": "Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versions is vulnerable to a Reflected File Download (RFD) attack. The attack involves a malicious user crafting a URL with a batch script extension that results in the response being downloaded rather than rendered and also includes some input reflected in the response.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.springframework:spring-web:2.5.6.SEC03",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf/sha256__aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.60.3",
+ "gav://org.springframework:spring-web:2.5.6.SEC03"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "4.2.2.RELEASE",
+ "4.1.8.RELEASE",
+ "3.2.15.RELEASE"
+ ],
+ "published": "2017-07-05T21:31:13+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-55901",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versions is vulnerable to a Reflected File Download (RFD) attack. The attack involves a malicious user crafting a URL with a batch script extension that results in the response being downloaded rather than rendered and also includes some input reflected in the response.",
+ "references": [
+ "https://pivotal.io/security/cve-2015-5211",
+ "https://www.trustwave.com/Resources/SpiderLabs-Blog/Reflected-File-Download---A-New-Web-Attack-Vector/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2015-5211",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 8.6,
+ "summary": "Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versions is vulnerable to a Reflected File Download (RFD) attack. The attack involves a malicious user crafting a URL with a batch script extension that results in the response being downloaded rather than rendered and also includes some input reflected in the response.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.springframework:spring-web:2.5.6.SEC03",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf/sha256__aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.60.3",
+ "gav://org.springframework:spring-web:2.5.6.SEC03"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "4.2.2.RELEASE",
+ "4.1.8.RELEASE",
+ "3.2.15.RELEASE"
+ ],
+ "published": "2017-07-05T21:31:13+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-55901",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versions is vulnerable to a Reflected File Download (RFD) attack. The attack involves a malicious user crafting a URL with a batch script extension that results in the response being downloaded rather than rendered and also includes some input reflected in the response.",
+ "references": [
+ "https://pivotal.io/security/cve-2015-5211",
+ "https://www.trustwave.com/Resources/SpiderLabs-Blog/Reflected-File-Download---A-New-Web-Attack-Vector/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-14618",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 9.8,
+ "summary": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libcurl3:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:1607093a898cc241de8712e4361dcd907898fff35b945adca42db3963f3827b3/sha256__1607093a898cc241de8712e4361dcd907898fff35b945adca42db3963f3827b3.tar.gz",
+ "deb://debian:stretch:libcurl3:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-09-06T07:44:04+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-71227",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-1003040",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.55 and earlier allows attackers to invoke arbitrary constructors in sandboxed scripts.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.jenkins-ci.plugins:script-security:1.13",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf/sha256__aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.60.3",
+ "gav://org.jenkins-ci.plugins:script-security:1.13"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "1.56",
+ "1.54.1"
+ ],
+ "published": "2019-04-03T21:11:49+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-79769",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.55 and earlier allows attackers to invoke arbitrary constructors in sandboxed scripts.",
+ "references": [
+ "http://www.securityfocus.com/bid/107628",
+ "https://jenkins.io/security/advisory/2019-03-25/#SECURITY-1353",
+ "http://www.openwall.com/lists/oss-security/2019/03/28/2"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-14062",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libidn11:1.33-1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libidn11:1.33-1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2017-09-04T07:47:18+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-58088",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Integer overflow in the decode_digit function in puny_decode.c in Libidn2 before 2.0.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-6485",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:multiarch-support:2.24-11+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:multiarch-support:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-02-05T01:13:03+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-64004",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-1352",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 8.8,
+ "summary": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:git:1:2.11.0-3+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:git:1:2.11.0-3+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "≥ 1:2.11.0-3+deb9u5"
+ ],
+ "published": "2019-12-11T15:13:58+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-92625",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18314",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:perl-base:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:perl-base:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-11-30T14:00:18+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-73973",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-15688",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libudev1:232-25+deb9u4",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libudev1:232-25+deb9u4"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-10-29T11:52:21+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-73258",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10878",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:perl-modules-5.24:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:perl-modules-5.24:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2020-06-03T17:23:29+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-99873",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000408",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:multiarch-support:2.24-11+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:multiarch-support:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2017-12-12T08:36:27+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-60188",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-16839",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:curl:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:1607093a898cc241de8712e4361dcd907898fff35b945adca42db3963f3827b3/sha256__1607093a898cc241de8712e4361dcd907898fff35b945adca42db3963f3827b3.tar.gz",
+ "deb://debian:stretch:curl:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "≥ 7.52.1-5+deb9u8"
+ ],
+ "published": "2018-11-02T05:43:09+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-73428",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-6551",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:multiarch-support:2.24-11+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:multiarch-support:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-02-05T01:11:27+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-63998",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-1000861",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 9.8,
+ "summary": "A code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java that allows attackers to invoke some methods on Java objects by accessing crafted URLs that were not intended to be invoked this way.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.jenkins-ci.main:jenkins-core:2.60.3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf/sha256__aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.60.3",
+ "gav://org.jenkins-ci.main:jenkins-core:2.60.3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "2.138.4]|[2.150.1][2.154"
+ ],
+ "published": "2018-12-18T02:11:41+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-74272",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "A code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java that allows attackers to invoke some methods on Java objects by accessing crafted URLs that were not intended to be invoked this way.",
+ "references": [
+ "http://www.securityfocus.com/bid/106176",
+ "https://jenkins.io/security/advisory/2018-12-05/#SECURITY-595",
+ "https://access.redhat.com/errata/RHBA-2019:0024"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-2779",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libfdisk1:2.29.2-1+deb9u1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libfdisk1:2.29.2-1+deb9u1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2016-11-28T00:17:10+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-40740",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-2779",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:mount:2.29.2-1+deb9u1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:mount:2.29.2-1+deb9u1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2016-11-28T00:17:10+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-40740",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18312",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:perl-modules-5.24:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:perl-modules-5.24:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-11-30T13:59:48+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-73970",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18311",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:perl:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:perl:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "≥ 5.24.1-3+deb9u5"
+ ],
+ "published": "2018-11-30T13:56:46+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-73963",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10878",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libperl5.24:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:libperl5.24:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2020-06-03T17:23:29+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-99873",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.30.3 has an integer overflow related to mishandling of a \"PL_regkind[OP(n)] == NOTHING\" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-6551",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc-bin:2.24-11+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libc-bin:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-02-05T01:11:27+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-63998",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-6485",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc6:2.24-11+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libc6:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-02-05T01:13:03+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-64004",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:multiarch-support:2.24-11+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:multiarch-support:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3177",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libpython2.7-minimal:2.7.13-2+deb9u2",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:libpython2.7-minimal:2.7.13-2+deb9u2"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2021-01-21T15:17:47+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-138768",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-16997",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the \"./\" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc6:2.24-11+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libc6:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-01-13T14:06:04+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-60509",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the \"./\" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-25013",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 5.9,
+ "summary": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc6:2.24-11+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libc6:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2021-01-05T15:10:13+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-138140",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-12424",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege boundary in, for example, certain web-hosting environments in which a Control Panel allows an unprivileged user account to create subaccounts.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:passwd:1:4.4-4.1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:passwd:1:4.4-4.1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2017-08-05T18:23:34+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-57714",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege boundary in, for example, certain web-hosting environments in which a Control Panel allows an unprivileged user account to create subaccounts.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3177",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:python2.7:2.7.13-2+deb9u2",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:python2.7:2.7.13-2+deb9u2"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2021-01-21T15:17:47+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-138768",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-15688",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libsystemd0:232-25+deb9u4",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libsystemd0:232-25+deb9u4"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-10-29T11:52:21+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-73258",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18311",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:perl-modules-5.24:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:perl-modules-5.24:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-11-30T13:56:46+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-73963",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-1349",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 8.8,
+ "summary": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:git:1:2.11.0-3+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:git:1:2.11.0-3+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "≥ 1:2.11.0-3+deb9u5"
+ ],
+ "published": "2019-12-11T15:38:30+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-92638",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-12424",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege boundary in, for example, certain web-hosting environments in which a Control Panel allows an unprivileged user account to create subaccounts.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:login:1:4.4-4.1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:login:1:4.4-4.1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2017-08-05T18:23:34+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-57714",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege boundary in, for example, certain web-hosting environments in which a Control Panel allows an unprivileged user account to create subaccounts.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-5482",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libcurl3-gnutls:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:libcurl3-gnutls:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2019-09-12T02:51:17+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-87998",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18312",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:perl-base:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:perl-base:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-11-30T13:59:48+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-73970",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-3822",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:curl:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:1607093a898cc241de8712e4361dcd907898fff35b945adca42db3963f3827b3/sha256__1607093a898cc241de8712e4361dcd907898fff35b945adca42db3963f3827b3.tar.gz",
+ "deb://debian:stretch:curl:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "≥ 7.52.1-5+deb9u9"
+ ],
+ "published": "2019-02-07T22:57:39+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-75087",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2014-0114",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "summary": "Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.",
+ "severity": "High",
+ "vulnerable_component": "gav://commons-beanutils:commons-beanutils:1.8.3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf/sha256__aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.60.3",
+ "gav://commons-beanutils:commons-beanutils:1.8.3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "1.9.4"
+ ],
+ "published": "2017-07-05T21:31:08+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-55616",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to \"manipulate\" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.",
+ "references": [
+ "http://advisories.mageia.org/MGASA-2014-0219.html",
+ "http://commons.apache.org/proper/commons-beanutils/javadocs/v1.9.2/RELEASE-NOTES.txt",
+ "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136958.html",
+ "http://marc.info/?l=bugtraq\u0026m=140119284401582\u0026w=2",
+ "http://marc.info/?l=bugtraq\u0026m=140801096002766\u0026w=2",
+ "http://marc.info/?l=bugtraq\u0026m=141451023707502\u0026w=2",
+ "http://openwall.com/lists/oss-security/2014/06/15/10",
+ "http://openwall.com/lists/oss-security/2014/07/08/1",
+ "http://seclists.org/fulldisclosure/2014/Dec/23",
+ "http://secunia.com/advisories/57477",
+ "http://secunia.com/advisories/58710",
+ "http://secunia.com/advisories/58851",
+ "http://secunia.com/advisories/58947",
+ "http://secunia.com/advisories/59014",
+ "http://secunia.com/advisories/59118",
+ "http://secunia.com/advisories/59228",
+ "http://secunia.com/advisories/59245",
+ "http://secunia.com/advisories/59246",
+ "http://secunia.com/advisories/59430",
+ "http://secunia.com/advisories/59464",
+ "http://secunia.com/advisories/59479",
+ "http://secunia.com/advisories/59480",
+ "http://secunia.com/advisories/59704",
+ "http://secunia.com/advisories/59718",
+ "http://secunia.com/advisories/60177",
+ "http://secunia.com/advisories/60703",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21674128",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21674812",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675266",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675387",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675689",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675898",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21675972",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676091",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676110",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676303",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676375",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21676931",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg21677110",
+ "http://www-01.ibm.com/support/docview.wss?uid=swg27042296",
+ "http://www.debian.org/security/2014/dsa-2940",
+ "http://www.ibm.com/support/docview.wss?uid=swg21675496",
+ "http://www.mandriva.com/security/advisories?name=MDVSA-2014:095",
+ "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
+ "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
+ "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
+ "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
+ "http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded",
+ "http://www.securityfocus.com/bid/67121",
+ "http://www.vmware.com/security/advisories/VMSA-2014-0008.html",
+ "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
+ "https://access.redhat.com/solutions/869353",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1091938",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1116665",
+ "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755",
+ "https://issues.apache.org/jira/browse/BEANUTILS-463",
+ "https://security.gentoo.org/glsa/201607-09"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.6,
+ "cvss3_max_score": 8.1,
+ "summary": "Apache Maven External Repository Validation Failure Arbitrary Code Execution",
+ "severity": "High",
+ "vulnerable_component": "gav://org.apache.maven:maven-settings:3.1.0",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf/sha256__aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.60.3",
+ "gav://org.jenkins-ci.main:maven-plugin:2.14",
+ "gav://org.apache.maven:maven-settings:3.1.0"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "3.8.1"
+ ],
+ "published": "2021-04-14T16:59:26+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-172725",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Maven contains a flaw that is triggered as the program insecurely uses material from an insecure external repository by default. This may allow a remote attacker with control of a repository that is in use, to potentially inject and execute malicious code.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-26291",
+ "http://maven.apache.org/docs/3.8.1/release-notes.html",
+ "http://mail-archives.apache.org/mod_mbox/maven-announce/202104.mbox/%3CMailbird-0918dc43-dc18-4008-b83b-8bc8b1528177%40apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000393",
+ "cvss_v2_score": 9,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:C/I:C/A:C",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9,
+ "cvss3_max_score": 8.8,
+ "summary": "Jenkins 2.73.1 and earlier, 2.83 and earlier users with permission to create or configure agents in Jenkins could configure a launch method called 'Launch agent via execution of command on master'. This allowed them to run arbitrary shell commands on the master node whenever the agent was supposed to be launched. Configuration of this launch method now requires the Run Scripts permission typically only granted to administrators.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.jenkins-ci.main:jenkins-core:2.60.3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf/sha256__aa433a6a56b1bdf8211085ff28d524a0988050e7b10bf24331417ff09c5b72cf.tar.gz",
+ "gav://org.jenkins-ci.main:jenkins-war:2.60.3",
+ "gav://org.jenkins-ci.main:jenkins-core:2.60.3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "2.84",
+ "2.73.2"
+ ],
+ "published": "2018-03-01T20:50:32+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-64100",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Jenkins 2.73.1 and earlier, 2.83 and earlier users with permission to create or configure agents in Jenkins could configure a launch method called 'Launch agent via execution of command on master'. This allowed them to run arbitrary shell commands on the master node whenever the agent was supposed to be launched. Configuration of this launch method now requires the Run Scripts permission typically only granted to administrators.",
+ "references": [
+ "https://jenkins.io/security/advisory/2017-10-11/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-2779",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libsmartcols1:2.29.2-1+deb9u1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libsmartcols1:2.29.2-1+deb9u1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2016-11-28T00:17:10+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-40740",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "runuser in util-linux allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18311",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:perl-base:5.24.1-3+deb9u4",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:perl-base:5.24.1-3+deb9u4"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-11-30T13:56:46+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-73963",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-16839",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libcurl3:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:1607093a898cc241de8712e4361dcd907898fff35b945adca42db3963f3827b3/sha256__1607093a898cc241de8712e4361dcd907898fff35b945adca42db3963f3827b3.tar.gz",
+ "deb://debian:stretch:libcurl3:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-11-02T05:43:09+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-73428",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3177",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libpython2.7-stdlib:2.7.13-2+deb9u2",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:libpython2.7-stdlib:2.7.13-2+deb9u2"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2021-01-21T15:17:47+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-138768",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-6551",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libc6:2.24-11+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6/sha256__55cbf04beb7001d222c71bfdeae780bda19d5cb37b8dbd65ff0d3e6a0b9b74e6.tar.gz",
+ "deb://debian:stretch:libc6:2.24-11+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2018-02-05T01:11:27+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-63998",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The malloc implementation in the GNU C Library (aka glibc or libc6), from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZE_MAX and could return a pointer to a heap region that is smaller than requested, eventually leading to heap corruption.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-3822",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libcurl3:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:1607093a898cc241de8712e4361dcd907898fff35b945adca42db3963f3827b3/sha256__1607093a898cc241de8712e4361dcd907898fff35b945adca42db3963f3827b3.tar.gz",
+ "deb://debian:stretch:libcurl3:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2019-02-07T22:57:39+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-75087",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-1353",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as \"WSL\") while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:git:1:2.11.0-3+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:git:1:2.11.0-3+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "≥ 1:2.11.0-3+deb9u5"
+ ],
+ "published": "2019-12-11T15:15:19+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-92626",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as \"WSL\") while accessing a working directory on a regular Windows drive, none of the NTFS protections were active.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-5481",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libcurl3:7.52.1-5+deb9u6",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:1607093a898cc241de8712e4361dcd907898fff35b945adca42db3963f3827b3/sha256__1607093a898cc241de8712e4361dcd907898fff35b945adca42db3963f3827b3.tar.gz",
+ "deb://debian:stretch:libcurl3:7.52.1-5+deb9u6"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2019-09-12T02:40:46+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-87996",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-3855",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 8.8,
+ "summary": "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libssh2-1:1.7.0-1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:1607093a898cc241de8712e4361dcd907898fff35b945adca42db3963f3827b3/sha256__1607093a898cc241de8712e4361dcd907898fff35b945adca42db3963f3827b3.tar.gz",
+ "deb://debian:stretch:libssh2-1:1.7.0-1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2019-03-18T14:18:29+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-78478",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-17006",
+ "cvss_v2_score": 10,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 10,
+ "cvss3_max_score": 9.8,
+ "summary": "In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libnss3:2:3.26.2-1.1+deb9u1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:0539c80a02be3183761cc42f94a4f9cd5e3bc455f4ac3f4ecaab6d476b7fe330/sha256__0539c80a02be3183761cc42f94a4f9cd5e3bc455f4ac3f4ecaab6d476b7fe330.tar.gz",
+ "deb://debian:stretch:libnss3:2:3.26.2-1.1+deb9u1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2019-12-28T15:26:39+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-93215",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks. In cases where the application calling the library did not perform a sanity check on the inputs it could result in a crash due to a buffer overflow.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-12900",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:bzip2:1.0.6-8.1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:c58988e753d7a34080c68b53f7c27229d8f8fa80b9940c34d5cf77a9a2df10a0/sha256__c58988e753d7a34080c68b53f7c27229d8f8fa80b9940c34d5cf77a9a2df10a0.tar.gz",
+ "deb://debian:stretch:bzip2:1.0.6-8.1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2019-06-20T21:40:18+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-84196",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-14176",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 8.8,
+ "summary": "Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:bzr:2.7.0+bzr6619-7+deb9u1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:bzr:2.7.0+bzr6619-7+deb9u1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [
+ "≥ 2.7.0+bzr6619-7+deb9u1"
+ ],
+ "published": "2017-09-27T04:23:04+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-58683",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-12652",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "libpng before 1.6.32 does not properly check the length of chunks against the user limit.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:libpng16-16:1.6.28-1",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:0539c80a02be3183761cc42f94a4f9cd5e3bc455f4ac3f4ecaab6d476b7fe330/sha256__0539c80a02be3183761cc42f94a4f9cd5e3bc455f4ac3f4ecaab6d476b7fe330.tar.gz",
+ "deb://debian:stretch:libpng16-16:1.6.28-1"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2019-07-11T21:57:00+10:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-84732",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "libpng before 1.6.32 does not properly check the length of chunks against the user limit.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-1349",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 8.8,
+ "summary": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.",
+ "severity": "High",
+ "vulnerable_component": "deb://debian:stretch:git-man:1:2.11.0-3+deb9u3",
+ "impacted_artifact": "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "impact_path": [
+ "docker://library/jenkins:sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159",
+ "generic://sha256:d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8/sha256__d4eee24d4dacb41c21411e0477a741655303cdc48b18a948632c31f0f3a70bb8.tar.gz",
+ "deb://debian:stretch:git-man:1:2.11.0-3+deb9u3"
+ ],
+ "path": "dockerhub-remote/library/jenkins/sha256__0de43cde2c4b864a8e4a84bbd9958e47c5d851319f118203303d040b0a74f159/",
+ "fixed_versions": [],
+ "published": "2019-12-11T15:38:30+11:00",
+ "artifact_scan_time": "2021-01-13T13:18:57+11:00",
+ "issue_id": "XRAY-92638",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-3191",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 9.8,
+ "summary": "CVE-2016-3191 pcre: workspace overflow for (*ACCEPT) with deeply nested parentheses (8.39/13, 10.22/12)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:glib2:0:2.56.1-5.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:glib2:0:2.56.1-5.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2020-07-13T04:18:05+10:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-111036",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "The compile_branch function in pcre_compile.c in PCRE 8.x before 8.39 and pcre2_compile.c in PCRE2 before 10.22 mishandles patterns containing an (*ACCEPT) substring in conjunction with nested parentheses, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-3542.",
+ "references": [],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-3191",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 9.8,
+ "summary": "CVE-2016-3191 pcre: workspace overflow for (*ACCEPT) with deeply nested parentheses (8.39/13, 10.22/12)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:glib2:0:2.56.1-5.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:glib2:0:2.56.1-5.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2020-07-13T04:18:05+10:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-111036",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "The compile_branch function in pcre_compile.c in PCRE 8.x before 8.39 and pcre2_compile.c in PCRE2 before 10.22 mishandles patterns containing an (*ACCEPT) substring in conjunction with nested parentheses, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-3542.",
+ "references": [],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2014-3215",
+ "cvss_v2_score": 6.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C"
+ }
+ ],
+ "cvss2_max_score": 6.9,
+ "summary": "CVE-2014-3215 policycoreutils: local privilege escalation via seunshare",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:libcap-ng:93:0.7.5-4.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:libcap-ng:93:0.7.5-4.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2020-07-13T04:28:36+10:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-112349",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges by leveraging a program that mistakenly expected that it could permanently drop privileges.",
+ "references": [],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2013-7338",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "summary": "Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python:7:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python:7:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2019-11-27T22:47:00+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-92223",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.",
+ "references": [
+ "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
+ "http://www.securityfocus.com/bid/65179",
+ "http://bugs.python.org/issue20078",
+ "http://hg.python.org/cpython/rev/79ea4ce431b1",
+ "https://docs.python.org/3.3/whatsnew/changelog.html",
+ "https://support.apple.com/kb/HT205031",
+ "https://security.gentoo.org/glsa/201503-10",
+ "http://seclists.org/oss-sec/2014/q1/592",
+ "http://seclists.org/oss-sec/2014/q1/595",
+ "http://www.securitytracker.com/id/1029973",
+ "http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-5827",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.8,
+ "summary": "CVE-2019-5827 chromium-browser: out-of-bounds access in SQLite",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:sqlite:0:3.7.17-8.el7_7.1",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:sqlite:0:3.7.17-8.el7_7.1"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2020-07-13T04:04:32+10:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-109517",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
+ "references": [
+ "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary SmileParser::nextToken() Function Smile Header Marker Recursion Handling Stack Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:9fdbe26fe92d22ad5604fafd44d3272fdeaaa0236aa9e80318db4265465572c6/sha256__9fdbe26fe92d22ad5604fafd44d3272fdeaaa0236aa9e80318db4265465572c6.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-04-01T20:39:14+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-160666",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains a flaw in the SmileParser::nextToken() function in smile/src/main/java/com/fasterxml/jackson/dataformat/smile/SmileParser.java that is triggered as recursive function calls are not properly handled when processing a sequence or 4-byte Smile header markers. This may allow a context-dependent attacker to exhaust available stack space and crash a process linked against the library.",
+ "references": [
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/87683e346e732204c769c50166d812eaf62b5ed1",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32665",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/268"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary SmileParser::nextToken() Function Smile Header Marker Recursion Handling Stack Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b/sha256__71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-04-01T20:39:14+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-160666",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains a flaw in the SmileParser::nextToken() function in smile/src/main/java/com/fasterxml/jackson/dataformat/smile/SmileParser.java that is triggered as recursive function calls are not properly handled when processing a sequence or 4-byte Smile header markers. This may allow a context-dependent attacker to exhaust available stack space and crash a process linked against the library.",
+ "references": [
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/87683e346e732204c769c50166d812eaf62b5ed1",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32665",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/268"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2014-3215",
+ "cvss_v2_score": 6.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C"
+ }
+ ],
+ "cvss2_max_score": 6.9,
+ "summary": "CVE-2014-3215 policycoreutils: local privilege escalation via seunshare",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:libcap-ng:0:0.7.5-4.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:libcap-ng:0:0.7.5-4.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2020-07-13T04:28:36+10:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-112349",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it easier for local users to gain privileges by leveraging a program that mistakenly expected that it could permanently drop privileges.",
+ "references": [],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-1000802",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python:7:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python:7:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2019-11-29T04:40:00+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-92291",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.",
+ "references": [
+ "https://bugs.python.org/issue34540",
+ "https://github.com/python/cpython/pull/8985",
+ "https://github.com/python/cpython/pull/8985/commits/add531a1e55b0a739b0f42582f1c9747e5649ace",
+ "https://www.debian.org/security/2018/dsa-4306",
+ "https://mega.nz/#!JUFiCC4R!mq-jQ8ySFwIhX6WMDujaZuNBfttDVt7DETlfOIQE1ig",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
+ "https://usn.ubuntu.com/3817-1/",
+ "https://usn.ubuntu.com/3817-2/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 8.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 8.5,
+ "cvss3_max_score": 8.2,
+ "summary": "FasterXML jackson-databind ext/DOMDeserializer.java DOMDeserializer Class XML External Entity (XXE) Expansion Remote Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:9fdbe26fe92d22ad5604fafd44d3272fdeaaa0236aa9e80318db4265465572c6/sha256__9fdbe26fe92d22ad5604fafd44d3272fdeaaa0236aa9e80318db4265465572c6.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2020-10-15T22:39:55+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-126663",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains an XXE (Xml eXternal Entity) expansion flaw in the DOMDeserializer class in ext/DOMDeserializer.java that is triggered during the parsing of XML data. The issue is due to an incorrectly configured XML parser accepting XML external entities from an untrusted source. By sending specially crafted XML data, a remote attacker can potentially consume excessive system resources or disclose sensitive information.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-25649",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1887664",
+ "https://github.com/FasterXML/jackson-databind/issues/2589",
+ "https://github.com/FasterXML/jackson-databind/commit/e588f0af61b18576779ffb95a2a689a5eb1f9d15",
+ "https://github.com/FasterXML/jackson-databind/blob/jackson-databind-2.11.0/release-notes/VERSION-2.x",
+ "https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 8.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:C",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 8.5,
+ "cvss3_max_score": 8.2,
+ "summary": "FasterXML jackson-databind ext/DOMDeserializer.java DOMDeserializer Class XML External Entity (XXE) Expansion Remote Issue",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.core:jackson-databind:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b/sha256__71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b.tar.gz",
+ "gav://com.fasterxml.jackson.core:jackson-databind:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2020-10-15T22:39:55+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-126663",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-databind contains an XXE (Xml eXternal Entity) expansion flaw in the DOMDeserializer class in ext/DOMDeserializer.java that is triggered during the parsing of XML data. The issue is due to an incorrectly configured XML parser accepting XML external entities from an untrusted source. By sending specially crafted XML data, a remote attacker can potentially consume excessive system resources or disclose sensitive information.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-25649",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1887664",
+ "https://github.com/FasterXML/jackson-databind/issues/2589",
+ "https://github.com/FasterXML/jackson-databind/commit/e588f0af61b18576779ffb95a2a689a5eb1f9d15",
+ "https://github.com/FasterXML/jackson-databind/blob/jackson-databind-2.11.0/release-notes/VERSION-2.x",
+ "https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary smile/SmileParser.java Raw Binary Data Payload Handling Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:9fdbe26fe92d22ad5604fafd44d3272fdeaaa0236aa9e80318db4265465572c6/sha256__9fdbe26fe92d22ad5604fafd44d3272fdeaaa0236aa9e80318db4265465572c6.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-05-05T20:06:23+10:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-174966",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains a flaw in smile/SmileParser.java that is triggered as memory is improperly allocated when handling raw binary data payloads. This may allow a context-dependent attacker to exhaust available memory resources and potentially crash a process linked against the library.",
+ "references": [
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32180",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/260",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/57400266ce8af0105ed79fb576ac0c9cfe89e37b"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary smile/SmileParser.java Raw Binary Data Payload Handling Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b/sha256__71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-05-05T20:06:23+10:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-174966",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains a flaw in smile/SmileParser.java that is triggered as memory is improperly allocated when handling raw binary data payloads. This may allow a context-dependent attacker to exhaust available memory resources and potentially crash a process linked against the library.",
+ "references": [
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32180",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/260",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/57400266ce8af0105ed79fb576ac0c9cfe89e37b"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2013-7338",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "summary": "Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-libs:0:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:python-libs:0:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2019-11-27T22:47:00+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-92223",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.",
+ "references": [
+ "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
+ "http://www.securityfocus.com/bid/65179",
+ "http://bugs.python.org/issue20078",
+ "http://hg.python.org/cpython/rev/79ea4ce431b1",
+ "https://docs.python.org/3.3/whatsnew/changelog.html",
+ "https://support.apple.com/kb/HT205031",
+ "https://security.gentoo.org/glsa/201503-10",
+ "http://seclists.org/oss-sec/2014/q1/592",
+ "http://seclists.org/oss-sec/2014/q1/595",
+ "http://www.securitytracker.com/id/1029973",
+ "http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8492",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 6.5,
+ "summary": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-libs:1:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python-libs:1:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2020-02-07T18:07:12+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-94468",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
+ "references": [
+ "https://security.netapp.com/advisory/ntap-20200221-0001/",
+ "https://bugs.python.org/issue39503",
+ "https://github.com/python/cpython/pull/18284",
+ "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2013-7338",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "summary": "Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python:0:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:python:0:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2019-11-27T22:47:00+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-92223",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.",
+ "references": [
+ "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
+ "http://www.securityfocus.com/bid/65179",
+ "http://bugs.python.org/issue20078",
+ "http://hg.python.org/cpython/rev/79ea4ce431b1",
+ "https://docs.python.org/3.3/whatsnew/changelog.html",
+ "https://support.apple.com/kb/HT205031",
+ "https://security.gentoo.org/glsa/201503-10",
+ "http://seclists.org/oss-sec/2014/q1/592",
+ "http://seclists.org/oss-sec/2014/q1/595",
+ "http://www.securitytracker.com/id/1029973",
+ "http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12049",
+ "cvss_v2_score": 4.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.9,
+ "cvss3_max_score": 6.5,
+ "summary": "RHSA-2020:2894: dbus security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:dbus-libs:0:1.10.24-14.el7_8",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:dbus-libs:0:1.10.24-14.el7_8"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [
+ "≥ 1:1.10.24-14.el7_8"
+ ],
+ "published": "2020-08-25T19:35:04+10:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-119766",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility.Security Fix(es):* dbus: denial of service via file descriptor leak (CVE-2020-12049)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2020:2894",
+ "https://access.redhat.com/security/cve/CVE-2020-12049"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformat-cbor CBORParser.java CBORParser::_finishBytes() Function Object Field Name Parsing Memory Allocation Exception DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:9fdbe26fe92d22ad5604fafd44d3272fdeaaa0236aa9e80318db4265465572c6/sha256__9fdbe26fe92d22ad5604fafd44d3272fdeaaa0236aa9e80318db4265465572c6.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2021-02-04T03:34:19+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-139421",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformat-cbor contains a flaw in the CBORParser::_finishBytes() function in CBORParser.java that is triggered as certain input is not properly validated when allocating memory for object field names. This may allow a context-dependent attacker to cause an out-of-memory exception, potentially resulting in a denial of service.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-28491",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/de072d314af8f5f269c8abec6930652af67bc8e6",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/186"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformat-cbor CBORParser.java CBORParser::_finishBytes() Function Object Field Name Parsing Memory Allocation Exception DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b/sha256__71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2021-02-04T03:34:19+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-139421",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformat-cbor contains a flaw in the CBORParser::_finishBytes() function in CBORParser.java that is triggered as certain input is not properly validated when allocating memory for object field names. This may allow a context-dependent attacker to cause an out-of-memory exception, potentially resulting in a denial of service.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-28491",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/de072d314af8f5f269c8abec6930652af67bc8e6",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/186"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-1971",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "RHSA-2020:5623: openssl security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:openssl-libs:1:1.0.2k-19.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:openssl-libs:1:1.0.2k-19.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [
+ "≥ 1:1.0.2k-20.el7_7"
+ ],
+ "published": "2020-12-29T08:27:23+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-137500",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.Security Fix(es):* openssl: EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-1971",
+ "https://access.redhat.com/errata/RHSA-2020:5623"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8492",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 6.5,
+ "summary": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python:0:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:python:0:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2020-02-07T18:07:12+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-94468",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
+ "references": [
+ "https://security.netapp.com/advisory/ntap-20200221-0001/",
+ "https://bugs.python.org/issue39503",
+ "https://github.com/python/cpython/pull/18284",
+ "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2015-8385",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "summary": "CVE-2015-8385 pcre: buffer overflow caused by named forward reference to duplicate group number (8.38/30)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:glib2:0:2.56.1-5.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:glib2:0:2.56.1-5.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2020-07-13T04:19:05+10:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-111224",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "PCRE before 8.38 mishandles the /(?|(\\k'Pm')|(?'Pm'))/ pattern and related patterns with certain forward references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.",
+ "references": [],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2015-8385",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "summary": "CVE-2015-8385 pcre: buffer overflow caused by named forward reference to duplicate group number (8.38/30)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:glib2:0:2.56.1-5.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:glib2:0:2.56.1-5.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2020-07-13T04:19:05+10:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-111224",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "PCRE before 8.38 mishandles the /(?|(\\k'Pm')|(?'Pm'))/ pattern and related patterns with certain forward references, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.",
+ "references": [],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-1000802",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python:0:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:python:0:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2019-11-29T04:40:00+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-92291",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.",
+ "references": [
+ "https://bugs.python.org/issue34540",
+ "https://github.com/python/cpython/pull/8985",
+ "https://github.com/python/cpython/pull/8985/commits/add531a1e55b0a739b0f42582f1c9747e5649ace",
+ "https://www.debian.org/security/2018/dsa-4306",
+ "https://mega.nz/#!JUFiCC4R!mq-jQ8ySFwIhX6WMDujaZuNBfttDVt7DETlfOIQE1ig",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
+ "https://usn.ubuntu.com/3817-1/",
+ "https://usn.ubuntu.com/3817-2/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2013-7338",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "summary": "Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-libs:1:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python-libs:1:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2019-11-27T22:47:00+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-92223",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5) ZipFile.extractall function.",
+ "references": [
+ "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
+ "http://www.securityfocus.com/bid/65179",
+ "http://bugs.python.org/issue20078",
+ "http://hg.python.org/cpython/rev/79ea4ce431b1",
+ "https://docs.python.org/3.3/whatsnew/changelog.html",
+ "https://support.apple.com/kb/HT205031",
+ "https://security.gentoo.org/glsa/201503-10",
+ "http://seclists.org/oss-sec/2014/q1/592",
+ "http://seclists.org/oss-sec/2014/q1/595",
+ "http://www.securitytracker.com/id/1029973",
+ "http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000158",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-libs:1:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python-libs:1:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2019-11-27T03:47:03+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-92046",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)",
+ "references": [
+ "https://www.debian.org/security/2018/dsa-4307",
+ "https://security.gentoo.org/glsa/201805-02",
+ "https://bugs.python.org/issue30657",
+ "https://lists.debian.org/debian-lts-announce/2017/11/msg00035.html",
+ "https://lists.debian.org/debian-lts-announce/2017/11/msg00036.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
+ "http://www.securitytracker.com/id/1039890"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary cbor/CBORParser.java CBORParser::_finishTextToken() Function Integer Overflow Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:9fdbe26fe92d22ad5604fafd44d3272fdeaaa0236aa9e80318db4265465572c6/sha256__9fdbe26fe92d22ad5604fafd44d3272fdeaaa0236aa9e80318db4265465572c6.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-05-05T20:06:23+10:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-174965",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains an integer overflow condition in the CBORParser::_finishTextToken() function in cbor/CBORParser.java that is triggered as certain input is not properly validated. This may allow a context-dependent attacker to exhaust available memory resources, potentially resulting in a denial of service.",
+ "references": [
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32173",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/259",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/f20cf23f35dd86427d0ef160d4c07c60d9ca7dcd"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary cbor/CBORParser.java CBORParser::_finishTextToken() Function Integer Overflow Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b/sha256__71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-05-05T20:06:23+10:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-174965",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains an integer overflow condition in the CBORParser::_finishTextToken() function in cbor/CBORParser.java that is triggered as certain input is not properly validated. This may allow a context-dependent attacker to exhaust available memory resources, potentially resulting in a denial of service.",
+ "references": [
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32173",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/259",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/f20cf23f35dd86427d0ef160d4c07c60d9ca7dcd"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8492",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 6.5,
+ "summary": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-libs:0:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:python-libs:0:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2020-02-07T18:07:12+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-94468",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
+ "references": [
+ "https://security.netapp.com/advisory/ntap-20200221-0001/",
+ "https://bugs.python.org/issue39503",
+ "https://github.com/python/cpython/pull/18284",
+ "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-1971",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference (important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:openssl-libs:16:1.0.2k-19.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:openssl-libs:16:1.0.2k-19.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:26+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-133959",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A null pointer dereference flaw was found in openssl. A remote attacker, able to control the arguments of the GENERAL_NAME_cmp function, could cause the application, compiled with openssl to crash resulting in a denial of service. The highest threat from this vulnerability is to system availability. STATEMENT: This is a flaw in the GENERAL_NAME_cmp function of openssl which can be triggered when both its arguments are of the same type i.e. EDIPARTYNAME. 1. Red Hat does not ship any applications compiled with openssl, which used the above function in a vulnerable way.2. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes, when comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate and when verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token). If an attacker can control both items being compared then that attacker could trigger a crash. For example, if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then a crash may be triggered.Third party applications compiled with openssl using the function GENERAL_NAME_cmp in a vulnerable way are affected by this flaw.GENERAL_NAME_cmp was added in 0.9.8k, therefore older versions of openssl are not affected by this flaw. MITIGATION: Applications not using the GENERAL_NAME_cmp of openssl are not vulnerable to this flaw. Even when this function is used, if the attacker can control both the arguments of this function, only then the attacker could trigger a crash.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-1971"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.5,
+ "summary": "Netty AbstractDiskHttpData.delete() Function POST Request Handling File Deletion Memory Exhaustion Remote DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://io.netty:netty-codec-http:4.1.49.Final",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:9fdbe26fe92d22ad5604fafd44d3272fdeaaa0236aa9e80318db4265465572c6/sha256__9fdbe26fe92d22ad5604fafd44d3272fdeaaa0236aa9e80318db4265465572c6.tar.gz",
+ "gav://io.netty:netty-codec-http:4.1.49.Final"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [
+ "4.1.53.Final"
+ ],
+ "published": "2020-10-28T01:16:36+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-127557",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Netty contains a flaw in the AbstractDiskHttpData.delete() function in handler/codec/http/multipart/AbstractDiskHttpData.java that is triggered as temporary file entries are added to the 'DeleteOnExitHook' object but not properly removed when processing POST requests that are 16 kB. This may allow a remote attacker to exhaust available memory resources, potentially resulting in a denial of service.",
+ "references": [
+ "https://github.com/netty/netty/pull/10560",
+ "https://github.com/netty/netty/issues/10351",
+ "https://github.com/netty/netty/commit/95ce1b95ea5679f826cdefcbaabb3b7c2d596100"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.5,
+ "summary": "Netty AbstractDiskHttpData.delete() Function POST Request Handling File Deletion Memory Exhaustion Remote DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://io.netty:netty-codec-http:4.1.49.Final",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:9fdbe26fe92d22ad5604fafd44d3272fdeaaa0236aa9e80318db4265465572c6/sha256__9fdbe26fe92d22ad5604fafd44d3272fdeaaa0236aa9e80318db4265465572c6.tar.gz",
+ "gav://io.netty:netty-codec-http:4.1.49.Final"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [
+ "4.1.53.Final"
+ ],
+ "published": "2020-10-28T01:16:36+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-127557",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Netty contains a flaw in the AbstractDiskHttpData.delete() function in handler/codec/http/multipart/AbstractDiskHttpData.java that is triggered as temporary file entries are added to the 'DeleteOnExitHook' object but not properly removed when processing POST requests that are 16 kB. This may allow a remote attacker to exhaust available memory resources, potentially resulting in a denial of service.",
+ "references": [
+ "https://github.com/netty/netty/pull/10560",
+ "https://github.com/netty/netty/issues/10351",
+ "https://github.com/netty/netty/commit/95ce1b95ea5679f826cdefcbaabb3b7c2d596100"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.5,
+ "summary": "Netty AbstractDiskHttpData.delete() Function POST Request Handling File Deletion Memory Exhaustion Remote DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://io.netty:netty-codec-http:4.1.49.Final",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b/sha256__71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b.tar.gz",
+ "gav://io.netty:netty-codec-http:4.1.49.Final"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [
+ "4.1.53.Final"
+ ],
+ "published": "2020-10-28T01:16:36+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-127557",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Netty contains a flaw in the AbstractDiskHttpData.delete() function in handler/codec/http/multipart/AbstractDiskHttpData.java that is triggered as temporary file entries are added to the 'DeleteOnExitHook' object but not properly removed when processing POST requests that are 16 kB. This may allow a remote attacker to exhaust available memory resources, potentially resulting in a denial of service.",
+ "references": [
+ "https://github.com/netty/netty/pull/10560",
+ "https://github.com/netty/netty/issues/10351",
+ "https://github.com/netty/netty/commit/95ce1b95ea5679f826cdefcbaabb3b7c2d596100"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-1000802",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-libs:0:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:python-libs:0:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2019-11-29T04:40:00+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-92291",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.",
+ "references": [
+ "https://bugs.python.org/issue34540",
+ "https://github.com/python/cpython/pull/8985",
+ "https://github.com/python/cpython/pull/8985/commits/add531a1e55b0a739b0f42582f1c9747e5649ace",
+ "https://www.debian.org/security/2018/dsa-4306",
+ "https://mega.nz/#!JUFiCC4R!mq-jQ8ySFwIhX6WMDujaZuNBfttDVt7DETlfOIQE1ig",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
+ "https://usn.ubuntu.com/3817-1/",
+ "https://usn.ubuntu.com/3817-2/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-9547",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-9546",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-7943",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2020-7238",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
+ },
+ {
+ "cve": "CVE-2020-5216",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 5.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N"
+ },
+ {
+ "cve": "CVE-2019-16782",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2019-12781",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2020-14380"
+ },
+ {
+ "cve": "CVE-2018-3258",
+ "cvss_v2_score": 6.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2018-11751",
+ "cvss_v2_score": 4.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:A/AC:L/Au:N/C:N/I:P/A:P",
+ "cvss_v3_score": 5.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"
+ },
+ {
+ "cve": "CVE-2020-10969",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-10968",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-9548",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-8161",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2020-5267",
+ "cvss_v2_score": 3.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:S/C:N/I:P/A:N",
+ "cvss_v3_score": 4.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"
+ },
+ {
+ "cve": "CVE-2020-14195",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-11619",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-8840",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-7942",
+ "cvss_v2_score": 4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:N/A:N",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2020-5217",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 5.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N"
+ },
+ {
+ "cve": "CVE-2020-14061",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-14062",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-10693",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
+ },
+ {
+ "cve": "CVE-2020-8184",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
+ },
+ {
+ "cve": "CVE-2020-7663",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ },
+ {
+ "cve": "CVE-2020-14334",
+ "cvss_v2_score": 4.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Red Hat Security Advisory: Satellite 6.8 release",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-pycurl:0:7.19.0-19.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:python-pycurl:0:7.19.0-19.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2020-10-28T15:35:59+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-127577",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "An update is now available for Red Hat Satellite 6.8 for RHEL 7.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.Red Hat Satellite is a systems management tool for Linux-basedinfrastructure. It allows for provisioning, remote management, andmonitoring of multiple Linux deployments with a single centralized tool.Security Fix(es):* mysql-connector-java: Connector/J unspecified vulnerability (CPU October 2018) (CVE-2018-3258)* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)* rubygem-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser (CVE-2020-7663)* puppet: puppet server and puppetDB may leak sensitive information via metrics API (CVE-2020-7943)* jackson-databind: multiple serialization gadgets (CVE-2020-8840 CVE-2020-9546 CVE-2020-9547 CVE-2020-9548 CVE-2020-10968 CVE-2020-10969 CVE-2020-11619 CVE-2020-14061 CVE-2020-14062 CVE-2020-14195)* foreman: unauthorized cache read on RPM-based installations through local user (CVE-2020-14334)* Satellite: Local user impersonation by Single sign-on (SSO) user leads to account takeover (CVE-2020-14380)* Django: Incorrect HTTP detection with reverse-proxy connecting via HTTPS (CVE-2019-12781)* rubygem-rack: hijack sessions by using timing attacks targeting the session id (CVE-2019-16782)* rubygem-secure_headers: limited header injection when using dynamic overrides with user input (CVE-2020-5216)* rubygem-secure_headers: directive injection when using dynamic overrides with user input (CVE-2020-5217)* rubygem-actionview: views that use the `j` or `escape_javascript` methods are susceptible to XSS attacks (CVE-2020-5267)* puppet: Arbitrary catalog retrieval (CVE-2020-7942)* rubygem-rack: directory traversal in Rack::Directory (CVE-2020-8161)* rubygem-rack: percent-encoded cookies can be used to",
+ "references": [
+ "https://access.redhat.com/security/updates/classification/#important",
+ "https://access.redhat.com/errata/RHSA-2020:4366"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-1000802",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-libs:1:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python-libs:1:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2019-11-29T04:40:00+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-92291",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. This attack appear to be exploitable via Passage of unfiltered user input to the function. This vulnerability appears to have been fixed in after commit add531a1e55b0a739b0f42582f1c9747e5649ace.",
+ "references": [
+ "https://bugs.python.org/issue34540",
+ "https://github.com/python/cpython/pull/8985",
+ "https://github.com/python/cpython/pull/8985/commits/add531a1e55b0a739b0f42582f1c9747e5649ace",
+ "https://www.debian.org/security/2018/dsa-4306",
+ "https://mega.nz/#!JUFiCC4R!mq-jQ8ySFwIhX6WMDujaZuNBfttDVt7DETlfOIQE1ig",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
+ "https://usn.ubuntu.com/3817-1/",
+ "https://usn.ubuntu.com/3817-2/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12049",
+ "cvss_v2_score": 4.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.9,
+ "cvss3_max_score": 5.5,
+ "summary": "Red Hat Security Advisory: dbus security update",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:dbus:0:1.10.24-14.el7_8",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:dbus:0:1.10.24-14.el7_8"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2020-07-14T14:04:08+10:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-113084",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "An update for dbus is now available for Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility.Security Fix(es):* dbus: denial of service via file descriptor leak (CVE-2020-12049)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2020:2894",
+ "https://access.redhat.com/security/updates/classification/#important"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-1971",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference (important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:openssl-libs:1:1.0.2k-19.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:openssl-libs:1:1.0.2k-19.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:26+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-133959",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A null pointer dereference flaw was found in openssl. A remote attacker, able to control the arguments of the GENERAL_NAME_cmp function, could cause the application, compiled with openssl to crash resulting in a denial of service. The highest threat from this vulnerability is to system availability. STATEMENT: This is a flaw in the GENERAL_NAME_cmp function of openssl which can be triggered when both its arguments are of the same type i.e. EDIPARTYNAME. 1. Red Hat does not ship any applications compiled with openssl, which used the above function in a vulnerable way.2. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes, when comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate and when verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token). If an attacker can control both items being compared then that attacker could trigger a crash. For example, if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then a crash may be triggered.Third party applications compiled with openssl using the function GENERAL_NAME_cmp in a vulnerable way are affected by this flaw.GENERAL_NAME_cmp was added in 0.9.8k, therefore older versions of openssl are not affected by this flaw. MITIGATION: Applications not using the GENERAL_NAME_cmp of openssl are not vulnerable to this flaw. Even when this function is used, if the attacker can control both the arguments of this function, only then the attacker could trigger a crash.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-1971"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-9547",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-9546",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-7943",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2020-7238",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
+ },
+ {
+ "cve": "CVE-2020-5216",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 5.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N"
+ },
+ {
+ "cve": "CVE-2019-16782",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2019-12781",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2020-14380"
+ },
+ {
+ "cve": "CVE-2018-3258",
+ "cvss_v2_score": 6.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2018-11751",
+ "cvss_v2_score": 4.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:A/AC:L/Au:N/C:N/I:P/A:P",
+ "cvss_v3_score": 5.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"
+ },
+ {
+ "cve": "CVE-2020-10969",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-10968",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-9548",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-8161",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2020-5267",
+ "cvss_v2_score": 3.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:S/C:N/I:P/A:N",
+ "cvss_v3_score": 4.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"
+ },
+ {
+ "cve": "CVE-2020-14195",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-11619",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-8840",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-7942",
+ "cvss_v2_score": 4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:N/A:N",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2020-5217",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 5.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N"
+ },
+ {
+ "cve": "CVE-2020-14061",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-14062",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ },
+ {
+ "cve": "CVE-2020-10693",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
+ },
+ {
+ "cve": "CVE-2020-8184",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
+ },
+ {
+ "cve": "CVE-2020-7663",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ },
+ {
+ "cve": "CVE-2020-14334",
+ "cvss_v2_score": 4.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Red Hat Security Advisory: Satellite 6.8 release",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-chardet:0:2.2.1-3.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:python-chardet:0:2.2.1-3.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2020-10-28T15:35:59+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-127577",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "An update is now available for Red Hat Satellite 6.8 for RHEL 7.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.Red Hat Satellite is a systems management tool for Linux-basedinfrastructure. It allows for provisioning, remote management, andmonitoring of multiple Linux deployments with a single centralized tool.Security Fix(es):* mysql-connector-java: Connector/J unspecified vulnerability (CPU October 2018) (CVE-2018-3258)* netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling (CVE-2020-7238)* rubygem-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser (CVE-2020-7663)* puppet: puppet server and puppetDB may leak sensitive information via metrics API (CVE-2020-7943)* jackson-databind: multiple serialization gadgets (CVE-2020-8840 CVE-2020-9546 CVE-2020-9547 CVE-2020-9548 CVE-2020-10968 CVE-2020-10969 CVE-2020-11619 CVE-2020-14061 CVE-2020-14062 CVE-2020-14195)* foreman: unauthorized cache read on RPM-based installations through local user (CVE-2020-14334)* Satellite: Local user impersonation by Single sign-on (SSO) user leads to account takeover (CVE-2020-14380)* Django: Incorrect HTTP detection with reverse-proxy connecting via HTTPS (CVE-2019-12781)* rubygem-rack: hijack sessions by using timing attacks targeting the session id (CVE-2019-16782)* rubygem-secure_headers: limited header injection when using dynamic overrides with user input (CVE-2020-5216)* rubygem-secure_headers: directive injection when using dynamic overrides with user input (CVE-2020-5217)* rubygem-actionview: views that use the `j` or `escape_javascript` methods are susceptible to XSS attacks (CVE-2020-5267)* puppet: Arbitrary catalog retrieval (CVE-2020-7942)* rubygem-rack: directory traversal in Rack::Directory (CVE-2020-8161)* rubygem-rack: percent-encoded cookies can be used to",
+ "references": [
+ "https://access.redhat.com/security/updates/classification/#important",
+ "https://access.redhat.com/errata/RHSA-2020:4366"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-1971",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "RHSA-2020:5566: openssl security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:openssl-libs:1:1.0.2k-19.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:openssl-libs:1:1.0.2k-19.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [
+ "≥ 1:1.0.2k-21.el7_9"
+ ],
+ "published": "2020-12-29T07:09:45+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-137484",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.Security Fix(es):* openssl: EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-1971",
+ "https://access.redhat.com/errata/RHSA-2020:5566"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12049",
+ "cvss_v2_score": 4.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.9,
+ "cvss3_max_score": 6.5,
+ "summary": "RHSA-2020:2894: dbus security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:dbus:0:1.10.24-14.el7_8",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:dbus:0:1.10.24-14.el7_8"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [
+ "≥ 1:1.10.24-14.el7_8"
+ ],
+ "published": "2020-08-25T19:35:04+10:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-119766",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "D-Bus is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messaging facility.Security Fix(es):* dbus: denial of service via file descriptor leak (CVE-2020-12049)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2020:2894",
+ "https://access.redhat.com/security/cve/CVE-2020-12049"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "json-smart minidev/json/parser/JSONParserBase.java JSONParserBase::extractFloat() Function Improper Exception Handling DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://net.minidev:json-smart:2.3",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:9fdbe26fe92d22ad5604fafd44d3272fdeaaa0236aa9e80318db4265465572c6/sha256__9fdbe26fe92d22ad5604fafd44d3272fdeaaa0236aa9e80318db4265465572c6.tar.gz",
+ "gav://net.minidev:json-smart:2.3"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2021-02-24T20:04:52+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-141174",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "json-smart contains a flaw in the JSONParserBase::extractFloat() function in minidev/json/parser/JSONParserBase.java that is triggered as a NumberFormatException exception is not properly handled when parsing specially crafted float number values. This may allow a context-dependent attacker to crash a process using the library.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-27568",
+ "https://github.com/netplex/json-smart-v1/issues/7",
+ "https://github.com/netplex/json-smart-v2/issues/60"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "json-smart minidev/json/parser/JSONParserBase.java JSONParserBase::extractFloat() Function Improper Exception Handling DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://net.minidev:json-smart:2.3",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b/sha256__71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b.tar.gz",
+ "gav://net.minidev:json-smart:2.3"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2021-02-24T20:04:52+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-141174",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "json-smart contains a flaw in the JSONParserBase::extractFloat() function in minidev/json/parser/JSONParserBase.java that is triggered as a NumberFormatException exception is not properly handled when parsing specially crafted float number values. This may allow a context-dependent attacker to crash a process using the library.",
+ "references": [
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-27568",
+ "https://github.com/netplex/json-smart-v1/issues/7",
+ "https://github.com/netplex/json-smart-v2/issues/60"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000158",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python:7:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python:7:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2019-11-27T03:47:03+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-92046",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)",
+ "references": [
+ "https://www.debian.org/security/2018/dsa-4307",
+ "https://security.gentoo.org/glsa/201805-02",
+ "https://bugs.python.org/issue30657",
+ "https://lists.debian.org/debian-lts-announce/2017/11/msg00035.html",
+ "https://lists.debian.org/debian-lts-announce/2017/11/msg00036.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
+ "http://www.securitytracker.com/id/1039890"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000158",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-libs:0:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:python-libs:0:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2019-11-27T03:47:03+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-92046",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)",
+ "references": [
+ "https://www.debian.org/security/2018/dsa-4307",
+ "https://security.gentoo.org/glsa/201805-02",
+ "https://bugs.python.org/issue30657",
+ "https://lists.debian.org/debian-lts-announce/2017/11/msg00035.html",
+ "https://lists.debian.org/debian-lts-announce/2017/11/msg00036.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
+ "http://www.securitytracker.com/id/1039890"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8492",
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 6.5,
+ "summary": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python:7:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:python:7:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2020-02-07T18:07:12+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-94468",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.",
+ "references": [
+ "https://security.netapp.com/advisory/ntap-20200221-0001/",
+ "https://bugs.python.org/issue39503",
+ "https://github.com/python/cpython/pull/18284",
+ "https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27219",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss3_max_score": 9.8,
+ "summary": "CVE-2021-27219 glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:glib2:0:2.56.1-5.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:glib2:0:2.56.1-5.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2021-03-17T00:26:15+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-146608",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: An integer wraparound was discovered in glib due to passing a 64 bits size value to function g_memdup() which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application linked against glib library uses g_bytes_new() function or possibly other functions that use g_memdup() underneath and accept a 64 bits argument as size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. STATEMENT: Applications that just use GBytes to access the data are affected by this flaw but the highest threat is to data confidentiality and/or the application availability, due to possible out-of-bounds reads. However, if the data in GBytes is taken through functions such as g_bytes_unref_to_data or g_bytes_unref_to_array it might be possible to have out-of-bounds writes due to the wrongly reported size of the buffer.Applications that use g_memdup to duplicate memory with user-controlled sizes should pay extra attention to the fact that g_memdup accepts a guint size instead of gsize. Thus directly passing a gsize value to g_memdup may results in integer truncation, allocating a buffer smaller than expected.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2021-27219"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27219",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss3_max_score": 9.8,
+ "summary": "CVE-2021-27219 glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits (important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:glib2:0:2.56.1-5.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:glib2:0:2.56.1-5.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2021-03-17T00:26:15+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-146608",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: An integer wraparound was discovered in glib due to passing a 64 bits size value to function g_memdup() which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application linked against glib library uses g_bytes_new() function or possibly other functions that use g_memdup() underneath and accept a 64 bits argument as size. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. STATEMENT: Applications that just use GBytes to access the data are affected by this flaw but the highest threat is to data confidentiality and/or the application availability, due to possible out-of-bounds reads. However, if the data in GBytes is taken through functions such as g_bytes_unref_to_data or g_bytes_unref_to_array it might be possible to have out-of-bounds writes due to the wrongly reported size of the buffer.Applications that use g_memdup to duplicate memory with user-controlled sizes should pay extra attention to the fact that g_memdup accepts a guint size instead of gsize. Thus directly passing a gsize value to g_memdup may results in integer truncation, allocating a buffer smaller than expected.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2021-27219"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10716"
+ },
+ {
+ "cve": "CVE-2019-12086",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2019-10086",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ },
+ {
+ "cve": "CVE-2019-0231",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2017-17718",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 7.5,
+ "summary": "Red Hat Security Advisory: Satellite 6.7 release.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-pycurl:0:7.19.0-19.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:python-pycurl:0:7.19.0-19.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2020-04-15T14:48:02+10:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-96265",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "An update is now available for Red Hat Satellite 6.7 for RHEL 7.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool.Security Fix(es):* apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086)* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)* mina-core: Retaining an open socket in close_notify SSL-TLS leading to Information disclosure (CVE-2019-0231)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Additional Changes:* Ansible Runner is now the default way to utilize Ansible for remote execution jobs.* Users now have the ability to log into hosts using the Web Console directly from the Satellite UI.* Azure has been added to the list of supported compute resources for provisioning along with many bug fixes for Google Compute, RHEV, VMWare, and Kubevirt.* Content views have been improved with many bug fixes, performance improvement, and the addition of filtering on modules.* Content syncing has been improved with many fixes, and the ability to add proxy definitions to each product in Satellite.* The installation process has been improved to include better tuning defaults and several other bug fixes. * Subscription Management has been improved with many bug fixes in Satellite, new reporting, as well as in the inventory upload plugin which allows customers to view their inventory in Subscription Watch at cloud.redhat.com* Security improvements ",
+ "references": [
+ "https://access.redhat.com/security/updates/classification/#important",
+ "https://access.redhat.com/errata/RHSA-2020:1454"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10716"
+ },
+ {
+ "cve": "CVE-2019-12086",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2019-10086",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ },
+ {
+ "cve": "CVE-2019-0231",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2017-17718",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 7.5,
+ "summary": "Red Hat Security Advisory: Satellite 6.7 release.",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python-chardet:0:2.2.1-3.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:python-chardet:0:2.2.1-3.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2020-04-15T14:48:02+10:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-96265",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "An update is now available for Red Hat Satellite 6.7 for RHEL 7.Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool.Security Fix(es):* apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default (CVE-2019-10086)* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server (CVE-2019-12086)* mina-core: Retaining an open socket in close_notify SSL-TLS leading to Information disclosure (CVE-2019-0231)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Additional Changes:* Ansible Runner is now the default way to utilize Ansible for remote execution jobs.* Users now have the ability to log into hosts using the Web Console directly from the Satellite UI.* Azure has been added to the list of supported compute resources for provisioning along with many bug fixes for Google Compute, RHEV, VMWare, and Kubevirt.* Content views have been improved with many bug fixes, performance improvement, and the addition of filtering on modules.* Content syncing has been improved with many fixes, and the ability to add proxy definitions to each product in Satellite.* The installation process has been improved to include better tuning defaults and several other bug fixes. * Subscription Management has been improved with many bug fixes in Satellite, new reporting, as well as in the inventory upload plugin which allows customers to view their inventory in Subscription Watch at cloud.redhat.com* Security improvements ",
+ "references": [
+ "https://access.redhat.com/security/updates/classification/#important",
+ "https://access.redhat.com/errata/RHSA-2020:1454"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary smile/SmileParser.java 7-bit Encoded Binary Data Payload Handling Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b/sha256__71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-05-05T20:06:23+10:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-174967",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains a flaw in smile/SmileParser.java that is triggered as memory is improperly allocated when handling 7-bit encoded binary data payloads. This may allow a context-dependent attacker to exhaust available memory resources and potentially crash a process linked against the library.",
+ "references": [
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/01b883505389ba693b430da6ccbbc77fb380c462",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/265",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/7229150e6297ad7f33fdce709447160748feec9d"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 7.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.1,
+ "cvss3_max_score": 7.5,
+ "summary": "FasterXML jackson-dataformats-binary smile/SmileParser.java 7-bit Encoded Binary Data Payload Handling Memory Exhaustion DoS",
+ "severity": "High",
+ "vulnerable_component": "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:9fdbe26fe92d22ad5604fafd44d3272fdeaaa0236aa9e80318db4265465572c6/sha256__9fdbe26fe92d22ad5604fafd44d3272fdeaaa0236aa9e80318db4265465572c6.tar.gz",
+ "gav://com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.10.4"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [
+ "2.12.3"
+ ],
+ "published": "2021-05-05T20:06:23+10:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-174967",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "FasterXML jackson-dataformats-binary contains a flaw in smile/SmileParser.java that is triggered as memory is improperly allocated when handling 7-bit encoded binary data payloads. This may allow a context-dependent attacker to exhaust available memory resources and potentially crash a process linked against the library.",
+ "references": [
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/01b883505389ba693b430da6ccbbc77fb380c462",
+ "https://github.com/FasterXML/jackson-dataformats-binary/issues/265",
+ "https://github.com/FasterXML/jackson-dataformats-binary/commit/7229150e6297ad7f33fdce709447160748feec9d"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8625",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "RHSA-2021:0671: bind security update (Important)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:bind-license:32:9.11.4-16.P2.el7_8.6",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:bind-license:32:9.11.4-16.P2.el7_8.6"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [
+ "≥ 32:9.11.4-26.P2.el7_9.4"
+ ],
+ "published": "2021-03-08T08:29:31+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-141795",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.Security Fix(es):* bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation (CVE-2020-8625)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-8625",
+ "https://access.redhat.com/errata/RHSA-2021:0671"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-5827",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.8,
+ "summary": "CVE-2019-5827 chromium-browser: out-of-bounds access in SQLite",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:sqlite:19:3.7.17-8.el7_7.1",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c/sha256__f1feca4677977dc33110c154ca467b1b2a722806fde6643c7c2d39daa1168d3c.tar.gz",
+ "rpm://7:sqlite:19:3.7.17-8.el7_7.1"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2020-07-13T04:04:32+10:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-109517",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
+ "references": [
+ "https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Important"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-1000158",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)",
+ "severity": "High",
+ "vulnerable_component": "rpm://7:python:0:2.7.5-88.el7",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91/sha256__d2bf8b28bdf5a2535591102292694e4ff4e8307e7cbc967444b93177db257a91.tar.gz",
+ "rpm://7:python:0:2.7.5-88.el7"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [],
+ "published": "2019-11-27T03:47:03+11:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-92046",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution)",
+ "references": [
+ "https://www.debian.org/security/2018/dsa-4307",
+ "https://security.gentoo.org/glsa/201805-02",
+ "https://bugs.python.org/issue30657",
+ "https://lists.debian.org/debian-lts-announce/2017/11/msg00035.html",
+ "https://lists.debian.org/debian-lts-announce/2017/11/msg00036.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html",
+ "https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html",
+ "http://www.securitytracker.com/id/1039890"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-5382",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Bouncy Castle BKS version 1 keystore (BKS-V1) files use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS-V1 keystore. All BKS-V1 keystores are vulnerable. Bouncy Castle release 1.47 introduces BKS version 2, which uses a 160-bit MAC.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.netbeans.external:bcprov:RELEASE113",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:9fdbe26fe92d22ad5604fafd44d3272fdeaaa0236aa9e80318db4265465572c6/sha256__9fdbe26fe92d22ad5604fafd44d3272fdeaaa0236aa9e80318db4265465572c6.tar.gz",
+ "gav://org.netbeans.external:bcprov:RELEASE113"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [
+ "1.47"
+ ],
+ "published": "2018-06-11T18:33:48+10:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-68665",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Bouncy Castle BKS version 1 keystore (BKS-V1) files use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS-V1 keystore. All BKS-V1 keystores are vulnerable. Bouncy Castle release 1.47 introduces BKS version 2, which uses a 160-bit MAC.",
+ "references": [
+ "http://www.securityfocus.com/bid/103453",
+ "https://www.bouncycastle.org/releasenotes.html",
+ "https://www.kb.cert.org/vuls/id/306792"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-5382",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "Bouncy Castle BKS version 1 keystore (BKS-V1) files use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS-V1 keystore. All BKS-V1 keystores are vulnerable. Bouncy Castle release 1.47 introduces BKS version 2, which uses a 160-bit MAC.",
+ "severity": "High",
+ "vulnerable_component": "gav://org.netbeans.external:bcprov:RELEASE113",
+ "impacted_artifact": "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "impact_path": [
+ "docker://elasticsearch/elasticsearch:7.9.1-amd64",
+ "generic://sha256:71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b/sha256__71948c71bf562093fc11373cddd6245014188a540a6b46e94cd65a15e39f039b.tar.gz",
+ "gav://org.netbeans.external:bcprov:RELEASE113"
+ ],
+ "path": "elastic-docker-remote/elasticsearch/elasticsearch/7.9.1-amd64/",
+ "fixed_versions": [
+ "1.47"
+ ],
+ "published": "2018-06-11T18:33:48+10:00",
+ "artifact_scan_time": "2021-01-14T18:41:09+11:00",
+ "issue_id": "XRAY-68665",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Bouncy Castle BKS version 1 keystore (BKS-V1) files use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS-V1 keystore. All BKS-V1 keystores are vulnerable. Bouncy Castle release 1.47 introduces BKS version 2, which uses a 160-bit MAC.",
+ "references": [
+ "http://www.securityfocus.com/bid/103453",
+ "https://www.bouncycastle.org/releasenotes.html",
+ "https://www.kb.cert.org/vuls/id/306792"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-14344",
+ "cvss_v2_score": 4.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 6.7,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.6,
+ "cvss3_max_score": 6.7,
+ "summary": "CVE-2020-14344 libX11: Heap overflow in the X input method client (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:libX11-common:0:1.6.8-3.el8",
+ "impacted_artifact": "rpm://8:libX11-common:0:1.6.8-3.el8",
+ "impact_path": [
+ "rpm://8:libX11-common:0:1.6.8-3.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/l/libX11-common-1.6.8-3.el8.noarch.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:21+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:38+11:00",
+ "issue_id": "XRAY-133844",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in libX11. An integer overflow leading to a heap-buffer overflow occurs when setuid programs call XIM client functions while running with elevated privileges. The highest threat from this vulnerability are to data confidentiality and integrity as well as system vulnerability.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-14344"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3467",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss3_max_score": 5.5,
+ "summary": "CVE-2021-3467 jasper: NULL pointer dereference in jp2_decode() in jp2_dec.c (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impacted_artifact": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impact_path": [
+ "rpm://8:jasper-libs:0:2.0.14-4.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/j/jasper-libs-2.0.14-4.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2021-03-25T20:44:24+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:38+11:00",
+ "issue_id": "XRAY-158203",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2021-3467"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-5504",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 4.4,
+ "summary": "CVE-2017-5504 jasper: Invalid memory read in jpc_undo_roi (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impacted_artifact": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impact_path": [
+ "rpm://8:jasper-libs:0:2.0.14-4.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/j/jasper-libs-2.0.14-4.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:52:48+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:38+11:00",
+ "issue_id": "XRAY-132250",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CVE-2017-5504 jasper: Invalid memory read in jpc_undo_roi (moderate)",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2017-5504"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-27828",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 7.8,
+ "summary": "CVE-2020-27828 jasper: Heap-based buffer overflow in cp_create() in jpc_enc.c (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impacted_artifact": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impact_path": [
+ "rpm://8:jasper-libs:0:2.0.14-4.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/j/jasper-libs-2.0.14-4.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:29+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:38+11:00",
+ "issue_id": "XRAY-134058",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in the Jasper tool’s jpc encoder. This flaw allows an attacker to craft input provided to Jasper, causing an arbitrary out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. MITIGATION: This flaw can be mitigated for the Jasper tool by not accepting untrusted inputs to be processed by Jasper or constraining rlevels on those inputs from outside of Jasper.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-27828"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-5505",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 4.4,
+ "summary": "CVE-2017-5505 jasper: Invalid memory read in jas_matrix_asl (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impacted_artifact": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impact_path": [
+ "rpm://8:jasper-libs:0:2.0.14-4.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/j/jasper-libs-2.0.14-4.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T16:18:23+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:38+11:00",
+ "issue_id": "XRAY-134700",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CVE-2017-5505 jasper: Invalid memory read in jas_matrix_asl (moderate)",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2017-5505"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3443",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss3_max_score": 5.5,
+ "summary": "CVE-2021-3443 jasper: NULL pointer dereference in jp2_decode() in jp2_dec.c (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impacted_artifact": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impact_path": [
+ "rpm://8:jasper-libs:0:2.0.14-4.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/j/jasper-libs-2.0.14-4.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2021-03-23T20:38:25+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:38+11:00",
+ "issue_id": "XRAY-157312",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2021-3443"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-5503",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 4.4,
+ "summary": "CVE-2017-5503 jasper: invalid memory write in dec_clnpass() (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impacted_artifact": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impact_path": [
+ "rpm://8:jasper-libs:0:2.0.14-4.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/j/jasper-libs-2.0.14-4.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T16:18:23+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:38+11:00",
+ "issue_id": "XRAY-134699",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CVE-2017-5503 jasper: invalid memory write in dec_clnpass() (moderate)",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2017-5503"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-26926",
+ "cvss_v2_score": 5.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:P",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.8,
+ "cvss3_max_score": 5.5,
+ "summary": "CVE-2021-26926 jasper: Out of bounds read in jp2_decode() in jp2_dec.c (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impacted_artifact": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impact_path": [
+ "rpm://8:jasper-libs:0:2.0.14-4.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/j/jasper-libs-2.0.14-4.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2021-02-10T15:57:26+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:38+11:00",
+ "issue_id": "XRAY-140289",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CVE-2021-26926 jasper: Out of bounds read in jp2_decode() in jp2_dec.c (moderate)",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2021-26926"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3272",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.5,
+ "summary": "CVE-2021-3272 jasper: Heap-based buffer over-read in jp2_decode() in jp2_dec.c (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impacted_artifact": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impact_path": [
+ "rpm://8:jasper-libs:0:2.0.14-4.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/j/jasper-libs-2.0.14-4.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2021-01-30T15:46:29+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:38+11:00",
+ "issue_id": "XRAY-139011",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CVE-2021-3272 jasper: Heap-based buffer over-read in jp2_decode() in jp2_dec.c (moderate)",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2021-3272"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-26927",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.5,
+ "summary": "CVE-2021-26927 jasper: NULL pointer dereference in jp2_decode() in jp2_dec.c (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impacted_artifact": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impact_path": [
+ "rpm://8:jasper-libs:0:2.0.14-4.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/j/jasper-libs-2.0.14-4.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2021-03-08T08:53:15+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:38+11:00",
+ "issue_id": "XRAY-141828",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CVE-2021-26927 jasper: NULL pointer dereference in jp2_decode() in jp2_dec.c (moderate)",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2021-26927"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12723",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "CVE-2020-12723 perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:perl-Pod-Simple:1:3.35-395.el8",
+ "impacted_artifact": "rpm://8:perl-Pod-Simple:1:3.35-395.el8",
+ "impact_path": [
+ "rpm://8:perl-Pod-Simple:1:3.35-395.el8"
+ ],
+ "path": "ubi8-baseos-remote/Packages/p/perl-Pod-Simple-3.35-395.el8.noarch.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:20+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:40+11:00",
+ "issue_id": "XRAY-133802",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "MITIGATION: To mitigate this flaw, developers should not allow untrusted regular expressions to be compiled by the Perl regular expression compiler.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-12723"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28852",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "In x/text in Go before v0.3.5, a \"slice bounds out of range\" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)",
+ "severity": "Medium",
+ "vulnerable_component": "go://golang.org/x/text:0.3.4",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "generic://sha256:e5bfcdca3470798216bf1c2b8b2a7b9466b707e2ea1f5c4676d0ac1bdaacf733/sha256__e5bfcdca3470798216bf1c2b8b2a7b9466b707e2ea1f5c4676d0ac1bdaacf733.tar.gz",
+ "generic://sha256:3d906c31b6b36e7ce9772a469875af0c8ab2dbe01db30c01b80d820b78c0357c/kustomize-controller",
+ "go://golang.org/x/text:0.3.4"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c/",
+ "fixed_versions": [
+ "0.3.5"
+ ],
+ "published": "2021-01-03T23:36:30+11:00",
+ "artifact_scan_time": "2021-02-18T14:16:57+11:00",
+ "issue_id": "XRAY-138125",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In x/text in Go before v0.3.5, a \"slice bounds out of range\" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)",
+ "references": [
+ "https://github.com/golang/go/issues/42536",
+ "https://security.netapp.com/advisory/ntap-20210212-0004/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27918",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15.8",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "generic://sha256:e5bfcdca3470798216bf1c2b8b2a7b9466b707e2ea1f5c4676d0ac1bdaacf733/sha256__e5bfcdca3470798216bf1c2b8b2a7b9466b707e2ea1f5c4676d0ac1bdaacf733.tar.gz",
+ "generic://sha256:3d906c31b6b36e7ce9772a469875af0c8ab2dbe01db30c01b80d820b78c0357c/kustomize-controller",
+ "go://github.com/golang/go:1.15.8"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c/",
+ "fixed_versions": [
+ "1.16.1",
+ "1.15.9"
+ ],
+ "published": "2021-03-15T00:32:21+11:00",
+ "artifact_scan_time": "2021-02-18T14:16:57+11:00",
+ "issue_id": "XRAY-145876",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29652",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.",
+ "severity": "Medium",
+ "vulnerable_component": "go://golang.org/x/crypto:0.0.0-20201002170205-7f63de1d35b0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "generic://sha256:e5bfcdca3470798216bf1c2b8b2a7b9466b707e2ea1f5c4676d0ac1bdaacf733/sha256__e5bfcdca3470798216bf1c2b8b2a7b9466b707e2ea1f5c4676d0ac1bdaacf733.tar.gz",
+ "generic://sha256:3d906c31b6b36e7ce9772a469875af0c8ab2dbe01db30c01b80d820b78c0357c/kustomize-controller",
+ "go://golang.org/x/crypto:0.0.0-20201002170205-7f63de1d35b0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c/",
+ "fixed_versions": [
+ "0.0.0-20201216223049-8b5274cf687f"
+ ],
+ "published": "2020-12-21T03:38:59+11:00",
+ "artifact_scan_time": "2021-02-18T14:16:57+11:00",
+ "issue_id": "XRAY-135107",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1",
+ "https://go-review.googlesource.com/c/crypto/+/278852"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-21300",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive file system such as NTFS, HFS+ or APFS (i.e. the default file systems on Windows and macOS). Note that clean/smudge filters have to be configured for that. Git for Windows configures Git LFS by default, and is therefore vulnerable. The problem has been patched in the versions published on Tuesday, March 9th, 2021. As a workaound, if symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. Likewise, if no clean/smudge filters such as Git LFS are configured globally (i.e. _before_ cloning), the attack is foiled. As always, it is best to avoid cloning repositories from untrusted sources. The earliest impacted version is 2.14.2. The fix versions are: 2.30.1, 2.29.3, 2.28.1, 2.27.1, 2.26.3, 2.25.5, 2.24.4, 2.23.4, 2.22.5, 2.21.4, 2.20.5, 2.19.6, 2.18.5, 2.17.62.17.6.",
+ "severity": "Medium",
+ "vulnerable_component": "alpine://3.13:git:2.30.1-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "generic://sha256:0fbf23c5a32ab9c6e5fe681d3bfe670b9e625817e5cf6bf792068596793a3378/sha256__0fbf23c5a32ab9c6e5fe681d3bfe670b9e625817e5cf6bf792068596793a3378.tar.gz",
+ "alpine://3.13:git:2.30.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c/",
+ "fixed_versions": [
+ "2.30.2-r0"
+ ],
+ "published": "2021-03-24T23:11:00+11:00",
+ "artifact_scan_time": "2021-02-18T14:16:57+11:00",
+ "issue_id": "XRAY-157682",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive file system such as NTFS, HFS+ or APFS (i.e. the default file systems on Windows and macOS). Note that clean/smudge filters have to be configured for that. Git for Windows configures Git LFS by default, and is therefore vulnerable. The problem has been patched in the versions published on Tuesday, March 9th, 2021. As a workaound, if symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. Likewise, if no clean/smudge filters such as Git LFS are configured globally (i.e. _before_ cloning), the attack is foiled. As always, it is best to avoid cloning repositories from untrusted sources. The earliest impacted version is 2.14.2. The fix versions are: 2.30.1, 2.29.3, 2.28.1, 2.27.1, 2.26.3, 2.25.5, 2.24.4, 2.23.4, 2.22.5, 2.21.4, 2.20.5, 2.19.6, 2.18.5, 2.17.62.17.6.",
+ "references": [
+ "http://www.openwall.com/lists/oss-security/2021/03/09/3",
+ "https://lore.kernel.org/git/xmqqim6019yd.fsf@gitster.c.googlers.com/",
+ "https://github.com/git/git/commit/684dd4c2b414bcf648505e74498a608f28de4592",
+ "https://git-scm.com/docs/gitattributes#_filter",
+ "https://git-scm.com/docs/git-config#Documentation/git-config.txt-coresymlinks",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LMXX2POK5X576BSDWSXGU7EIK6I72ERU/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCLJJLKKMS5WRFO6C475AOUZTWQLIARX/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BBPNGLQSYJHLZZ37BO42YY6S5OTIF4L4/",
+ "https://github.com/git/git/security/advisories/GHSA-8prw-h3cq-mghm"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 5.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.4,
+ "cvss3_max_score": 5.3,
+ "summary": "GNU dbm (GDBM) Database Recovery Resource Exhaustion DoS Weakness",
+ "severity": "Medium",
+ "vulnerable_component": "alpine://3.13:gdbm:1.19-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "generic://sha256:0fbf23c5a32ab9c6e5fe681d3bfe670b9e625817e5cf6bf792068596793a3378/sha256__0fbf23c5a32ab9c6e5fe681d3bfe670b9e625817e5cf6bf792068596793a3378.tar.gz",
+ "alpine://3.13:gdbm:1.19-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c/",
+ "fixed_versions": [],
+ "published": "2021-03-18T19:46:38+11:00",
+ "artifact_scan_time": "2021-02-18T14:16:57+11:00",
+ "issue_id": "XRAY-147183",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU dbm (GDBM) contains a flaw that is triggered when handling recovery operations on a specially crafted database file. This may allow a context-dependent attacker to exhaust available disk storage and potentially cause a denial of service.",
+ "references": [
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=2dc9267a91a98733a18ebb3b8488da8016539f83",
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=3f86431e830f867d14f2ad5a382f59b19acdded2",
+ "https://puszcza.gnu.org.ua/bugs/?502"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 7.4,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"
+ }
+ ],
+ "cvss2_max_score": 4,
+ "cvss3_max_score": 7.4,
+ "summary": "cURL / libcurl TLS 1.3 Session Ticket Improper Host Handshake Handling MitM Spoofing",
+ "severity": "Medium",
+ "vulnerable_component": "alpine://3.13:libcurl:7.74.0-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "generic://sha256:0fbf23c5a32ab9c6e5fe681d3bfe670b9e625817e5cf6bf792068596793a3378/sha256__0fbf23c5a32ab9c6e5fe681d3bfe670b9e625817e5cf6bf792068596793a3378.tar.gz",
+ "alpine://3.13:libcurl:7.74.0-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c/",
+ "fixed_versions": [],
+ "published": "2021-04-02T02:39:36+11:00",
+ "artifact_scan_time": "2021-02-18T14:16:57+11:00",
+ "issue_id": "XRAY-160704",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "cURL / libcurl contains a flaw that is triggered as host handshakes are improperly bypassed when processing TLS 1.3 session ticket from an HTTPS proxy. With a specially crafted HTTPS proxy, an attacker can bypass the TLS certificate check and disclose or manipulate transmitted data.",
+ "references": [
+ "https://ubuntu.com/security/notices/USN-4898-1",
+ "https://seclists.org/oss-sec/2021/q1/280",
+ "https://github.com/curl/curl/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844",
+ "https://curl.se/docs/CVE-2021-22890.html",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-22890"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 6.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 6.1,
+ "summary": "Kubernetes /proxy/ pagesize Parameter Reflected XSS",
+ "severity": "Medium",
+ "vulnerable_component": "go://k8s.io/apimachinery:0.20.2",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c",
+ "generic://sha256:e5bfcdca3470798216bf1c2b8b2a7b9466b707e2ea1f5c4676d0ac1bdaacf733/sha256__e5bfcdca3470798216bf1c2b8b2a7b9466b707e2ea1f5c4676d0ac1bdaacf733.tar.gz",
+ "generic://sha256:3d906c31b6b36e7ce9772a469875af0c8ab2dbe01db30c01b80d820b78c0357c/kustomize-controller",
+ "go://k8s.io/apimachinery:0.20.2"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__edbd3ff93012e4ed652136b47a12bca797f0bd947633210cd8e863da3b00af3c/",
+ "fixed_versions": [
+ "1.16.0-alpha.3"
+ ],
+ "published": "2019-06-05T20:03:10+10:00",
+ "artifact_scan_time": "2021-02-18T14:16:57+11:00",
+ "issue_id": "XRAY-83594",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Kubernetes contains a flaw that allows a reflected cross-site scripting (XSS) attack. This flaw exists because the /proxy/ script does not properly sanitize input to the 'pagesize' GET parameter before returning it to users. This may allow a context-dependent attacker to create a specially crafted request that executes arbitrary script code in a user's browser session within the trust relationship between their browser and the server.",
+ "references": [
+ "https://github.com/kubernetes/kubernetes/issues/78467"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29652",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.",
+ "severity": "Medium",
+ "vulnerable_component": "go://golang.org/x/crypto:0.0.0-20201002170205-7f63de1d35b0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "generic://sha256:1678a9c0d087373db88c5e38c7ad1aa148939f5c92f45340c3f2a6b333b84483/sha256__1678a9c0d087373db88c5e38c7ad1aa148939f5c92f45340c3f2a6b333b84483.tar.gz",
+ "generic://sha256:875178cb631eca736748ac16b1aa7034a95a3bbb4162f8cfa99fd7baf676e698/kustomize-controller",
+ "go://golang.org/x/crypto:0.0.0-20201002170205-7f63de1d35b0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f/",
+ "fixed_versions": [
+ "0.0.0-20201216223049-8b5274cf687f"
+ ],
+ "published": "2020-12-21T03:38:59+11:00",
+ "artifact_scan_time": "2021-02-19T17:56:58+11:00",
+ "issue_id": "XRAY-135107",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1",
+ "https://go-review.googlesource.com/c/crypto/+/278852"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27918",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15.8",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "generic://sha256:1678a9c0d087373db88c5e38c7ad1aa148939f5c92f45340c3f2a6b333b84483/sha256__1678a9c0d087373db88c5e38c7ad1aa148939f5c92f45340c3f2a6b333b84483.tar.gz",
+ "generic://sha256:875178cb631eca736748ac16b1aa7034a95a3bbb4162f8cfa99fd7baf676e698/kustomize-controller",
+ "go://github.com/golang/go:1.15.8"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f/",
+ "fixed_versions": [
+ "1.16.1",
+ "1.15.9"
+ ],
+ "published": "2021-03-15T00:32:21+11:00",
+ "artifact_scan_time": "2021-02-19T17:56:58+11:00",
+ "issue_id": "XRAY-145876",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 5.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.4,
+ "cvss3_max_score": 5.3,
+ "summary": "GNU dbm (GDBM) Database Recovery Resource Exhaustion DoS Weakness",
+ "severity": "Medium",
+ "vulnerable_component": "alpine://3.13:gdbm:1.19-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "generic://sha256:a5d2b7ba81558d4b91b32cbf571786516fc0f7f871723ccaea623ef087bf09b3/sha256__a5d2b7ba81558d4b91b32cbf571786516fc0f7f871723ccaea623ef087bf09b3.tar.gz",
+ "alpine://3.13:gdbm:1.19-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f/",
+ "fixed_versions": [],
+ "published": "2021-03-18T19:46:38+11:00",
+ "artifact_scan_time": "2021-02-19T17:56:58+11:00",
+ "issue_id": "XRAY-147183",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU dbm (GDBM) contains a flaw that is triggered when handling recovery operations on a specially crafted database file. This may allow a context-dependent attacker to exhaust available disk storage and potentially cause a denial of service.",
+ "references": [
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=2dc9267a91a98733a18ebb3b8488da8016539f83",
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=3f86431e830f867d14f2ad5a382f59b19acdded2",
+ "https://puszcza.gnu.org.ua/bugs/?502"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-21300",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive file system such as NTFS, HFS+ or APFS (i.e. the default file systems on Windows and macOS). Note that clean/smudge filters have to be configured for that. Git for Windows configures Git LFS by default, and is therefore vulnerable. The problem has been patched in the versions published on Tuesday, March 9th, 2021. As a workaound, if symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. Likewise, if no clean/smudge filters such as Git LFS are configured globally (i.e. _before_ cloning), the attack is foiled. As always, it is best to avoid cloning repositories from untrusted sources. The earliest impacted version is 2.14.2. The fix versions are: 2.30.1, 2.29.3, 2.28.1, 2.27.1, 2.26.3, 2.25.5, 2.24.4, 2.23.4, 2.22.5, 2.21.4, 2.20.5, 2.19.6, 2.18.5, 2.17.62.17.6.",
+ "severity": "Medium",
+ "vulnerable_component": "alpine://3.13:git:2.30.1-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "generic://sha256:a5d2b7ba81558d4b91b32cbf571786516fc0f7f871723ccaea623ef087bf09b3/sha256__a5d2b7ba81558d4b91b32cbf571786516fc0f7f871723ccaea623ef087bf09b3.tar.gz",
+ "alpine://3.13:git:2.30.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f/",
+ "fixed_versions": [
+ "2.30.2-r0"
+ ],
+ "published": "2021-03-24T23:11:00+11:00",
+ "artifact_scan_time": "2021-02-19T17:56:58+11:00",
+ "issue_id": "XRAY-157682",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive file system such as NTFS, HFS+ or APFS (i.e. the default file systems on Windows and macOS). Note that clean/smudge filters have to be configured for that. Git for Windows configures Git LFS by default, and is therefore vulnerable. The problem has been patched in the versions published on Tuesday, March 9th, 2021. As a workaound, if symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. Likewise, if no clean/smudge filters such as Git LFS are configured globally (i.e. _before_ cloning), the attack is foiled. As always, it is best to avoid cloning repositories from untrusted sources. The earliest impacted version is 2.14.2. The fix versions are: 2.30.1, 2.29.3, 2.28.1, 2.27.1, 2.26.3, 2.25.5, 2.24.4, 2.23.4, 2.22.5, 2.21.4, 2.20.5, 2.19.6, 2.18.5, 2.17.62.17.6.",
+ "references": [
+ "http://www.openwall.com/lists/oss-security/2021/03/09/3",
+ "https://lore.kernel.org/git/xmqqim6019yd.fsf@gitster.c.googlers.com/",
+ "https://github.com/git/git/commit/684dd4c2b414bcf648505e74498a608f28de4592",
+ "https://git-scm.com/docs/gitattributes#_filter",
+ "https://git-scm.com/docs/git-config#Documentation/git-config.txt-coresymlinks",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LMXX2POK5X576BSDWSXGU7EIK6I72ERU/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCLJJLKKMS5WRFO6C475AOUZTWQLIARX/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BBPNGLQSYJHLZZ37BO42YY6S5OTIF4L4/",
+ "https://github.com/git/git/security/advisories/GHSA-8prw-h3cq-mghm"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28852",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "In x/text in Go before v0.3.5, a \"slice bounds out of range\" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)",
+ "severity": "Medium",
+ "vulnerable_component": "go://golang.org/x/text:0.3.4",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "generic://sha256:1678a9c0d087373db88c5e38c7ad1aa148939f5c92f45340c3f2a6b333b84483/sha256__1678a9c0d087373db88c5e38c7ad1aa148939f5c92f45340c3f2a6b333b84483.tar.gz",
+ "generic://sha256:875178cb631eca736748ac16b1aa7034a95a3bbb4162f8cfa99fd7baf676e698/kustomize-controller",
+ "go://golang.org/x/text:0.3.4"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f/",
+ "fixed_versions": [
+ "0.3.5"
+ ],
+ "published": "2021-01-03T23:36:30+11:00",
+ "artifact_scan_time": "2021-02-19T17:56:58+11:00",
+ "issue_id": "XRAY-138125",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In x/text in Go before v0.3.5, a \"slice bounds out of range\" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)",
+ "references": [
+ "https://github.com/golang/go/issues/42536",
+ "https://security.netapp.com/advisory/ntap-20210212-0004/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 6.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 6.1,
+ "summary": "Kubernetes /proxy/ pagesize Parameter Reflected XSS",
+ "severity": "Medium",
+ "vulnerable_component": "go://k8s.io/apimachinery:0.20.2",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "generic://sha256:1678a9c0d087373db88c5e38c7ad1aa148939f5c92f45340c3f2a6b333b84483/sha256__1678a9c0d087373db88c5e38c7ad1aa148939f5c92f45340c3f2a6b333b84483.tar.gz",
+ "generic://sha256:875178cb631eca736748ac16b1aa7034a95a3bbb4162f8cfa99fd7baf676e698/kustomize-controller",
+ "go://k8s.io/apimachinery:0.20.2"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f/",
+ "fixed_versions": [
+ "1.16.0-alpha.3"
+ ],
+ "published": "2019-06-05T20:03:10+10:00",
+ "artifact_scan_time": "2021-02-19T17:56:58+11:00",
+ "issue_id": "XRAY-83594",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Kubernetes contains a flaw that allows a reflected cross-site scripting (XSS) attack. This flaw exists because the /proxy/ script does not properly sanitize input to the 'pagesize' GET parameter before returning it to users. This may allow a context-dependent attacker to create a specially crafted request that executes arbitrary script code in a user's browser session within the trust relationship between their browser and the server.",
+ "references": [
+ "https://github.com/kubernetes/kubernetes/issues/78467"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 7.4,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"
+ }
+ ],
+ "cvss2_max_score": 4,
+ "cvss3_max_score": 7.4,
+ "summary": "cURL / libcurl TLS 1.3 Session Ticket Improper Host Handshake Handling MitM Spoofing",
+ "severity": "Medium",
+ "vulnerable_component": "alpine://3.13:libcurl:7.74.0-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f",
+ "generic://sha256:a5d2b7ba81558d4b91b32cbf571786516fc0f7f871723ccaea623ef087bf09b3/sha256__a5d2b7ba81558d4b91b32cbf571786516fc0f7f871723ccaea623ef087bf09b3.tar.gz",
+ "alpine://3.13:libcurl:7.74.0-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__88768ae4991d0af52f3b93e5ab37f4c5932769eca2edf81480d71529906adc8f/",
+ "fixed_versions": [],
+ "published": "2021-04-02T02:39:36+11:00",
+ "artifact_scan_time": "2021-02-19T17:56:58+11:00",
+ "issue_id": "XRAY-160704",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "cURL / libcurl contains a flaw that is triggered as host handshakes are improperly bypassed when processing TLS 1.3 session ticket from an HTTPS proxy. With a specially crafted HTTPS proxy, an attacker can bypass the TLS certificate check and disclose or manipulate transmitted data.",
+ "references": [
+ "https://ubuntu.com/security/notices/USN-4898-1",
+ "https://seclists.org/oss-sec/2021/q1/280",
+ "https://github.com/curl/curl/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844",
+ "https://curl.se/docs/CVE-2021-22890.html",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-22890"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27918",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15.8",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__e9457bc5a0295a78f3e3e6eea3b912290292b8b9f4b6e794d737cbe956db56a1",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__e9457bc5a0295a78f3e3e6eea3b912290292b8b9f4b6e794d737cbe956db56a1",
+ "generic://sha256:3f30a523c4a5997c1206b72129466c3b41708009be86fbcfde504a3fc864a8f8/sha256__3f30a523c4a5997c1206b72129466c3b41708009be86fbcfde504a3fc864a8f8.tar.gz",
+ "generic://sha256:fcc55d98063ceed6452db2f4f2b346baa10ab30833fd26ce2c4dbda75d77a402/source-controller",
+ "go://github.com/golang/go:1.15.8"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__e9457bc5a0295a78f3e3e6eea3b912290292b8b9f4b6e794d737cbe956db56a1/",
+ "fixed_versions": [
+ "1.16.1",
+ "1.15.9"
+ ],
+ "published": "2021-03-15T00:32:21+11:00",
+ "artifact_scan_time": "2021-02-19T17:57:53+11:00",
+ "issue_id": "XRAY-145876",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27918",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15.8",
+ "impacted_artifact": "docker://fluxcd/notification-controller:sha256__59cd4aa509acb661a9259e270f3de87f3bc74134326350bcee0606e0d84d39c3",
+ "impact_path": [
+ "docker://fluxcd/notification-controller:sha256__59cd4aa509acb661a9259e270f3de87f3bc74134326350bcee0606e0d84d39c3",
+ "generic://sha256:1855bdf9d3d42181cc1915598705966d3ba8882a8be19325d52ac78504242a53/sha256__1855bdf9d3d42181cc1915598705966d3ba8882a8be19325d52ac78504242a53.tar.gz",
+ "generic://sha256:62879fbf6f3b86c758d10d347fc35a479e155160904c1b24442a18373fa93698/notification-controller",
+ "go://github.com/golang/go:1.15.8"
+ ],
+ "path": "dockerhub-remote/fluxcd/notification-controller/sha256__59cd4aa509acb661a9259e270f3de87f3bc74134326350bcee0606e0d84d39c3/",
+ "fixed_versions": [
+ "1.16.1",
+ "1.15.9"
+ ],
+ "published": "2021-03-15T00:32:21+11:00",
+ "artifact_scan_time": "2021-02-20T18:25:14+11:00",
+ "issue_id": "XRAY-145876",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28852",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "In x/text in Go before v0.3.5, a \"slice bounds out of range\" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)",
+ "severity": "Medium",
+ "vulnerable_component": "go://golang.org/x/text:0.3.4",
+ "impacted_artifact": "docker://fluxcd/notification-controller:sha256__59cd4aa509acb661a9259e270f3de87f3bc74134326350bcee0606e0d84d39c3",
+ "impact_path": [
+ "docker://fluxcd/notification-controller:sha256__59cd4aa509acb661a9259e270f3de87f3bc74134326350bcee0606e0d84d39c3",
+ "generic://sha256:1855bdf9d3d42181cc1915598705966d3ba8882a8be19325d52ac78504242a53/sha256__1855bdf9d3d42181cc1915598705966d3ba8882a8be19325d52ac78504242a53.tar.gz",
+ "generic://sha256:62879fbf6f3b86c758d10d347fc35a479e155160904c1b24442a18373fa93698/notification-controller",
+ "go://golang.org/x/text:0.3.4"
+ ],
+ "path": "dockerhub-remote/fluxcd/notification-controller/sha256__59cd4aa509acb661a9259e270f3de87f3bc74134326350bcee0606e0d84d39c3/",
+ "fixed_versions": [
+ "0.3.5"
+ ],
+ "published": "2021-01-03T23:36:30+11:00",
+ "artifact_scan_time": "2021-02-20T18:25:14+11:00",
+ "issue_id": "XRAY-138125",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In x/text in Go before v0.3.5, a \"slice bounds out of range\" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)",
+ "references": [
+ "https://github.com/golang/go/issues/42536",
+ "https://security.netapp.com/advisory/ntap-20210212-0004/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 6.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 6.1,
+ "summary": "Kubernetes /proxy/ pagesize Parameter Reflected XSS",
+ "severity": "Medium",
+ "vulnerable_component": "go://k8s.io/apimachinery:0.20.2",
+ "impacted_artifact": "docker://fluxcd/notification-controller:sha256__59cd4aa509acb661a9259e270f3de87f3bc74134326350bcee0606e0d84d39c3",
+ "impact_path": [
+ "docker://fluxcd/notification-controller:sha256__59cd4aa509acb661a9259e270f3de87f3bc74134326350bcee0606e0d84d39c3",
+ "generic://sha256:1855bdf9d3d42181cc1915598705966d3ba8882a8be19325d52ac78504242a53/sha256__1855bdf9d3d42181cc1915598705966d3ba8882a8be19325d52ac78504242a53.tar.gz",
+ "generic://sha256:62879fbf6f3b86c758d10d347fc35a479e155160904c1b24442a18373fa93698/notification-controller",
+ "go://k8s.io/apimachinery:0.20.2"
+ ],
+ "path": "dockerhub-remote/fluxcd/notification-controller/sha256__59cd4aa509acb661a9259e270f3de87f3bc74134326350bcee0606e0d84d39c3/",
+ "fixed_versions": [
+ "1.16.0-alpha.3"
+ ],
+ "published": "2019-06-05T20:03:10+10:00",
+ "artifact_scan_time": "2021-02-20T18:25:14+11:00",
+ "issue_id": "XRAY-83594",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Kubernetes contains a flaw that allows a reflected cross-site scripting (XSS) attack. This flaw exists because the /proxy/ script does not properly sanitize input to the 'pagesize' GET parameter before returning it to users. This may allow a context-dependent attacker to create a specially crafted request that executes arbitrary script code in a user's browser session within the trust relationship between their browser and the server.",
+ "references": [
+ "https://github.com/kubernetes/kubernetes/issues/78467"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29652",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.",
+ "severity": "Medium",
+ "vulnerable_component": "go://golang.org/x/crypto:0.0.0-20201002170205-7f63de1d35b0",
+ "impacted_artifact": "docker://fluxcd/notification-controller:sha256__59cd4aa509acb661a9259e270f3de87f3bc74134326350bcee0606e0d84d39c3",
+ "impact_path": [
+ "docker://fluxcd/notification-controller:sha256__59cd4aa509acb661a9259e270f3de87f3bc74134326350bcee0606e0d84d39c3",
+ "generic://sha256:1855bdf9d3d42181cc1915598705966d3ba8882a8be19325d52ac78504242a53/sha256__1855bdf9d3d42181cc1915598705966d3ba8882a8be19325d52ac78504242a53.tar.gz",
+ "generic://sha256:62879fbf6f3b86c758d10d347fc35a479e155160904c1b24442a18373fa93698/notification-controller",
+ "go://golang.org/x/crypto:0.0.0-20201002170205-7f63de1d35b0"
+ ],
+ "path": "dockerhub-remote/fluxcd/notification-controller/sha256__59cd4aa509acb661a9259e270f3de87f3bc74134326350bcee0606e0d84d39c3/",
+ "fixed_versions": [
+ "0.0.0-20201216223049-8b5274cf687f"
+ ],
+ "published": "2020-12-21T03:38:59+11:00",
+ "artifact_scan_time": "2021-02-20T18:25:14+11:00",
+ "issue_id": "XRAY-135107",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1",
+ "https://go-review.googlesource.com/c/crypto/+/278852"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-25648",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "CVE-2020-25648 nss: TLS 1.3 CCS flood remote DoS Attack (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss-sysinit:0:3.53.1-17.el8_3",
+ "impacted_artifact": "rpm://8:nss-sysinit:0:3.53.1-17.el8_3",
+ "impact_path": [
+ "rpm://8:nss-sysinit:0:3.53.1-17.el8_3"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-sysinit-3.53.1-17.el8_3.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:27+11:00",
+ "artifact_scan_time": "2021-02-26T18:18:51+11:00",
+ "issue_id": "XRAY-133983",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. STATEMENT: This flaw only affects servers that are compiled with the NSS library and when the TLS 1.3 protocol is used.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-25648"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12399",
+ "cvss_v2_score": 1.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:H/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 1.2,
+ "cvss3_max_score": 4.4,
+ "summary": "CVE-2020-12399 nss: Timing attack on DSA signature generation (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss-sysinit:0:3.53.1-17.el8_3",
+ "impacted_artifact": "rpm://8:nss-sysinit:0:3.53.1-17.el8_3",
+ "impact_path": [
+ "rpm://8:nss-sysinit:0:3.53.1-17.el8_3"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-sysinit-3.53.1-17.el8_3.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:19+11:00",
+ "artifact_scan_time": "2021-02-26T18:18:51+11:00",
+ "issue_id": "XRAY-133788",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in the DSA signature generation function in nss. During the process of generating a DSA signature, the nonce value 'k' is not padded, exposing the bit length. Combined with other techniques, this can result in the recovery of the DSA private key. The highest threat from this vulnerability is to data confidentiality. STATEMENT: A timing attack was found in the way NSS generated DSA signatures. A man-in-the-middle attacker could use this attack during DSA signature generation to recover the private key. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible.Firefox and Thunderbird on Red Hat Enterprise Linux are built against the system nss library. MITIGATION: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-12399"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12401",
+ "cvss_v2_score": 1.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 1.9,
+ "cvss3_max_score": 4.4,
+ "summary": "CVE-2020-12401 nss: ECDSA timing attack mitigation bypass (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss-sysinit:0:3.53.1-17.el8_3",
+ "impacted_artifact": "rpm://8:nss-sysinit:0:3.53.1-17.el8_3",
+ "impact_path": [
+ "rpm://8:nss-sysinit:0:3.53.1-17.el8_3"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-sysinit-3.53.1-17.el8_3.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:20+11:00",
+ "artifact_scan_time": "2021-02-26T18:18:51+11:00",
+ "issue_id": "XRAY-133790",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in nss. Using the EM side-channel, it is possible to extract the position of zero and non-zero wNAF digits while nss-certutil tool performs scalar multiplication during the ECDSA signature generation, leaking partial information about the ECDSA nonce. Given a small number of ECDSA signatures, this information can be used to steal the private key. The highest threat from this vulnerability is to data confidentiality. STATEMENT: This is a side channel attack which can used to exact pirate keys when ECDSA signatures are being generated. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible. MITIGATION: This is a side channel attack which can used to exact pirate keys when ECDSA signatures are being generated. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-12401"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12399",
+ "cvss_v2_score": 1.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:H/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 1.2,
+ "cvss3_max_score": 4.4,
+ "summary": "CVE-2020-12399 nss: Timing attack on DSA signature generation (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss-util:0:3.53.1-17.el8_3",
+ "impacted_artifact": "rpm://8:nss-util:0:3.53.1-17.el8_3",
+ "impact_path": [
+ "rpm://8:nss-util:0:3.53.1-17.el8_3"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-util-3.53.1-17.el8_3.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:19+11:00",
+ "artifact_scan_time": "2021-02-26T18:18:51+11:00",
+ "issue_id": "XRAY-133788",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in the DSA signature generation function in nss. During the process of generating a DSA signature, the nonce value 'k' is not padded, exposing the bit length. Combined with other techniques, this can result in the recovery of the DSA private key. The highest threat from this vulnerability is to data confidentiality. STATEMENT: A timing attack was found in the way NSS generated DSA signatures. A man-in-the-middle attacker could use this attack during DSA signature generation to recover the private key. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible.Firefox and Thunderbird on Red Hat Enterprise Linux are built against the system nss library. MITIGATION: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-12399"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12401",
+ "cvss_v2_score": 1.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 1.9,
+ "cvss3_max_score": 4.4,
+ "summary": "CVE-2020-12401 nss: ECDSA timing attack mitigation bypass (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss-util:0:3.53.1-17.el8_3",
+ "impacted_artifact": "rpm://8:nss-util:0:3.53.1-17.el8_3",
+ "impact_path": [
+ "rpm://8:nss-util:0:3.53.1-17.el8_3"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-util-3.53.1-17.el8_3.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:20+11:00",
+ "artifact_scan_time": "2021-02-26T18:18:51+11:00",
+ "issue_id": "XRAY-133790",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in nss. Using the EM side-channel, it is possible to extract the position of zero and non-zero wNAF digits while nss-certutil tool performs scalar multiplication during the ECDSA signature generation, leaking partial information about the ECDSA nonce. Given a small number of ECDSA signatures, this information can be used to steal the private key. The highest threat from this vulnerability is to data confidentiality. STATEMENT: This is a side channel attack which can used to exact pirate keys when ECDSA signatures are being generated. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible. MITIGATION: This is a side channel attack which can used to exact pirate keys when ECDSA signatures are being generated. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-12401"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-25648",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "CVE-2020-25648 nss: TLS 1.3 CCS flood remote DoS Attack (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss-util:0:3.53.1-17.el8_3",
+ "impacted_artifact": "rpm://8:nss-util:0:3.53.1-17.el8_3",
+ "impact_path": [
+ "rpm://8:nss-util:0:3.53.1-17.el8_3"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-util-3.53.1-17.el8_3.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:27+11:00",
+ "artifact_scan_time": "2021-02-26T18:18:51+11:00",
+ "issue_id": "XRAY-133983",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. STATEMENT: This flaw only affects servers that are compiled with the NSS library and when the TLS 1.3 protocol is used.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-25648"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10543",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:P",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 8.2,
+ "summary": "CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:perl-macros:4:5.26.3-417.el8_3",
+ "impacted_artifact": "rpm://8:perl-macros:4:5.26.3-417.el8_3",
+ "impact_path": [
+ "rpm://8:perl-macros:4:5.26.3-417.el8_3"
+ ],
+ "path": "ubi8-baseos-remote/Packages/p/perl-macros-5.26.3-417.el8_3.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:18+11:00",
+ "artifact_scan_time": "2021-02-26T18:18:51+11:00",
+ "issue_id": "XRAY-133713",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "MITIGATION: To mitigate this flaw, developers should not allow untrusted regular expressions to be compiled by the Perl regular expression compiler.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-10543"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10878",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:perl-macros:4:5.26.3-417.el8_3",
+ "impacted_artifact": "rpm://8:perl-macros:4:5.26.3-417.el8_3",
+ "impact_path": [
+ "rpm://8:perl-macros:4:5.26.3-417.el8_3"
+ ],
+ "path": "ubi8-baseos-remote/Packages/p/perl-macros-5.26.3-417.el8_3.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:18+11:00",
+ "artifact_scan_time": "2021-02-26T18:18:51+11:00",
+ "issue_id": "XRAY-133725",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "MITIGATION: To mitigate this flaw, developers should not allow untrusted regular expressions to be compiled by the Perl regular expression compiler.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-10878"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10543",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:P",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 8.2,
+ "summary": "CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:perl-Errno:0:1.28-417.el8_3",
+ "impacted_artifact": "rpm://8:perl-Errno:0:1.28-417.el8_3",
+ "impact_path": [
+ "rpm://8:perl-Errno:0:1.28-417.el8_3"
+ ],
+ "path": "ubi8-baseos-remote/Packages/p/perl-Errno-1.28-417.el8_3.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:18+11:00",
+ "artifact_scan_time": "2021-02-26T18:18:51+11:00",
+ "issue_id": "XRAY-133713",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "MITIGATION: To mitigate this flaw, developers should not allow untrusted regular expressions to be compiled by the Perl regular expression compiler.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-10543"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10878",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:perl-Errno:0:1.28-417.el8_3",
+ "impacted_artifact": "rpm://8:perl-Errno:0:1.28-417.el8_3",
+ "impact_path": [
+ "rpm://8:perl-Errno:0:1.28-417.el8_3"
+ ],
+ "path": "ubi8-baseos-remote/Packages/p/perl-Errno-1.28-417.el8_3.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:18+11:00",
+ "artifact_scan_time": "2021-02-26T18:18:51+11:00",
+ "issue_id": "XRAY-133725",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "MITIGATION: To mitigate this flaw, developers should not allow untrusted regular expressions to be compiled by the Perl regular expression compiler.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-10878"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-25648",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "CVE-2020-25648 nss: TLS 1.3 CCS flood remote DoS Attack (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss-softokn-freebl:0:3.53.1-17.el8_3",
+ "impacted_artifact": "rpm://8:nss-softokn-freebl:0:3.53.1-17.el8_3",
+ "impact_path": [
+ "rpm://8:nss-softokn-freebl:0:3.53.1-17.el8_3"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-softokn-freebl-3.53.1-17.el8_3.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:27+11:00",
+ "artifact_scan_time": "2021-02-26T18:18:52+11:00",
+ "issue_id": "XRAY-133983",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. STATEMENT: This flaw only affects servers that are compiled with the NSS library and when the TLS 1.3 protocol is used.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-25648"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12399",
+ "cvss_v2_score": 1.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:H/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 1.2,
+ "cvss3_max_score": 4.4,
+ "summary": "CVE-2020-12399 nss: Timing attack on DSA signature generation (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss-softokn-freebl:0:3.53.1-17.el8_3",
+ "impacted_artifact": "rpm://8:nss-softokn-freebl:0:3.53.1-17.el8_3",
+ "impact_path": [
+ "rpm://8:nss-softokn-freebl:0:3.53.1-17.el8_3"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-softokn-freebl-3.53.1-17.el8_3.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:19+11:00",
+ "artifact_scan_time": "2021-02-26T18:18:52+11:00",
+ "issue_id": "XRAY-133788",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in the DSA signature generation function in nss. During the process of generating a DSA signature, the nonce value 'k' is not padded, exposing the bit length. Combined with other techniques, this can result in the recovery of the DSA private key. The highest threat from this vulnerability is to data confidentiality. STATEMENT: A timing attack was found in the way NSS generated DSA signatures. A man-in-the-middle attacker could use this attack during DSA signature generation to recover the private key. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible.Firefox and Thunderbird on Red Hat Enterprise Linux are built against the system nss library. MITIGATION: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-12399"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12401",
+ "cvss_v2_score": 1.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 1.9,
+ "cvss3_max_score": 4.4,
+ "summary": "CVE-2020-12401 nss: ECDSA timing attack mitigation bypass (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss-softokn-freebl:0:3.53.1-17.el8_3",
+ "impacted_artifact": "rpm://8:nss-softokn-freebl:0:3.53.1-17.el8_3",
+ "impact_path": [
+ "rpm://8:nss-softokn-freebl:0:3.53.1-17.el8_3"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-softokn-freebl-3.53.1-17.el8_3.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:20+11:00",
+ "artifact_scan_time": "2021-02-26T18:18:52+11:00",
+ "issue_id": "XRAY-133790",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in nss. Using the EM side-channel, it is possible to extract the position of zero and non-zero wNAF digits while nss-certutil tool performs scalar multiplication during the ECDSA signature generation, leaking partial information about the ECDSA nonce. Given a small number of ECDSA signatures, this information can be used to steal the private key. The highest threat from this vulnerability is to data confidentiality. STATEMENT: This is a side channel attack which can used to exact pirate keys when ECDSA signatures are being generated. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible. MITIGATION: This is a side channel attack which can used to exact pirate keys when ECDSA signatures are being generated. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-12401"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12399",
+ "cvss_v2_score": 1.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:H/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 1.2,
+ "cvss3_max_score": 4.4,
+ "summary": "CVE-2020-12399 nss: Timing attack on DSA signature generation (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss:0:3.53.1-17.el8_3",
+ "impacted_artifact": "rpm://8:nss:0:3.53.1-17.el8_3",
+ "impact_path": [
+ "rpm://8:nss:0:3.53.1-17.el8_3"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-3.53.1-17.el8_3.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:19+11:00",
+ "artifact_scan_time": "2021-02-26T18:18:52+11:00",
+ "issue_id": "XRAY-133788",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in the DSA signature generation function in nss. During the process of generating a DSA signature, the nonce value 'k' is not padded, exposing the bit length. Combined with other techniques, this can result in the recovery of the DSA private key. The highest threat from this vulnerability is to data confidentiality. STATEMENT: A timing attack was found in the way NSS generated DSA signatures. A man-in-the-middle attacker could use this attack during DSA signature generation to recover the private key. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible.Firefox and Thunderbird on Red Hat Enterprise Linux are built against the system nss library. MITIGATION: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-12399"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12401",
+ "cvss_v2_score": 1.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 1.9,
+ "cvss3_max_score": 4.4,
+ "summary": "CVE-2020-12401 nss: ECDSA timing attack mitigation bypass (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss:0:3.53.1-17.el8_3",
+ "impacted_artifact": "rpm://8:nss:0:3.53.1-17.el8_3",
+ "impact_path": [
+ "rpm://8:nss:0:3.53.1-17.el8_3"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-3.53.1-17.el8_3.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:20+11:00",
+ "artifact_scan_time": "2021-02-26T18:18:52+11:00",
+ "issue_id": "XRAY-133790",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in nss. Using the EM side-channel, it is possible to extract the position of zero and non-zero wNAF digits while nss-certutil tool performs scalar multiplication during the ECDSA signature generation, leaking partial information about the ECDSA nonce. Given a small number of ECDSA signatures, this information can be used to steal the private key. The highest threat from this vulnerability is to data confidentiality. STATEMENT: This is a side channel attack which can used to exact pirate keys when ECDSA signatures are being generated. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible. MITIGATION: This is a side channel attack which can used to exact pirate keys when ECDSA signatures are being generated. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-12401"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-25648",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "CVE-2020-25648 nss: TLS 1.3 CCS flood remote DoS Attack (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss:0:3.53.1-17.el8_3",
+ "impacted_artifact": "rpm://8:nss:0:3.53.1-17.el8_3",
+ "impact_path": [
+ "rpm://8:nss:0:3.53.1-17.el8_3"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-3.53.1-17.el8_3.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:27+11:00",
+ "artifact_scan_time": "2021-02-26T18:18:52+11:00",
+ "issue_id": "XRAY-133983",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. STATEMENT: This flaw only affects servers that are compiled with the NSS library and when the TLS 1.3 protocol is used.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-25648"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10543",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:P",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 8.2,
+ "summary": "CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:perl-interpreter:4:5.26.3-417.el8_3",
+ "impacted_artifact": "rpm://8:perl-interpreter:4:5.26.3-417.el8_3",
+ "impact_path": [
+ "rpm://8:perl-interpreter:4:5.26.3-417.el8_3"
+ ],
+ "path": "ubi8-baseos-remote/Packages/p/perl-interpreter-5.26.3-417.el8_3.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:18+11:00",
+ "artifact_scan_time": "2021-02-26T18:18:59+11:00",
+ "issue_id": "XRAY-133713",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "MITIGATION: To mitigate this flaw, developers should not allow untrusted regular expressions to be compiled by the Perl regular expression compiler.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-10543"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10878",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:perl-interpreter:4:5.26.3-417.el8_3",
+ "impacted_artifact": "rpm://8:perl-interpreter:4:5.26.3-417.el8_3",
+ "impact_path": [
+ "rpm://8:perl-interpreter:4:5.26.3-417.el8_3"
+ ],
+ "path": "ubi8-baseos-remote/Packages/p/perl-interpreter-5.26.3-417.el8_3.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:18+11:00",
+ "artifact_scan_time": "2021-02-26T18:18:59+11:00",
+ "issue_id": "XRAY-133725",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "MITIGATION: To mitigate this flaw, developers should not allow untrusted regular expressions to be compiled by the Perl regular expression compiler.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-10878"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-35492",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 7.8,
+ "summary": "CVE-2020-35492 cairo: libreoffice slideshow aborts with stack smashing in cairo's composite_boxes (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:cairo-gobject:0:1.15.12-3.el8",
+ "impacted_artifact": "rpm://8:cairo-gobject:0:1.15.12-3.el8",
+ "impact_path": [
+ "rpm://8:cairo-gobject:0:1.15.12-3.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/c/cairo-gobject-1.15.12-3.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-29T07:28:59+11:00",
+ "artifact_scan_time": "2021-01-27T20:38:38+11:00",
+ "issue_id": "XRAY-137488",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in cairo's image-compositor.c. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor (for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untrusted input) to cause a stack buffer overflow -\u003e out-of-bounds WRITE. The highest impact from this vulnerability is to confidentiality, integrity, as well as system availability. STATEMENT: Libreoffice as shipped in Red Hat Enterprise Linux 6, 7, and 8 is not affected by this flaw as it was introduced in a newer version. Also note that while the flaw was originally discovered via Libreoffice, the root cause is in the cairo graphics library. This flaw has an adjusted CVSS score for cairo as shipped with Red Hat Enterprise Linux 8 because cairo is built with binary protections which limit the impact. MITIGATION: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-35492"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18064",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 6.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 6.3,
+ "summary": "CVE-2018-18064 cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:cairo-gobject:0:1.15.12-3.el8",
+ "impacted_artifact": "rpm://8:cairo-gobject:0:1.15.12-3.el8",
+ "impact_path": [
+ "rpm://8:cairo-gobject:0:1.15.12-3.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/c/cairo-gobject-1.15.12-3.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:01+11:00",
+ "artifact_scan_time": "2021-01-27T20:38:38+11:00",
+ "issue_id": "XRAY-132892",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "MITIGATION: Attackers can use specially-crafted files to trigger this stack-buffer overflow in cairo. Applications compiled with cairo, which do not parse untrusted 2D image files are not vulnerable to this flaw. cairo package in Red Hat Enterprise Linux 7 and 8 is compiled with gcc's Stack Smashing Protection, which may reduce the impact of this flaw to crash only.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2018-18064"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-35492",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 7.8,
+ "summary": "CVE-2020-35492 cairo: libreoffice slideshow aborts with stack smashing in cairo's composite_boxes (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:cairo:0:1.15.12-3.el8",
+ "impacted_artifact": "rpm://8:cairo:0:1.15.12-3.el8",
+ "impact_path": [
+ "rpm://8:cairo:0:1.15.12-3.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/c/cairo-1.15.12-3.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-29T07:28:59+11:00",
+ "artifact_scan_time": "2021-01-27T20:38:39+11:00",
+ "issue_id": "XRAY-137488",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in cairo's image-compositor.c. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor (for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untrusted input) to cause a stack buffer overflow -\u003e out-of-bounds WRITE. The highest impact from this vulnerability is to confidentiality, integrity, as well as system availability. STATEMENT: Libreoffice as shipped in Red Hat Enterprise Linux 6, 7, and 8 is not affected by this flaw as it was introduced in a newer version. Also note that while the flaw was originally discovered via Libreoffice, the root cause is in the cairo graphics library. This flaw has an adjusted CVSS score for cairo as shipped with Red Hat Enterprise Linux 8 because cairo is built with binary protections which limit the impact. MITIGATION: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-35492"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-18064",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 6.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 6.3,
+ "summary": "CVE-2018-18064 cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:cairo:0:1.15.12-3.el8",
+ "impacted_artifact": "rpm://8:cairo:0:1.15.12-3.el8",
+ "impact_path": [
+ "rpm://8:cairo:0:1.15.12-3.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/c/cairo-1.15.12-3.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:01+11:00",
+ "artifact_scan_time": "2021-01-27T20:38:39+11:00",
+ "issue_id": "XRAY-132892",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "MITIGATION: Attackers can use specially-crafted files to trigger this stack-buffer overflow in cairo. Applications compiled with cairo, which do not parse untrusted 2D image files are not vulnerable to this flaw. cairo package in Red Hat Enterprise Linux 7 and 8 is compiled with gcc's Stack Smashing Protection, which may reduce the impact of this flaw to crash only.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2018-18064"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-25648",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "CVE-2020-25648 nss: TLS 1.3 CCS flood remote DoS Attack (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss-sysinit:0:3.53.1-11.el8_2",
+ "impacted_artifact": "rpm://8:nss-sysinit:0:3.53.1-11.el8_2",
+ "impact_path": [
+ "rpm://8:nss-sysinit:0:3.53.1-11.el8_2"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-sysinit-3.53.1-11.el8_2.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:27+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:38+11:00",
+ "issue_id": "XRAY-133983",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. STATEMENT: This flaw only affects servers that are compiled with the NSS library and when the TLS 1.3 protocol is used.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-25648"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-6829",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2020-12403",
+ "cvss_v3_score": 6.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:H"
+ },
+ {
+ "cve": "CVE-2020-12400",
+ "cvss_v2_score": 1.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:H/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 1.2,
+ "cvss3_max_score": 6.8,
+ "summary": "RHSA-2021:0538: nss security and bug fix update (Moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss-sysinit:0:3.53.1-11.el8_2",
+ "impacted_artifact": "rpm://8:nss-sysinit:0:3.53.1-11.el8_2",
+ "impact_path": [
+ "rpm://8:nss-sysinit:0:3.53.1-11.el8_2"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-sysinit-3.53.1-11.el8_2.x86_64.rpm",
+ "fixed_versions": [
+ "≥ 0:3.53.1-17.el8_3"
+ ],
+ "published": "2021-02-24T05:43:48+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:38+11:00",
+ "issue_id": "XRAY-141151",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.Security Fix(es):* nss: Side channel attack on ECDSA signature generation (CVE-2020-6829)* nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function (CVE-2020-12400)* nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read (CVE-2020-12403)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Bug Fix(es):* Support key wrap/unwrap with RSA-OAEP (BZ#1896431)* 1536bit group from RFC3526 is allowed in FIPS mode when in policy DH-MIN is set to be lower than 1536 (BZ#1896432)* when NSS_SDB_USE_CACHE not set, after curl access https, dentry increase but never released - consider alternative algorithm for benchmarking ACCESS call in sdb_measureAccess [rhel-8] (BZ#1896933)* Policy should allow overriding library defaults (BZ#1898702)* KDF-self-tests-induced changes for nss in RHEL 8.4 (BZ#1898953)* nss: non-blocksize requests to IKEv1 KDF returns bogus output (BZ#1904408)",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-6829",
+ "https://access.redhat.com/security/cve/CVE-2020-12403",
+ "https://access.redhat.com/security/cve/CVE-2020-12400",
+ "https://access.redhat.com/errata/RHSA-2021:0538"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12399",
+ "cvss_v2_score": 1.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:H/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 1.2,
+ "cvss3_max_score": 4.4,
+ "summary": "CVE-2020-12399 nss: Timing attack on DSA signature generation (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss-sysinit:0:3.53.1-11.el8_2",
+ "impacted_artifact": "rpm://8:nss-sysinit:0:3.53.1-11.el8_2",
+ "impact_path": [
+ "rpm://8:nss-sysinit:0:3.53.1-11.el8_2"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-sysinit-3.53.1-11.el8_2.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:19+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:38+11:00",
+ "issue_id": "XRAY-133788",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in the DSA signature generation function in nss. During the process of generating a DSA signature, the nonce value 'k' is not padded, exposing the bit length. Combined with other techniques, this can result in the recovery of the DSA private key. The highest threat from this vulnerability is to data confidentiality. STATEMENT: A timing attack was found in the way NSS generated DSA signatures. A man-in-the-middle attacker could use this attack during DSA signature generation to recover the private key. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible.Firefox and Thunderbird on Red Hat Enterprise Linux are built against the system nss library. MITIGATION: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-12399"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12401",
+ "cvss_v2_score": 1.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 1.9,
+ "cvss3_max_score": 4.4,
+ "summary": "CVE-2020-12401 nss: ECDSA timing attack mitigation bypass (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss-sysinit:0:3.53.1-11.el8_2",
+ "impacted_artifact": "rpm://8:nss-sysinit:0:3.53.1-11.el8_2",
+ "impact_path": [
+ "rpm://8:nss-sysinit:0:3.53.1-11.el8_2"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-sysinit-3.53.1-11.el8_2.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:20+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:38+11:00",
+ "issue_id": "XRAY-133790",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in nss. Using the EM side-channel, it is possible to extract the position of zero and non-zero wNAF digits while nss-certutil tool performs scalar multiplication during the ECDSA signature generation, leaking partial information about the ECDSA nonce. Given a small number of ECDSA signatures, this information can be used to steal the private key. The highest threat from this vulnerability is to data confidentiality. STATEMENT: This is a side channel attack which can used to exact pirate keys when ECDSA signatures are being generated. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible. MITIGATION: This is a side channel attack which can used to exact pirate keys when ECDSA signatures are being generated. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-12401"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-31879",
+ "cvss_v2_score": 5.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 5.8,
+ "cvss3_max_score": 6.5,
+ "summary": "CVE-2021-31879 wget: authorization header disclosure on redirect",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:wget:0:1.19.5-10.el8",
+ "impacted_artifact": "rpm://8:wget:0:1.19.5-10.el8",
+ "impact_path": [
+ "rpm://8:wget:0:1.19.5-10.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/w/wget-1.19.5-10.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2021-05-19T18:55:30+10:00",
+ "artifact_scan_time": "2021-01-27T20:39:42+11:00",
+ "issue_id": "XRAY-175959",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007.",
+ "references": [],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27918",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15.8",
+ "impacted_artifact": "docker://fluxcd/source-controller:sha256__c6515fdb67e7b14a6af2705c7f66026799377b29c2ad7f5dad0ed4724c25ed3b",
+ "impact_path": [
+ "docker://fluxcd/source-controller:sha256__c6515fdb67e7b14a6af2705c7f66026799377b29c2ad7f5dad0ed4724c25ed3b",
+ "generic://sha256:defd14fcc050085fab8caef5fe1946a604a5121534b549adb08a7204f7737543/sha256__defd14fcc050085fab8caef5fe1946a604a5121534b549adb08a7204f7737543.tar.gz",
+ "generic://sha256:bf20fbac01a1b5a8c50d98433214681dcebfb6cf8704f752ea52a44469aaba5c/source-controller",
+ "go://github.com/golang/go:1.15.8"
+ ],
+ "path": "dockerhub-remote/fluxcd/source-controller/sha256__c6515fdb67e7b14a6af2705c7f66026799377b29c2ad7f5dad0ed4724c25ed3b/",
+ "fixed_versions": [
+ "1.16.1",
+ "1.15.9"
+ ],
+ "published": "2021-03-15T00:32:21+11:00",
+ "artifact_scan_time": "2021-02-18T15:08:53+11:00",
+ "issue_id": "XRAY-145876",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10543",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:P",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 8.2,
+ "summary": "CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:perl-IO:0:1.38-417.el8_3",
+ "impacted_artifact": "rpm://8:perl-IO:0:1.38-417.el8_3",
+ "impact_path": [
+ "rpm://8:perl-IO:0:1.38-417.el8_3"
+ ],
+ "path": "ubi8-baseos-remote/Packages/p/perl-IO-1.38-417.el8_3.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:18+11:00",
+ "artifact_scan_time": "2021-02-26T18:18:51+11:00",
+ "issue_id": "XRAY-133713",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "MITIGATION: To mitigate this flaw, developers should not allow untrusted regular expressions to be compiled by the Perl regular expression compiler.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-10543"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10878",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:perl-IO:0:1.38-417.el8_3",
+ "impacted_artifact": "rpm://8:perl-IO:0:1.38-417.el8_3",
+ "impact_path": [
+ "rpm://8:perl-IO:0:1.38-417.el8_3"
+ ],
+ "path": "ubi8-baseos-remote/Packages/p/perl-IO-1.38-417.el8_3.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:18+11:00",
+ "artifact_scan_time": "2021-02-26T18:18:51+11:00",
+ "issue_id": "XRAY-133725",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "MITIGATION: To mitigate this flaw, developers should not allow untrusted regular expressions to be compiled by the Perl regular expression compiler.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-10878"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12399",
+ "cvss_v2_score": 1.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:H/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 1.2,
+ "cvss3_max_score": 4.4,
+ "summary": "CVE-2020-12399 nss: Timing attack on DSA signature generation (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss-softokn:0:3.53.1-17.el8_3",
+ "impacted_artifact": "rpm://8:nss-softokn:0:3.53.1-17.el8_3",
+ "impact_path": [
+ "rpm://8:nss-softokn:0:3.53.1-17.el8_3"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-softokn-3.53.1-17.el8_3.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:19+11:00",
+ "artifact_scan_time": "2021-02-26T18:18:52+11:00",
+ "issue_id": "XRAY-133788",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in the DSA signature generation function in nss. During the process of generating a DSA signature, the nonce value 'k' is not padded, exposing the bit length. Combined with other techniques, this can result in the recovery of the DSA private key. The highest threat from this vulnerability is to data confidentiality. STATEMENT: A timing attack was found in the way NSS generated DSA signatures. A man-in-the-middle attacker could use this attack during DSA signature generation to recover the private key. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible.Firefox and Thunderbird on Red Hat Enterprise Linux are built against the system nss library. MITIGATION: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-12399"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12401",
+ "cvss_v2_score": 1.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 1.9,
+ "cvss3_max_score": 4.4,
+ "summary": "CVE-2020-12401 nss: ECDSA timing attack mitigation bypass (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss-softokn:0:3.53.1-17.el8_3",
+ "impacted_artifact": "rpm://8:nss-softokn:0:3.53.1-17.el8_3",
+ "impact_path": [
+ "rpm://8:nss-softokn:0:3.53.1-17.el8_3"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-softokn-3.53.1-17.el8_3.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:20+11:00",
+ "artifact_scan_time": "2021-02-26T18:18:52+11:00",
+ "issue_id": "XRAY-133790",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in nss. Using the EM side-channel, it is possible to extract the position of zero and non-zero wNAF digits while nss-certutil tool performs scalar multiplication during the ECDSA signature generation, leaking partial information about the ECDSA nonce. Given a small number of ECDSA signatures, this information can be used to steal the private key. The highest threat from this vulnerability is to data confidentiality. STATEMENT: This is a side channel attack which can used to exact pirate keys when ECDSA signatures are being generated. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible. MITIGATION: This is a side channel attack which can used to exact pirate keys when ECDSA signatures are being generated. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-12401"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-25648",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "CVE-2020-25648 nss: TLS 1.3 CCS flood remote DoS Attack (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss-softokn:0:3.53.1-17.el8_3",
+ "impacted_artifact": "rpm://8:nss-softokn:0:3.53.1-17.el8_3",
+ "impact_path": [
+ "rpm://8:nss-softokn:0:3.53.1-17.el8_3"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-softokn-3.53.1-17.el8_3.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:27+11:00",
+ "artifact_scan_time": "2021-02-26T18:18:52+11:00",
+ "issue_id": "XRAY-133983",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. STATEMENT: This flaw only affects servers that are compiled with the NSS library and when the TLS 1.3 protocol is used.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-25648"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10543",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:P",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 8.2,
+ "summary": "CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:perl-libs:4:5.26.3-417.el8_3",
+ "impacted_artifact": "rpm://8:perl-libs:4:5.26.3-417.el8_3",
+ "impact_path": [
+ "rpm://8:perl-libs:4:5.26.3-417.el8_3"
+ ],
+ "path": "ubi8-baseos-remote/Packages/p/perl-libs-5.26.3-417.el8_3.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:18+11:00",
+ "artifact_scan_time": "2021-02-26T18:18:53+11:00",
+ "issue_id": "XRAY-133713",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "MITIGATION: To mitigate this flaw, developers should not allow untrusted regular expressions to be compiled by the Perl regular expression compiler.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-10543"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10878",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:perl-libs:4:5.26.3-417.el8_3",
+ "impacted_artifact": "rpm://8:perl-libs:4:5.26.3-417.el8_3",
+ "impact_path": [
+ "rpm://8:perl-libs:4:5.26.3-417.el8_3"
+ ],
+ "path": "ubi8-baseos-remote/Packages/p/perl-libs-5.26.3-417.el8_3.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:18+11:00",
+ "artifact_scan_time": "2021-02-26T18:18:53+11:00",
+ "issue_id": "XRAY-133725",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "MITIGATION: To mitigate this flaw, developers should not allow untrusted regular expressions to be compiled by the Perl regular expression compiler.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-10878"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "summary": "Apache Maven org.apache.maven.shared.utils.Expand Expand.java extractFile() Function Traversal Remote File Write",
+ "severity": "Medium",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0.8",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:3.0.8",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:3.0.8"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/3.0.8/plexus-utils-3.0.8.jar",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-05-03T00:45:39+10:00",
+ "artifact_scan_time": "2021-03-09T08:42:52+11:00",
+ "issue_id": "XRAY-81282",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Maven contains a flaw in org.apache.maven.shared.utils.Expand that allows traversing outside of a restricted path. The issue is due to the extractFile() function in Expand.java not properly sanitizing user input, specifically path traversal style attacks (e.g. '../'). With a specially crafted request, a remote attacker can write arbitrary files.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/commit/33a2853df8185b4519b1b8bfae284f03392618ef",
+ "https://github.com/codehaus-plexus/plexus-utils/issues/4",
+ "http://svn.apache.org/viewvc?view=revision\u0026revision=1749800",
+ "https://issues.apache.org/jira/browse/MSHARED-563"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-11771",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.5,
+ "summary": "When reading a specially crafted ZIP archive, the read method of Apache Commons Compress 1.7 to 1.17's ZipArchiveInputStream can fail to return the correct EOF indication after the end of the stream has been reached. When combined with a java.io.InputStreamReader this can lead to an infinite stream, which can be used to mount a denial of service attack against services that use Compress' zip package.",
+ "severity": "Medium",
+ "vulnerable_component": "gav://org.apache.commons:commons-compress:1.9",
+ "impacted_artifact": "gav://org.apache.commons:commons-compress:1.9",
+ "impact_path": [
+ "gav://org.apache.commons:commons-compress:1.9"
+ ],
+ "path": "mavencentral-remote/org/apache/commons/commons-compress/1.9/commons-compress-1.9.jar",
+ "fixed_versions": [
+ "1.18"
+ ],
+ "published": "2018-08-19T18:24:21+10:00",
+ "artifact_scan_time": "2021-03-09T08:43:53+11:00",
+ "issue_id": "XRAY-70149",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "When reading a specially crafted ZIP archive, the read method of Apache Commons Compress 1.7 to 1.17's ZipArchiveInputStream can fail to return the correct EOF indication after the end of the stream has been reached. When combined with a java.io.InputStreamReader this can lead to an infinite stream, which can be used to mount a denial of service attack against services that use Compress' zip package.",
+ "references": [
+ "https://lists.apache.org/thread.html/b8da751fc0ca949534cdf2744111da6bb0349d2798fac94b0a50f330@%3Cannounce.apache.org%3E",
+ "http://www.securitytracker.com/id/1041503",
+ "http://www.securityfocus.com/bid/105139"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-10237",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable.",
+ "severity": "Medium",
+ "vulnerable_component": "gav://com.google.guava:guava:14.0.1",
+ "impacted_artifact": "gav://com.google.guava:guava:14.0.1",
+ "impact_path": [
+ "gav://com.google.guava:guava:14.0.1"
+ ],
+ "path": "mavencentral-remote/com/google/guava/guava/14.0.1/guava-14.0.1.jar",
+ "fixed_versions": [
+ "25.0-jre"
+ ],
+ "published": "2018-07-04T20:12:14+10:00",
+ "artifact_scan_time": "2021-03-09T08:44:51+11:00",
+ "issue_id": "XRAY-69264",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable.",
+ "references": [
+ "https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "summary": "Apache Commons IO FileNameUtils.normalize Path Traversal Remote File Disclosure Weakness",
+ "severity": "Medium",
+ "vulnerable_component": "gav://commons-io:commons-io:2.2",
+ "impacted_artifact": "gav://commons-io:commons-io:2.2",
+ "impact_path": [
+ "gav://commons-io:commons-io:2.2"
+ ],
+ "path": "mavencentral-remote/commons-io/commons-io/2.2/commons-io-2.2.jar",
+ "fixed_versions": [
+ "2.7"
+ ],
+ "published": "2019-03-14T03:28:51+11:00",
+ "artifact_scan_time": "2021-03-09T08:44:52+11:00",
+ "issue_id": "XRAY-78200",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons IO contains a flaw that allows traversing outside of a restricted path. The issue is due to FileNameUtils.normalize not properly sanitizing user input, specifically path traversal style attacks (e.g. '../'). With a specially crafted request, a remote attacker can disclose arbitrary files.",
+ "references": [
+ "https://issues.apache.org/jira/browse/IO-556"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "summary": "Apache Commons Codec Unspecified Non-private Field Manipulation Weakness",
+ "severity": "Medium",
+ "vulnerable_component": "gav://commons-codec:commons-codec:1.3",
+ "impacted_artifact": "gav://commons-codec:commons-codec:1.3",
+ "impact_path": [
+ "gav://commons-codec:commons-codec:1.3"
+ ],
+ "path": "mavencentral-remote/commons-codec/commons-codec/1.3/commons-codec-1.3.jar",
+ "fixed_versions": [
+ "1.4"
+ ],
+ "published": "2019-09-04T01:31:03+10:00",
+ "artifact_scan_time": "2021-03-09T08:46:52+11:00",
+ "issue_id": "XRAY-87376",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons contains an unspecified flaw in the codec that may allow a remote attacker to more easily change non-private fields. No further details are available.",
+ "references": [
+ "http://commons.apache.org/",
+ "https://issues.apache.org/jira/browse/CODEC-70"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2009-4610",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "summary": "Multiple cross-site scripting (XSS) vulnerabilities in Mort Bay Jetty 6.x and 7.0.0 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to jsp/dump.jsp in the JSP Dump feature, or the (2) Name or (3) Value parameter to the default URI for the Session Dump Servlet under session/.",
+ "severity": "Medium",
+ "vulnerable_component": "gav://org.mortbay.jetty:jetty:6.1.25",
+ "impacted_artifact": "gav://org.mortbay.jetty:jetty:6.1.25",
+ "impact_path": [
+ "gav://org.mortbay.jetty:jetty:6.1.25"
+ ],
+ "path": "mavencentral-remote/org/mortbay/jetty/jetty/6.1.25/jetty-6.1.25.jar",
+ "fixed_versions": [],
+ "published": "2017-07-05T21:31:06+10:00",
+ "artifact_scan_time": "2021-03-09T08:46:52+11:00",
+ "issue_id": "XRAY-55463",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Multiple cross-site scripting (XSS) vulnerabilities in Mort Bay Jetty 6.x and 7.0.0 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to jsp/dump.jsp in the JSP Dump feature, or the (2) Name or (3) Value parameter to the default URI for the Session Dump Servlet under session/.",
+ "references": [
+ "http://www.ush.it/team/ush/hack-jetty6x7x/jetty-adv.txt"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2011-4461",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 5.3,
+ "summary": "Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.",
+ "severity": "Medium",
+ "vulnerable_component": "gav://org.mortbay.jetty:jetty:6.1.25",
+ "impacted_artifact": "gav://org.mortbay.jetty:jetty:6.1.25",
+ "impact_path": [
+ "gav://org.mortbay.jetty:jetty:6.1.25"
+ ],
+ "path": "mavencentral-remote/org/mortbay/jetty/jetty/6.1.25/jetty-6.1.25.jar",
+ "fixed_versions": [],
+ "published": "2017-12-25T20:35:04+11:00",
+ "artifact_scan_time": "2021-03-09T08:46:52+11:00",
+ "issue_id": "XRAY-60299",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.",
+ "references": [
+ "http://xforce.iss.net/xforce/xfdb/72017",
+ "http://www.ubuntu.com/usn/USN-1429-1",
+ "http://www.securitytracker.com/id?1026475",
+ "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
+ "http://www.ocert.org/advisories/ocert-2011-003.html",
+ "http://www.nruns.com/_downloads/advisory28122011.pdf",
+ "http://www.kb.cert.org/vuls/id/903934",
+ "http://secunia.com/advisories/48981",
+ "http://secunia.com/advisories/47408",
+ "http://marc.info/?l=bugtraq\u0026m=143387688830075\u0026w=2",
+ "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2011-4461",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 5.3,
+ "summary": "Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.",
+ "severity": "Medium",
+ "vulnerable_component": "gav://org.mortbay.jetty:jetty-util:6.1.25",
+ "impacted_artifact": "gav://org.mortbay.jetty:jetty-util:6.1.25",
+ "impact_path": [
+ "gav://org.mortbay.jetty:jetty-util:6.1.25"
+ ],
+ "path": "mavencentral-remote/org/mortbay/jetty/jetty-util/6.1.25/jetty-util-6.1.25.jar",
+ "fixed_versions": [],
+ "published": "2017-12-25T20:35:04+11:00",
+ "artifact_scan_time": "2021-03-09T08:46:52+11:00",
+ "issue_id": "XRAY-60299",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.",
+ "references": [
+ "http://xforce.iss.net/xforce/xfdb/72017",
+ "http://www.ubuntu.com/usn/USN-1429-1",
+ "http://www.securitytracker.com/id?1026475",
+ "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
+ "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
+ "http://www.ocert.org/advisories/ocert-2011-003.html",
+ "http://www.nruns.com/_downloads/advisory28122011.pdf",
+ "http://www.kb.cert.org/vuls/id/903934",
+ "http://secunia.com/advisories/48981",
+ "http://secunia.com/advisories/47408",
+ "http://marc.info/?l=bugtraq\u0026m=143387688830075\u0026w=2",
+ "http://archives.neohapsis.com/archives/bugtraq/2011-12/0181.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-20225",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 7.8,
+ "summary": "An issue was discovered in pip (all versions) because it installs the version with the highest version number, even if the user had intended to obtain a private package from a private index. This only affects use of the --extra-index-url option, and exploitation requires that the package does not already exist in the public index (and thus the attacker can put the package there with an arbitrary version number).",
+ "severity": "Medium",
+ "vulnerable_component": "pypi://pip:20.1.1",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "generic://sha256:3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e/sha256__3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e.tar.gz",
+ "pypi://pip:20.1.1"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a/",
+ "fixed_versions": [
+ "20.3"
+ ],
+ "published": "2020-05-11T22:08:54+10:00",
+ "artifact_scan_time": "2021-03-11T10:22:54+11:00",
+ "issue_id": "XRAY-97724",
+ "package_type": "pypi",
+ "provider": "JFrog",
+ "description": "An issue was discovered in pip (all versions) because it installs the version with the highest version number, even if the user had intended to obtain a private package from a private index. This only affects use of the --extra-index-url option, and exploitation requires that the package does not already exist in the public index (and thus the attacker can put the package there with an arbitrary version number).",
+ "references": [
+ "https://pip.pypa.io/en/stable/news/",
+ "https://cowlicks.website/posts/arbitrary-code-execution-from-pips-extra-index-url.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-25658",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.",
+ "severity": "Medium",
+ "vulnerable_component": "pypi://rsa:4.6",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "generic://sha256:8a6f612c0b4b4649e0b21f4c0e712fedb3fc29592cb50a5946a7948591e80534/sha256__8a6f612c0b4b4649e0b21f4c0e712fedb3fc29592cb50a5946a7948591e80534.tar.gz",
+ "pypi://rsa:4.6"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a/",
+ "fixed_versions": [],
+ "published": "2020-11-17T00:55:03+11:00",
+ "artifact_scan_time": "2021-03-11T10:22:54+11:00",
+ "issue_id": "XRAY-128345",
+ "package_type": "pypi",
+ "provider": "JFrog",
+ "description": "It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.",
+ "references": [
+ "https://github.com/sybrenstuvel/python-rsa/issues/165",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-25658"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-13871",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.",
+ "severity": "Medium",
+ "vulnerable_component": "alpine://3.12:sqlite-libs:3.32.1-r0",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "generic://sha256:3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e/sha256__3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e.tar.gz",
+ "alpine://3.12:sqlite-libs:3.32.1-r0"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a/",
+ "fixed_versions": [],
+ "published": "2020-06-10T02:57:30+10:00",
+ "artifact_scan_time": "2021-03-11T10:22:54+11:00",
+ "issue_id": "XRAY-100301",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.",
+ "references": [
+ "https://www.sqlite.org/src/info/cd708fa84d2aaaea",
+ "https://www.sqlite.org/src/info/c8d3b9f0a750a529",
+ "https://www.sqlite.org/src/info/79eff1d0383179c4",
+ "https://security.netapp.com/advisory/ntap-20200619-0002/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 5.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.4,
+ "cvss3_max_score": 5.3,
+ "summary": "GNU dbm (GDBM) Database Recovery Resource Exhaustion DoS Weakness",
+ "severity": "Medium",
+ "vulnerable_component": "alpine://3.12:gdbm:1.13-r1",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "generic://sha256:3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e/sha256__3d0ed0f04a02ff81f417ae2373d7aeb0baa3a3b7d958b9c8c673df2f81ede83e.tar.gz",
+ "alpine://3.12:gdbm:1.13-r1"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a/",
+ "fixed_versions": [],
+ "published": "2021-03-18T19:46:38+11:00",
+ "artifact_scan_time": "2021-03-11T10:22:54+11:00",
+ "issue_id": "XRAY-147183",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU dbm (GDBM) contains a flaw that is triggered when handling recovery operations on a specially crafted database file. This may allow a context-dependent attacker to exhaust available disk storage and potentially cause a denial of service.",
+ "references": [
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=2dc9267a91a98733a18ebb3b8488da8016539f83",
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=3f86431e830f867d14f2ad5a382f59b19acdded2",
+ "https://puszcza.gnu.org.ua/bugs/?502"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-20225",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 7.8,
+ "summary": "An issue was discovered in pip (all versions) because it installs the version with the highest version number, even if the user had intended to obtain a private package from a private index. This only affects use of the --extra-index-url option, and exploitation requires that the package does not already exist in the public index (and thus the attacker can put the package there with an arbitrary version number).",
+ "severity": "Medium",
+ "vulnerable_component": "pypi://pip:20.2.4",
+ "impacted_artifact": "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "impact_path": [
+ "docker://kiwigrid/k8s-sidecar:sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a",
+ "generic://sha256:01a62382ea2b51bf70465e2c7c504fd0153a953e6d063681dd91f4b9c5d5148d/sha256__01a62382ea2b51bf70465e2c7c504fd0153a953e6d063681dd91f4b9c5d5148d.tar.gz",
+ "pypi://pip:20.2.4"
+ ],
+ "path": "dockerhub-remote/kiwigrid/k8s-sidecar/sha256__2110aac25e4ab8c8a1fb5ead821406cb7de5861ab164296b4606f0215ab2275a/",
+ "fixed_versions": [
+ "20.3"
+ ],
+ "published": "2020-05-11T22:08:54+10:00",
+ "artifact_scan_time": "2021-03-11T10:22:54+11:00",
+ "issue_id": "XRAY-97724",
+ "package_type": "pypi",
+ "provider": "JFrog",
+ "description": "An issue was discovered in pip (all versions) because it installs the version with the highest version number, even if the user had intended to obtain a private package from a private index. This only affects use of the --extra-index-url option, and exploitation requires that the package does not already exist in the public index (and thus the attacker can put the package there with an arbitrary version number).",
+ "references": [
+ "https://pip.pypa.io/en/stable/news/",
+ "https://cowlicks.website/posts/arbitrary-code-execution-from-pips-extra-index-url.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-3844",
+ "cvss_v2_score": 4.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.6,
+ "cvss3_max_score": 7.8,
+ "summary": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libudev1:241-7~deb10u6",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced/sha256__6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced.tar.gz",
+ "deb://debian:buster:libudev1:241-7~deb10u6"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2019-04-28T16:25:09+10:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-80972",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3326",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libc6:2.28-10",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced/sha256__6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced.tar.gz",
+ "deb://debian:buster:libc6:2.28-10"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2021-01-28T15:04:20+11:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-138958",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-3843",
+ "cvss_v2_score": 4.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.6,
+ "cvss3_max_score": 7.8,
+ "summary": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libsystemd0:241-7~deb10u6",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced/sha256__6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced.tar.gz",
+ "deb://debian:buster:libsystemd0:241-7~deb10u6"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2019-04-28T16:29:46+10:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-80974",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-1751",
+ "cvss_v2_score": 5.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:C",
+ "cvss_v3_score": 7,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.9,
+ "cvss3_max_score": 7,
+ "summary": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libc-bin:2.28-10",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced/sha256__6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced.tar.gz",
+ "deb://debian:buster:libc-bin:2.28-10"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2020-03-08T15:28:08+11:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-95139",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libhogweed4:3.4.1-1",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced/sha256__6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced.tar.gz",
+ "deb://debian:buster:libhogweed4:3.4.1-1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2021-04-02T15:18:19+11:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-160716",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-16932",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libxml2:2.9.4+dfsg1-7+deb10u1",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:acb3e3b931b83593870ff20d60e732584921ae6148f50af954b4111fce962a1c/sha256__acb3e3b931b83593870ff20d60e732584921ae6148f50af954b4111fce962a1c.tar.gz",
+ "deb://debian:buster:libxml2:2.9.4+dfsg1-7+deb10u1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2017-11-25T18:41:47+11:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-60006",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8284",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 3.7,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 3.7,
+ "summary": "A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libcurl4:7.64.0-4+deb10u1",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:acb3e3b931b83593870ff20d60e732584921ae6148f50af954b4111fce962a1c/sha256__acb3e3b931b83593870ff20d60e732584921ae6148f50af954b4111fce962a1c.tar.gz",
+ "deb://debian:buster:libcurl4:7.64.0-4+deb10u1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2020-12-10T15:25:31+11:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-129755",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8286",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libcurl4:7.64.0-4+deb10u1",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:acb3e3b931b83593870ff20d60e732584921ae6148f50af954b4111fce962a1c/sha256__acb3e3b931b83593870ff20d60e732584921ae6148f50af954b4111fce962a1c.tar.gz",
+ "deb://debian:buster:libcurl4:7.64.0-4+deb10u1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2020-12-10T15:24:45+11:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-129754",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8177",
+ "cvss_v2_score": 4.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.6,
+ "cvss3_max_score": 7.1,
+ "summary": "curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libcurl4:7.64.0-4+deb10u1",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:acb3e3b931b83593870ff20d60e732584921ae6148f50af954b4111fce962a1c/sha256__acb3e3b931b83593870ff20d60e732584921ae6148f50af954b4111fce962a1c.tar.gz",
+ "deb://debian:buster:libcurl4:7.64.0-4+deb10u1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2020-06-25T14:21:41+10:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-102651",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-9318",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.5,
+ "summary": "libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity (XXE) attacks via a crafted document.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libxml2:2.9.4+dfsg1-7+deb10u1",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:acb3e3b931b83593870ff20d60e732584921ae6148f50af954b4111fce962a1c/sha256__acb3e3b931b83593870ff20d60e732584921ae6148f50af954b4111fce962a1c.tar.gz",
+ "deb://debian:buster:libxml2:2.9.4+dfsg1-7+deb10u1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2016-11-28T00:16:23+11:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-33260",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity (XXE) attacks via a crafted document.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libnettle6:3.4.1-1",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced/sha256__6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced.tar.gz",
+ "deb://debian:buster:libnettle6:3.4.1-1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2021-04-02T15:18:19+11:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-160716",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-1751",
+ "cvss_v2_score": 5.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:C",
+ "cvss_v3_score": 7,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.9,
+ "cvss3_max_score": 7,
+ "summary": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libc6:2.28-10",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced/sha256__6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced.tar.gz",
+ "deb://debian:buster:libc6:2.28-10"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2020-03-08T15:28:08+11:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-95139",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-22876",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 5.3,
+ "summary": "curl 7.1.1 to and including 7.75.0 is vulnerable to an \"Exposure of Private Personal Information to an Unauthorized Actor\" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libcurl4:7.64.0-4+deb10u1",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:acb3e3b931b83593870ff20d60e732584921ae6148f50af954b4111fce962a1c/sha256__acb3e3b931b83593870ff20d60e732584921ae6148f50af954b4111fce962a1c.tar.gz",
+ "deb://debian:buster:libcurl4:7.64.0-4+deb10u1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2021-04-01T15:44:27+11:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-160506",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "curl 7.1.1 to and including 7.75.0 is vulnerable to an \"Exposure of Private Personal Information to an Unauthorized Actor\" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-12290",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the inclusion of certain punycoded Unicode characters (that would be discarded when converted first to a Unicode label and then back to an ASCII label), arbitrary domains can be impersonated.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libidn2-0:2.0.5-1+deb10u1",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced/sha256__6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced.tar.gz",
+ "deb://debian:buster:libidn2-0:2.0.5-1+deb10u1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2019-10-24T23:02:30+11:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-90431",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the inclusion of certain punycoded Unicode characters (that would be discarded when converted first to a Unicode label and then back to an ASCII label), arbitrary domains can be impersonated.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8231",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libcurl4:7.64.0-4+deb10u1",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:acb3e3b931b83593870ff20d60e732584921ae6148f50af954b4111fce962a1c/sha256__acb3e3b931b83593870ff20d60e732584921ae6148f50af954b4111fce962a1c.tar.gz",
+ "deb://debian:buster:libcurl4:7.64.0-4+deb10u1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2020-08-22T14:20:36+10:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-119320",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8285",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libcurl4:7.64.0-4+deb10u1",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:acb3e3b931b83593870ff20d60e732584921ae6148f50af954b4111fce962a1c/sha256__acb3e3b931b83593870ff20d60e732584921ae6148f50af954b4111fce962a1c.tar.gz",
+ "deb://debian:buster:libcurl4:7.64.0-4+deb10u1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2020-12-10T15:07:16+11:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-129741",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-12886",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:gcc-8-base:8.3.0-6",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced/sha256__6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced.tar.gz",
+ "deb://debian:buster:gcc-8-base:8.3.0-6"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2019-05-29T06:36:26+10:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-83007",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-12886",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libgcc1:1:8.3.0-6",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced/sha256__6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced.tar.gz",
+ "deb://debian:buster:libgcc1:1:8.3.0-6"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2019-05-29T06:36:26+10:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-83007",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-13115",
+ "cvss_v2_score": 5.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.8,
+ "cvss3_max_score": 8.1,
+ "summary": "In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to an _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libssh2-1:1.8.0-2.1",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:acb3e3b931b83593870ff20d60e732584921ae6148f50af954b4111fce962a1c/sha256__acb3e3b931b83593870ff20d60e732584921ae6148f50af954b4111fce962a1c.tar.gz",
+ "deb://debian:buster:libssh2-1:1.8.0-2.1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2019-07-18T05:38:25+10:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-84935",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to an _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-3844",
+ "cvss_v2_score": 4.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.6,
+ "cvss3_max_score": 7.8,
+ "summary": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libsystemd0:241-7~deb10u6",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced/sha256__6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced.tar.gz",
+ "deb://debian:buster:libsystemd0:241-7~deb10u6"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2019-04-28T16:25:09+10:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-80972",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-12886",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libstdc++6:8.3.0-6",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced/sha256__6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced.tar.gz",
+ "deb://debian:buster:libstdc++6:8.3.0-6"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2019-05-29T06:36:26+10:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-83007",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-3843",
+ "cvss_v2_score": 4.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.6,
+ "cvss3_max_score": 7.8,
+ "summary": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libudev1:241-7~deb10u6",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced/sha256__6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced.tar.gz",
+ "deb://debian:buster:libudev1:241-7~deb10u6"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2019-04-28T16:29:46+10:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-80974",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-12904",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.)",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libgcrypt20:1.8.4-5",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced/sha256__6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced.tar.gz",
+ "deb://debian:buster:libgcrypt20:1.8.4-5"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2019-06-20T21:40:09+10:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-84195",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.)",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3326",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libc-bin:2.28-10",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced/sha256__6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced.tar.gz",
+ "deb://debian:buster:libc-bin:2.28-10"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2021-01-28T15:04:20+11:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-138958",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-14155",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 5.3,
+ "summary": "libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libpcre3:2:8.39-12",
+ "impacted_artifact": "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "impact_path": [
+ "docker://library/httpd:sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007",
+ "generic://sha256:6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced/sha256__6f28985ad1843afd6fd4fe0b42a30bfab63c27d302362e7341e3316e8ba25ced.tar.gz",
+ "deb://debian:buster:libpcre3:2:8.39-12"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__5d7049207f58929582f0d2f6d226e2eaa33ab0ac9bebe6b485701641181b9007/",
+ "fixed_versions": [],
+ "published": "2020-06-16T14:15:49+10:00",
+ "artifact_scan_time": "2021-03-15T23:36:57+11:00",
+ "issue_id": "XRAY-100757",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-35523",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss3_max_score": 7.8,
+ "summary": "CVE-2020-35523 libtiff: Integer overflow in tif_getimage.c (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:libtiff:0:4.0.9-18.el8",
+ "impacted_artifact": "rpm://8:libtiff:0:4.0.9-18.el8",
+ "impact_path": [
+ "rpm://8:libtiff:0:4.0.9-18.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/l/libtiff-4.0.9-18.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2021-04-02T20:50:29+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:38+11:00",
+ "issue_id": "XRAY-160726",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-35523"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-17095",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 7.5,
+ "summary": "CVE-2017-17095 libtiff: Heap-based buffer overflow in tools/pal2rgb.c can lead to denial of service (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:libtiff:0:4.0.9-18.el8",
+ "impacted_artifact": "rpm://8:libtiff:0:4.0.9-18.el8",
+ "impact_path": [
+ "rpm://8:libtiff:0:4.0.9-18.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/l/libtiff-4.0.9-18.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:52:45+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:38+11:00",
+ "issue_id": "XRAY-132105",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CVE-2017-17095 libtiff: Heap-based buffer overflow in tools/pal2rgb.c can lead to denial of service (moderate)",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2017-17095"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-16335",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.3,
+ "summary": "CVE-2018-16335 libtiff: Heap-based buffer overflow in ChopUpSingleUncompressedStrip in tif_dirread.c (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:libtiff:0:4.0.9-18.el8",
+ "impacted_artifact": "rpm://8:libtiff:0:4.0.9-18.el8",
+ "impact_path": [
+ "rpm://8:libtiff:0:4.0.9-18.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/l/libtiff-4.0.9-18.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:00+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:38+11:00",
+ "issue_id": "XRAY-132836",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CVE-2018-16335 libtiff: Heap-based buffer overflow in ChopUpSingleUncompressedStrip in tif_dirread.c (moderate)",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2018-16335"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-15209",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.3,
+ "summary": "CVE-2018-15209 libtiff: Heap-based buffer overflow in ChopUpSingleUncompressedStrip in tif_dirread.c (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:libtiff:0:4.0.9-18.el8",
+ "impacted_artifact": "rpm://8:libtiff:0:4.0.9-18.el8",
+ "impact_path": [
+ "rpm://8:libtiff:0:4.0.9-18.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/l/libtiff-4.0.9-18.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T16:18:24+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:38+11:00",
+ "issue_id": "XRAY-134727",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "STATEMENT: This issue did not affect the versions of libtiff as shipped with Red Hat Enterprise Linux 5, 6, and 7.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2018-15209"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-35524",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss3_max_score": 7.8,
+ "summary": "CVE-2020-35524 libtiff: Heap-based buffer overflow in TIFF2PDF tool (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:libtiff:0:4.0.9-18.el8",
+ "impacted_artifact": "rpm://8:libtiff:0:4.0.9-18.el8",
+ "impact_path": [
+ "rpm://8:libtiff:0:4.0.9-18.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/l/libtiff-4.0.9-18.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2021-04-02T20:50:29+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:38+11:00",
+ "issue_id": "XRAY-160727",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-35524"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "summary": "Apache Commons IO FileNameUtils.normalize Path Traversal Remote File Disclosure Weakness",
+ "severity": "Medium",
+ "vulnerable_component": "gav://commons-io:commons-io:2.2",
+ "impacted_artifact": "gav://org.apache.maven.shared:maven-shared-utils:0.4",
+ "impact_path": [
+ "gav://org.apache.maven.shared:maven-shared-utils:0.4",
+ "gav://commons-io:commons-io:2.2"
+ ],
+ "path": "mavencentral-remote/org/apache/maven/shared/maven-shared-utils/0.4/maven-shared-utils-0.4.jar",
+ "fixed_versions": [
+ "2.7"
+ ],
+ "published": "2019-03-14T03:28:51+11:00",
+ "artifact_scan_time": "2021-03-05T16:22:51+11:00",
+ "issue_id": "XRAY-78200",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons IO contains a flaw that allows traversing outside of a restricted path. The issue is due to FileNameUtils.normalize not properly sanitizing user input, specifically path traversal style attacks (e.g. '../'). With a specially crafted request, a remote attacker can disclose arbitrary files.",
+ "references": [
+ "https://issues.apache.org/jira/browse/IO-556"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-11022",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 6.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 6.1,
+ "summary": "In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.",
+ "severity": "Medium",
+ "vulnerable_component": "npm://jquery:3.4.1",
+ "impacted_artifact": "gav://org.testng:testng:7.1.0",
+ "impact_path": [
+ "gav://org.testng:testng:7.1.0",
+ "npm://jquery:3.4.1"
+ ],
+ "path": "mavencentral-remote/org/testng/testng/7.1.0/testng-7.1.0.jar",
+ "fixed_versions": [
+ "3.5.0"
+ ],
+ "published": "2020-05-04T01:33:59+10:00",
+ "artifact_scan_time": "2021-03-09T08:42:52+11:00",
+ "issue_id": "XRAY-97257",
+ "package_type": "npm",
+ "provider": "JFrog",
+ "description": "In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.",
+ "references": [
+ "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00039.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html",
+ "https://lists.apache.org/thread.html/r8f70b0f65d6bedf316ecd899371fd89e65333bc988f6326d2956735c@%3Cissues.flink.apache.org%3E",
+ "https://lists.apache.org/thread.html/r564585d97bc069137e64f521e68ba490c7c9c5b342df5d73c49a0760@%3Cissues.flink.apache.org%3E",
+ "https://lists.apache.org/thread.html/r49ce4243b4738dd763caeb27fa8ad6afb426ae3e8c011ff00b8b1f48@%3Cissues.flink.apache.org%3E",
+ "https://lists.apache.org/thread.html/r706cfbc098420f7113968cc377247ec3d1439bce42e679c11c609e2d@%3Cissues.flink.apache.org%3E",
+ "https://lists.apache.org/thread.html/rbb448222ba62c430e21e13f940be4cb5cfc373cd3bce56b48c0ffa67@%3Cdev.flink.apache.org%3E",
+ "https://lists.apache.org/thread.html/rdf44341677cf7eec7e9aa96dcf3f37ed709544863d619cca8c36f133@%3Ccommits.airflow.apache.org%3E",
+ "https://www.oracle.com/security-alerts/cpuoct2020.html",
+ "https://www.oracle.com/security-alerts/cpujul2020.html",
+ "https://www.oracle.com/security-alerts/cpujan2021.html",
+ "https://jquery.com/upgrade-guide/3.5/",
+ "https://github.com/jquery/jquery/commit/1d61fd9407e6fbe82fe55cb0b938307aa0791f77",
+ "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
+ "https://security.gentoo.org/glsa/202007-03",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFP4UK4EGP4AFH2MWYJ5A5Z4I7XVFQ6B/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOE7P7APPRQKD4FGNHBKJPDY6FFCOH3W/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVKYXLWCLZBV2N7M46KYK4LVA5OXWPBY/",
+ "https://www.debian.org/security/2020/dsa-4693",
+ "https://www.tenable.com/security/tns-2021-02",
+ "https://www.tenable.com/security/tns-2020-11",
+ "https://www.tenable.com/security/tns-2020-10",
+ "https://www.drupal.org/sa-core-2020-002",
+ "https://security.netapp.com/advisory/ntap-20200511-0006/",
+ "https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-11023",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 6.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 6.1,
+ "summary": "In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing \u003coption\u003e elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.",
+ "severity": "Medium",
+ "vulnerable_component": "npm://jquery:3.4.1",
+ "impacted_artifact": "gav://org.testng:testng:7.1.0",
+ "impact_path": [
+ "gav://org.testng:testng:7.1.0",
+ "npm://jquery:3.4.1"
+ ],
+ "path": "mavencentral-remote/org/testng/testng/7.1.0/testng-7.1.0.jar",
+ "fixed_versions": [
+ "3.5.0"
+ ],
+ "published": "2020-05-03T21:27:46+10:00",
+ "artifact_scan_time": "2021-03-09T08:42:52+11:00",
+ "issue_id": "XRAY-97245",
+ "package_type": "npm",
+ "provider": "JFrog",
+ "description": "In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containingelements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.",
+ "references": [
+ "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00085.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00067.html",
+ "https://lists.apache.org/thread.html/r9c5fda81e4bca8daee305b4c03283dddb383ab8428a151d4cb0b3b15@%3Cissues.hive.apache.org%3E",
+ "https://lists.apache.org/thread.html/r094f435595582f6b5b24b66fedf80543aa8b1d57a3688fbcc21f06ec@%3Cissues.hive.apache.org%3E",
+ "https://lists.apache.org/thread.html/ra3c9219fcb0b289e18e9ec5a5ebeaa5c17d6b79a201667675af6721c@%3Cgitbox.hive.apache.org%3E",
+ "https://lists.apache.org/thread.html/rf661a90a15da8da5922ba6127b3f5f8194d4ebec8855d60a0dd13248@%3Cdev.hive.apache.org%3E",
+ "https://www.oracle.com/security-alerts/cpujul2020.html",
+ "https://jquery.com/upgrade-guide/3.5/",
+ "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released",
+ "https://security.gentoo.org/glsa/202007-03",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QPN2L2XVQGUA2V5HNQJWHK3APSK3VN7K/",
+ "https://www.debian.org/security/2020/dsa-4693",
+ "https://www.drupal.org/sa-core-2020-002",
+ "https://security.netapp.com/advisory/ntap-20200511-0006/",
+ "https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "summary": "Apache Maven org.apache.maven.shared.utils.Expand Expand.java extractFile() Function Traversal Remote File Write",
+ "severity": "Medium",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0.8",
+ "impacted_artifact": "gav://org.apache.maven.surefire:surefire-api:2.12.4",
+ "impact_path": [
+ "gav://org.apache.maven.surefire:surefire-api:2.12.4",
+ "gav://org.codehaus.plexus:plexus-utils:3.0.8"
+ ],
+ "path": "mavencentral-remote/org/apache/maven/surefire/surefire-api/2.12.4/surefire-api-2.12.4.jar",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-05-03T00:45:39+10:00",
+ "artifact_scan_time": "2021-03-09T08:42:52+11:00",
+ "issue_id": "XRAY-81282",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Maven contains a flaw in org.apache.maven.shared.utils.Expand that allows traversing outside of a restricted path. The issue is due to the extractFile() function in Expand.java not properly sanitizing user input, specifically path traversal style attacks (e.g. '../'). With a specially crafted request, a remote attacker can write arbitrary files.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/commit/33a2853df8185b4519b1b8bfae284f03392618ef",
+ "https://github.com/codehaus-plexus/plexus-utils/issues/4",
+ "http://svn.apache.org/viewvc?view=revision\u0026revision=1749800",
+ "https://issues.apache.org/jira/browse/MSHARED-563"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-1002200",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.5,
+ "summary": "plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.",
+ "severity": "Medium",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-archiver:2.8.1",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-archiver:2.8.1",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-archiver:2.8.1"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-archiver/2.8.1/plexus-archiver-2.8.1.jar",
+ "fixed_versions": [
+ "3.6.0"
+ ],
+ "published": "2019-06-10T19:11:31+10:00",
+ "artifact_scan_time": "2021-03-09T08:43:53+11:00",
+ "issue_id": "XRAY-83898",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'.",
+ "references": [
+ "https://access.redhat.com/errata/RHSA-2018:1837",
+ "https://access.redhat.com/errata/RHSA-2018:1836",
+ "https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31680",
+ "https://snyk.io/research/zip-slip-vulnerability",
+ "https://github.com/snyk/zip-slip-vulnerability",
+ "https://www.debian.org/security/2018/dsa-4227",
+ "https://github.com/codehaus-plexus/plexus-archiver/pull/87",
+ "https://github.com/codehaus-plexus/plexus-archiver/commit/f8f4233508193b70df33759ae9dc6154d69c2ea8"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-11979",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without said protection, effectively nullifying the effort. This would still allow an attacker to inject modified source files into the build process.",
+ "severity": "Medium",
+ "vulnerable_component": "gav://org.apache.ant:ant:1.10.5",
+ "impacted_artifact": "gav://org.apache.ant:ant:1.10.5",
+ "impact_path": [
+ "gav://org.apache.ant:ant:1.10.5"
+ ],
+ "path": "mavencentral-remote/org/apache/ant/ant/1.10.5/ant-1.10.5.jar",
+ "fixed_versions": [
+ "1.10.9"
+ ],
+ "published": "2020-10-04T21:14:47+11:00",
+ "artifact_scan_time": "2021-03-09T08:43:53+11:00",
+ "issue_id": "XRAY-125793",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without said protection, effectively nullifying the effort. This would still allow an attacker to inject modified source files into the build process.",
+ "references": [
+ "https://lists.apache.org/thread.html/r2306b67f20c24942b872b0a41fbdc9330e8467388158bcd19c1094e0@%3Cdev.creadur.apache.org%3E",
+ "https://lists.apache.org/thread.html/r107ea1b1a7a214bc72fe1a04207546ccef542146ae22952e1013b5cc@%3Cdev.creadur.apache.org%3E",
+ "https://lists.apache.org/thread.html/r5e1cdd79f019162f76414708b2092acad0a6703d666d72d717319305@%3Cdev.creadur.apache.org%3E",
+ "https://lists.apache.org/thread.html/r1dc8518dc99c42ecca5ff82d0d2de64cd5d3a4fa691eb9ee0304781e@%3Cdev.creadur.apache.org%3E",
+ "https://lists.apache.org/thread.html/r4ca33fad3fb39d130cda287d5a60727d9e706e6f2cf2339b95729490@%3Cdev.creadur.apache.org%3E",
+ "https://www.oracle.com/security-alerts/cpujan2021.html",
+ "https://lists.apache.org/thread.html/rc3c8ef9724b5b1e171529b47f4b35cb7920edfb6e917fa21eb6c64ea%40%3Cdev.ant.apache.org%3E",
+ "https://github.com/gradle/gradle/security/advisories/GHSA-j45w-qrgf-25vm",
+ "https://security.gentoo.org/glsa/202011-18",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AALW42FWNQ35F7KB3JVRC6NBVV7AAYYI/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DYBRN5C2RW7JRY75IB7Q7ZVKZCHWAQWS/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3NRQQ7ECII4ZNGW7GBC225LVYMPQEKB/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2012-6153",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "summary": "http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient before 4.2.3 does not properly verify that the server hostname matches a domain name in the subject?s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a certificate with a subject that specifies a common name in a field that is not the CN field. NOTE: this issue exists because of an incomplete fix for CVE-2012-5783.",
+ "severity": "Medium",
+ "vulnerable_component": "gav://org.apache.httpcomponents:httpclient:4.0.2",
+ "impacted_artifact": "gav://org.apache.httpcomponents:httpclient:4.0.2",
+ "impact_path": [
+ "gav://org.apache.httpcomponents:httpclient:4.0.2"
+ ],
+ "path": "mavencentral-remote/org/apache/httpcomponents/httpclient/4.0.2/httpclient-4.0.2.jar",
+ "fixed_versions": [
+ "4.2.3-RC1"
+ ],
+ "published": "2017-07-05T21:31:07+10:00",
+ "artifact_scan_time": "2021-03-09T08:46:52+11:00",
+ "issue_id": "XRAY-55557",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient before 4.2.3 does not properly verify that the server hostname matches a domain name in the subject?s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a certificate with a subject that specifies a common name in a field that is not the CN field. NOTE: this issue exists because of an incomplete fix for CVE-2012-5783.",
+ "references": [
+ "http://www.ubuntu.com/usn/USN-2769-1",
+ "http://rhn.redhat.com/errata/RHSA-2015-0851.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-0850.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-0765.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-0720.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-0675.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-0158.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-0125.html",
+ "http://rhn.redhat.com/errata/RHSA-2014-1892.html",
+ "http://rhn.redhat.com/errata/RHSA-2014-1891.html",
+ "http://rhn.redhat.com/errata/RHSA-2014-1836.html",
+ "http://rhn.redhat.com/errata/RHSA-2014-1835.html",
+ "http://rhn.redhat.com/errata/RHSA-2014-1834.html",
+ "http://rhn.redhat.com/errata/RHSA-2014-1833.html",
+ "http://rhn.redhat.com/errata/RHSA-2014-1098.html",
+ "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05103564",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1129916",
+ "https://access.redhat.com/solutions/1165533",
+ "http://svn.apache.org/viewvc?view=revision\u0026revision=1411705",
+ "http://www.securityfocus.com/bid/69257"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2014-3577",
+ "cvss_v2_score": 5.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:N"
+ }
+ ],
+ "cvss2_max_score": 5.8,
+ "summary": "org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a \"CN=\" string in a field in the distinguished name (DN) of a certificate, as demonstrated by the \"foo,CN=www.apache.org\" string in the O field.",
+ "severity": "Medium",
+ "vulnerable_component": "gav://org.apache.httpcomponents:httpclient:4.0.2",
+ "impacted_artifact": "gav://org.apache.httpcomponents:httpclient:4.0.2",
+ "impact_path": [
+ "gav://org.apache.httpcomponents:httpclient:4.0.2"
+ ],
+ "path": "mavencentral-remote/org/apache/httpcomponents/httpclient/4.0.2/httpclient-4.0.2.jar",
+ "fixed_versions": [
+ "4.3.5"
+ ],
+ "published": "2017-07-05T21:31:09+10:00",
+ "artifact_scan_time": "2021-03-09T08:46:52+11:00",
+ "issue_id": "XRAY-55631",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a \"CN=\" string in a field in the distinguished name (DN) of a certificate, as demonstrated by the \"foo,CN=www.apache.org\" string in the O field.",
+ "references": [
+ "http://xforce.iss.net/xforce/xfdb/95327",
+ "http://www.ubuntu.com/usn/USN-2769-1",
+ "http://secunia.com/advisories/60466",
+ "http://www.securitytracker.com/id/1030812",
+ "http://rhn.redhat.com/errata/RHSA-2015-1177.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-1176.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-0851.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-0850.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-0765.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-0720.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-0675.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-0158.html",
+ "http://rhn.redhat.com/errata/RHSA-2015-0125.html",
+ "http://rhn.redhat.com/errata/RHSA-2014-1892.html",
+ "http://rhn.redhat.com/errata/RHSA-2014-1891.html",
+ "http://rhn.redhat.com/errata/RHSA-2014-1836.html",
+ "http://rhn.redhat.com/errata/RHSA-2014-1835.html",
+ "http://rhn.redhat.com/errata/RHSA-2014-1834.html",
+ "http://rhn.redhat.com/errata/RHSA-2014-1833.html",
+ "http://rhn.redhat.com/errata/RHSA-2014-1166.html",
+ "http://rhn.redhat.com/errata/RHSA-2014-1146.html",
+ "http://www.osvdb.org/110143",
+ "http://packetstormsecurity.com/files/127913/Apache-HttpComponents-Man-In-The-Middle.html",
+ "http://seclists.org/fulldisclosure/2014/Aug/48",
+ "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05363782",
+ "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05103564",
+ "https://access.redhat.com/solutions/1165533",
+ "http://www.securityfocus.com/bid/69258"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2011-1498",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "summary": "Apache HttpClient 4.x before 4.1.1 in Apache HttpComponents, when used with an authenticating proxy server, sends the Proxy-Authorization header to the origin server, which allows remote web servers to obtain sensitive information by logging this header.",
+ "severity": "Medium",
+ "vulnerable_component": "gav://org.apache.httpcomponents:httpclient:4.0.2",
+ "impacted_artifact": "gav://org.apache.httpcomponents:httpclient:4.0.2",
+ "impact_path": [
+ "gav://org.apache.httpcomponents:httpclient:4.0.2"
+ ],
+ "path": "mavencentral-remote/org/apache/httpcomponents/httpclient/4.0.2/httpclient-4.0.2.jar",
+ "fixed_versions": [
+ "4.1.1-RC1"
+ ],
+ "published": "2017-07-05T21:31:06+10:00",
+ "artifact_scan_time": "2021-03-09T08:46:52+11:00",
+ "issue_id": "XRAY-55496",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache HttpClient 4.x before 4.1.1 in Apache HttpComponents, when used with an authenticating proxy server, sends the Proxy-Authorization header to the origin server, which allows remote web servers to obtain sensitive information by logging this header.",
+ "references": [
+ "http://securityreason.com/securityalert/8298",
+ "http://openwall.com/lists/oss-security/2011/04/08/1",
+ "http://openwall.com/lists/oss-security/2011/04/07/7",
+ "http://marc.info/?l=httpclient-users\u0026m=129858274406594\u0026w=2",
+ "http://marc.info/?l=httpclient-users\u0026m=129856318011586\u0026w=2",
+ "http://marc.info/?l=httpclient-users\u0026m=129858299106950\u0026w=2",
+ "http://marc.info/?l=httpclient-users\u0026m=129857589129183\u0026w=2",
+ "http://marc.info/?l=httpclient-users\u0026m=129853896315461\u0026w=2",
+ "http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061440.html",
+ "https://issues.apache.org/jira/browse/HTTPCLIENT-1061",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=709531",
+ "http://www.apache.org/dist/httpcomponents/httpclient/RELEASE_NOTES-4.1.x.txt",
+ "http://www.kb.cert.org/vuls/id/153049",
+ "http://www.securityfocus.com/bid/46974"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "summary": "Apache Maven org.apache.maven.shared.utils.Expand Expand.java extractFile() Function Traversal Remote File Write",
+ "severity": "Medium",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:1.5.10",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:1.5.10",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:1.5.10"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/1.5.10/plexus-utils-1.5.10.jar",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-05-03T00:45:39+10:00",
+ "artifact_scan_time": "2021-03-09T08:46:53+11:00",
+ "issue_id": "XRAY-81282",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Maven contains a flaw in org.apache.maven.shared.utils.Expand that allows traversing outside of a restricted path. The issue is due to the extractFile() function in Expand.java not properly sanitizing user input, specifically path traversal style attacks (e.g. '../'). With a specially crafted request, a remote attacker can write arbitrary files.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/commit/33a2853df8185b4519b1b8bfae284f03392618ef",
+ "https://github.com/codehaus-plexus/plexus-utils/issues/4",
+ "http://svn.apache.org/viewvc?view=revision\u0026revision=1749800",
+ "https://issues.apache.org/jira/browse/MSHARED-563"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-24031",
+ "cvss_v2_score": 2.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 2.1,
+ "cvss3_max_score": 5.5,
+ "summary": "In the Zstandard command-line utility prior to v1.4.1, output files were created with default permissions. Correct file permissions (matching the input) would only be set at completion time. Output files could therefore be readable or writable to unintended parties.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libzstd1:1.3.3+dfsg-2ubuntu1.1",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:92dc2a97ff99354714f17180401813eb3073e4f62a67643d66b461505a604cbe/sha256__92dc2a97ff99354714f17180401813eb3073e4f62a67643d66b461505a604cbe.tar.gz",
+ "deb://ubuntu:bionic:libzstd1:1.3.3+dfsg-2ubuntu1.1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [],
+ "published": "2021-03-08T03:58:16+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-141757",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In the Zstandard command-line utility prior to v1.4.1, output files were created with default permissions. Correct file permissions (matching the input) would only be set at completion time. Output files could therefore be readable or writable to unintended parties.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24031",
+ "https://usn.ubuntu.com/usn/usn-4760-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-16845",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.13.10",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:ba553bcfc69ca276c3b73bee3ecd3a2f7802040489ef04c048ff92249901d67d/sha256__ba553bcfc69ca276c3b73bee3ecd3a2f7802040489ef04c048ff92249901d67d.tar.gz",
+ "generic://sha256:0f25a21cf64e58078057adc78f38705163c1d564a959ff30a891c31917011a54/gosu",
+ "go://github.com/golang/go:1.13.10"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.13.15",
+ "1.14.7",
+ "1.15rc2"
+ ],
+ "published": "2020-08-11T20:54:34+10:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-117511",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.",
+ "references": [
+ "https://groups.google.com/forum/#!topic/golang-announce/NyPIaucMgXo",
+ "https://security.netapp.com/advisory/ntap-20200924-0002/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WV2VWKFTH4EJGZBZALVUJQJOAQB5MDQ4/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KWRBAH4UZJO3RROQ72SYCUPFCJFA22FO/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6RCFJTMKHY5ICGEM5BUFUEDDGSPJ25XU/",
+ "https://groups.google.com/forum/#!topic/golang-announce/_ulYYcIWg3Q",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00021.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00028.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29510",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:46bf239f7397a262cd0d2dd5ee52e0ac5fa1881a11d5134cd89c4d9df6343343/bsondump",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134984",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29510",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:6f2f3e1c52c2b878bbd88c00e10fd0a71ba63867aa1f730ef321cef21343b85e/mongoexport",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134984",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29510",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:6e788e7412a17b59ba9c52e51fea786a17f75cf553afb8145a8998b59f0ea254/mongoimport",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134984",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29510",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:1e902c1bea6cf3f724caf067ffca5b7c2efb595dc2760cc160fa95200d642ae9/mongostat",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134984",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29510",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:5aace8b9eaa6131313ceffd6ac6a587a9bd9c1162771f8c51cca98166d3493b7/mongodump",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134984",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29510",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:0e84d3010079312ea14339a8cfddddbedc8cd24fb23706202c8dc21fd5936537/mongofiles",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134984",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29510",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:65d7e7ac68d766eaa948788a0a75d079ec9a28ca507121a68f34f86fbfbd6f05/mongotop",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134984",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29510",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:a7a4236ea602a63c5757139209485587246d50221092613e23a1f9567773dc9e/mongorestore",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134984",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3114",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 6.5,
+ "summary": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:46bf239f7397a262cd0d2dd5ee52e0ac5fa1881a11d5134cd89c4d9df6343343/bsondump",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-02T00:46:31+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-139164",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "references": [
+ "https://github.com/golang/go/commit/d95ca9138026cbe40e0857d76a81a16d03230871",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3114",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 6.5,
+ "summary": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:6f2f3e1c52c2b878bbd88c00e10fd0a71ba63867aa1f730ef321cef21343b85e/mongoexport",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-02T00:46:31+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-139164",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "references": [
+ "https://github.com/golang/go/commit/d95ca9138026cbe40e0857d76a81a16d03230871",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3114",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 6.5,
+ "summary": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:6e788e7412a17b59ba9c52e51fea786a17f75cf553afb8145a8998b59f0ea254/mongoimport",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-02T00:46:31+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-139164",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "references": [
+ "https://github.com/golang/go/commit/d95ca9138026cbe40e0857d76a81a16d03230871",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3114",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 6.5,
+ "summary": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:1e902c1bea6cf3f724caf067ffca5b7c2efb595dc2760cc160fa95200d642ae9/mongostat",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-02T00:46:31+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-139164",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "references": [
+ "https://github.com/golang/go/commit/d95ca9138026cbe40e0857d76a81a16d03230871",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3114",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 6.5,
+ "summary": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:5aace8b9eaa6131313ceffd6ac6a587a9bd9c1162771f8c51cca98166d3493b7/mongodump",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-02T00:46:31+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-139164",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "references": [
+ "https://github.com/golang/go/commit/d95ca9138026cbe40e0857d76a81a16d03230871",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3114",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 6.5,
+ "summary": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:0e84d3010079312ea14339a8cfddddbedc8cd24fb23706202c8dc21fd5936537/mongofiles",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-02T00:46:31+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-139164",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "references": [
+ "https://github.com/golang/go/commit/d95ca9138026cbe40e0857d76a81a16d03230871",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3114",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 6.5,
+ "summary": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:65d7e7ac68d766eaa948788a0a75d079ec9a28ca507121a68f34f86fbfbd6f05/mongotop",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-02T00:46:31+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-139164",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "references": [
+ "https://github.com/golang/go/commit/d95ca9138026cbe40e0857d76a81a16d03230871",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3114",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 6.5,
+ "summary": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:a7a4236ea602a63c5757139209485587246d50221092613e23a1f9567773dc9e/mongorestore",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-02T00:46:31+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-139164",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "references": [
+ "https://github.com/golang/go/commit/d95ca9138026cbe40e0857d76a81a16d03230871",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-19246",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libonig4:6.7.0-1",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:bed7676d225b62a075a14ea55d481ef16be8268da0f422058156eb58843a0852/sha256__bed7676d225b62a075a14ea55d481ef16be8268da0f422058156eb58843a0852.tar.gz",
+ "deb://ubuntu:bionic:libonig4:6.7.0-1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [],
+ "published": "2019-12-08T15:34:20+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-92457",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19246",
+ "https://bugs.php.net/bug.php?id=78559",
+ "https://github.com/kkos/oniguruma/commit/d3e402928b6eb3327f8f7d59a9edfa622fec557b",
+ "https://usn.ubuntu.com/usn/usn-4460-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29509",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.13.10",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:ba553bcfc69ca276c3b73bee3ecd3a2f7802040489ef04c048ff92249901d67d/sha256__ba553bcfc69ca276c3b73bee3ecd3a2f7802040489ef04c048ff92249901d67d.tar.gz",
+ "generic://sha256:0f25a21cf64e58078057adc78f38705163c1d564a959ff30a891c31917011a54/gosu",
+ "go://github.com/golang/go:1.13.10"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134985",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-attributes.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27918",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:46bf239f7397a262cd0d2dd5ee52e0ac5fa1881a11d5134cd89c4d9df6343343/bsondump",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.16.1",
+ "1.15.9"
+ ],
+ "published": "2021-03-15T00:32:21+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-145876",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27918",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:65d7e7ac68d766eaa948788a0a75d079ec9a28ca507121a68f34f86fbfbd6f05/mongotop",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.16.1",
+ "1.15.9"
+ ],
+ "published": "2021-03-15T00:32:21+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-145876",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27918",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:5aace8b9eaa6131313ceffd6ac6a587a9bd9c1162771f8c51cca98166d3493b7/mongodump",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.16.1",
+ "1.15.9"
+ ],
+ "published": "2021-03-15T00:32:21+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-145876",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27918",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:1e902c1bea6cf3f724caf067ffca5b7c2efb595dc2760cc160fa95200d642ae9/mongostat",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.16.1",
+ "1.15.9"
+ ],
+ "published": "2021-03-15T00:32:21+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-145876",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27918",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:6e788e7412a17b59ba9c52e51fea786a17f75cf553afb8145a8998b59f0ea254/mongoimport",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.16.1",
+ "1.15.9"
+ ],
+ "published": "2021-03-15T00:32:21+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-145876",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27918",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:0e84d3010079312ea14339a8cfddddbedc8cd24fb23706202c8dc21fd5936537/mongofiles",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.16.1",
+ "1.15.9"
+ ],
+ "published": "2021-03-15T00:32:21+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-145876",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27918",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:a7a4236ea602a63c5757139209485587246d50221092613e23a1f9567773dc9e/mongorestore",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.16.1",
+ "1.15.9"
+ ],
+ "published": "2021-03-15T00:32:21+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-145876",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27918",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:6f2f3e1c52c2b878bbd88c00e10fd0a71ba63867aa1f730ef321cef21343b85e/mongoexport",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.16.1",
+ "1.15.9"
+ ],
+ "published": "2021-03-15T00:32:21+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-145876",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-20839",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 9.8,
+ "summary": "systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libsystemd0:237-3ubuntu10.44",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:92dc2a97ff99354714f17180401813eb3073e4f62a67643d66b461505a604cbe/sha256__92dc2a97ff99354714f17180401813eb3073e4f62a67643d66b461505a604cbe.tar.gz",
+ "deb://ubuntu:bionic:libsystemd0:237-3ubuntu10.44"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [],
+ "published": "2019-08-26T00:27:05+10:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-86827",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20839",
+ "https://github.com/systemd/systemd/pull/12378",
+ "https://github.com/systemd/systemd/pull/13109"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3114",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 6.5,
+ "summary": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.13.10",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:ba553bcfc69ca276c3b73bee3ecd3a2f7802040489ef04c048ff92249901d67d/sha256__ba553bcfc69ca276c3b73bee3ecd3a2f7802040489ef04c048ff92249901d67d.tar.gz",
+ "generic://sha256:0f25a21cf64e58078057adc78f38705163c1d564a959ff30a891c31917011a54/gosu",
+ "go://github.com/golang/go:1.13.10"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-02T00:46:31+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-139164",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "references": [
+ "https://github.com/golang/go/commit/d95ca9138026cbe40e0857d76a81a16d03230871",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-9511",
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.5,
+ "summary": "Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libnghttp2-14:1.30.0-1ubuntu1",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "deb://ubuntu:bionic:libnghttp2-14:1.30.0-1ubuntu1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [],
+ "published": "2019-08-26T00:28:14+10:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-86870",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511",
+ "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md",
+ "https://usn.ubuntu.com/usn/usn-4099-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-20217",
+ "cvss_v2_score": 3.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:S/C:N/I:N/A:P",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 3.5,
+ "cvss3_max_score": 5.3,
+ "summary": "A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libgssapi-krb5-2:1.16-2ubuntu0.2",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "deb://ubuntu:bionic:libgssapi-krb5-2:1.16-2ubuntu0.2"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [],
+ "published": "2019-03-03T19:09:48+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-76141",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "It was discovered that Kerberos incorrectly handled certain S4U2Self requests. An attacker could possibly use this issue to cause a denial of service.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-24553",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 6.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 6.1,
+ "summary": "Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.13.10",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:ba553bcfc69ca276c3b73bee3ecd3a2f7802040489ef04c048ff92249901d67d/sha256__ba553bcfc69ca276c3b73bee3ecd3a2f7802040489ef04c048ff92249901d67d.tar.gz",
+ "generic://sha256:0f25a21cf64e58078057adc78f38705163c1d564a959ff30a891c31917011a54/gosu",
+ "go://github.com/golang/go:1.13.10"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.14.8",
+ "1.15.1"
+ ],
+ "published": "2020-09-04T01:19:11+10:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-122286",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.",
+ "references": [
+ "http://seclists.org/fulldisclosure/2020/Sep/5",
+ "http://packetstormsecurity.com/files/159049/Go-CGI-FastCGI-Transport-Cross-Site-Scripting.html",
+ "https://groups.google.com/forum/#!topic/golang-announce/8wqlSbkLdPs"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-22876",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 5.3,
+ "summary": "curl 7.1.1 to and including 7.75.0 is vulnerable to an \"Exposure of Private Personal Information to an Unauthorized Actor\" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libcurl4:7.58.0-2ubuntu3.12",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "deb://ubuntu:bionic:libcurl4:7.58.0-2ubuntu3.12"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [],
+ "published": "2021-04-06T14:51:35+10:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-168886",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "curl 7.1.1 to and including 7.75.0 is vulnerable to an \"Exposure of Private Personal Information to an Unauthorized Actor\" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876",
+ "https://curl.se/docs/CVE-2021-22876.html",
+ "https://usn.ubuntu.com/usn/usn-4898-1",
+ "https://usn.ubuntu.com/usn/usn-4903-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-13224",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte encoding that gets handled by onig_new_deluxe(). Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libonig4:6.7.0-1",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:bed7676d225b62a075a14ea55d481ef16be8268da0f422058156eb58843a0852/sha256__bed7676d225b62a075a14ea55d481ef16be8268da0f422058156eb58843a0852.tar.gz",
+ "deb://ubuntu:bionic:libonig4:6.7.0-1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [],
+ "published": "2019-08-26T00:18:00+10:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-86452",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "It was discovered that Oniguruma incorrectly handled certain regular expressions. An attacker could possibly use this issue to obtain sensitive information, cause a denial of service or execute arbitrary code.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13224",
+ "https://github.com/kkos/oniguruma/commit/0f7f61ed1b7b697e283e37bd2d731d0bd57adb55",
+ "https://usn.ubuntu.com/usn/usn-4088-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3115",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.13.10",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:ba553bcfc69ca276c3b73bee3ecd3a2f7802040489ef04c048ff92249901d67d/sha256__ba553bcfc69ca276c3b73bee3ecd3a2f7802040489ef04c048ff92249901d67d.tar.gz",
+ "generic://sha256:0f25a21cf64e58078057adc78f38705163c1d564a959ff30a891c31917011a54/gosu",
+ "go://github.com/golang/go:1.13.10"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-139137",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "references": [
+ "https://blog.golang.org/path-security",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-20217",
+ "cvss_v2_score": 3.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:S/C:N/I:N/A:P",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 3.5,
+ "cvss3_max_score": 5.3,
+ "summary": "A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libkrb5support0:1.16-2ubuntu0.2",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "deb://ubuntu:bionic:libkrb5support0:1.16-2ubuntu0.2"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [],
+ "published": "2019-03-03T19:09:48+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-76141",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "It was discovered that Kerberos incorrectly handled certain S4U2Self requests. An attacker could possibly use this issue to cause a denial of service.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29510",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.13.10",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:ba553bcfc69ca276c3b73bee3ecd3a2f7802040489ef04c048ff92249901d67d/sha256__ba553bcfc69ca276c3b73bee3ecd3a2f7802040489ef04c048ff92249901d67d.tar.gz",
+ "generic://sha256:0f25a21cf64e58078057adc78f38705163c1d564a959ff30a891c31917011a54/gosu",
+ "go://github.com/golang/go:1.13.10"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134984",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-13844",
+ "cvss_v2_score": 2.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 2.1,
+ "cvss3_max_score": 5.5,
+ "summary": "Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka \"straight-line speculation.\"",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:gcc-8-base:8.4.0-1ubuntu1~18.04",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:92dc2a97ff99354714f17180401813eb3073e4f62a67643d66b461505a604cbe/sha256__92dc2a97ff99354714f17180401813eb3073e4f62a67643d66b461505a604cbe.tar.gz",
+ "deb://ubuntu:bionic:gcc-8-base:8.4.0-1ubuntu1~18.04"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [],
+ "published": "2020-06-14T14:39:42+10:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-100566",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka \"straight-line speculation.\"",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844",
+ "http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html",
+ "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability",
+ "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation",
+ "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions",
+ "https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html",
+ "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3115",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:46bf239f7397a262cd0d2dd5ee52e0ac5fa1881a11d5134cd89c4d9df6343343/bsondump",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-139137",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "references": [
+ "https://blog.golang.org/path-security",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3115",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:6f2f3e1c52c2b878bbd88c00e10fd0a71ba63867aa1f730ef321cef21343b85e/mongoexport",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-139137",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "references": [
+ "https://blog.golang.org/path-security",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3115",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:6e788e7412a17b59ba9c52e51fea786a17f75cf553afb8145a8998b59f0ea254/mongoimport",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-139137",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "references": [
+ "https://blog.golang.org/path-security",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3115",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:1e902c1bea6cf3f724caf067ffca5b7c2efb595dc2760cc160fa95200d642ae9/mongostat",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-139137",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "references": [
+ "https://blog.golang.org/path-security",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3115",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:5aace8b9eaa6131313ceffd6ac6a587a9bd9c1162771f8c51cca98166d3493b7/mongodump",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-139137",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "references": [
+ "https://blog.golang.org/path-security",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3115",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:0e84d3010079312ea14339a8cfddddbedc8cd24fb23706202c8dc21fd5936537/mongofiles",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-139137",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "references": [
+ "https://blog.golang.org/path-security",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3115",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:65d7e7ac68d766eaa948788a0a75d079ec9a28ca507121a68f34f86fbfbd6f05/mongotop",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-139137",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "references": [
+ "https://blog.golang.org/path-security",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3115",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:a7a4236ea602a63c5757139209485587246d50221092613e23a1f9567773dc9e/mongorestore",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-139137",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "references": [
+ "https://blog.golang.org/path-security",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-14039",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 5.3,
+ "summary": "In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.13.10",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:ba553bcfc69ca276c3b73bee3ecd3a2f7802040489ef04c048ff92249901d67d/sha256__ba553bcfc69ca276c3b73bee3ecd3a2f7802040489ef04c048ff92249901d67d.tar.gz",
+ "generic://sha256:0f25a21cf64e58078057adc78f38705163c1d564a959ff30a891c31917011a54/gosu",
+ "go://github.com/golang/go:1.13.10"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.13.13",
+ "1.14.5",
+ "1.15rc1"
+ ],
+ "published": "2020-07-26T21:38:48+10:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-114289",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.",
+ "references": [
+ "https://groups.google.com/forum/#!topic/golang-announce/XZNfaiwgt2w",
+ "https://groups.google.com/forum/#!forum/golang-announce"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29511",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.13.10",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:ba553bcfc69ca276c3b73bee3ecd3a2f7802040489ef04c048ff92249901d67d/sha256__ba553bcfc69ca276c3b73bee3ecd3a2f7802040489ef04c048ff92249901d67d.tar.gz",
+ "generic://sha256:0f25a21cf64e58078057adc78f38705163c1d564a959ff30a891c31917011a54/gosu",
+ "go://github.com/golang/go:1.13.10"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:16+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134983",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-elements.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29509",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:46bf239f7397a262cd0d2dd5ee52e0ac5fa1881a11d5134cd89c4d9df6343343/bsondump",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134985",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-attributes.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29509",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:6f2f3e1c52c2b878bbd88c00e10fd0a71ba63867aa1f730ef321cef21343b85e/mongoexport",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134985",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-attributes.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29509",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:6e788e7412a17b59ba9c52e51fea786a17f75cf553afb8145a8998b59f0ea254/mongoimport",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134985",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-attributes.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29509",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:1e902c1bea6cf3f724caf067ffca5b7c2efb595dc2760cc160fa95200d642ae9/mongostat",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134985",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-attributes.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29509",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:5aace8b9eaa6131313ceffd6ac6a587a9bd9c1162771f8c51cca98166d3493b7/mongodump",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134985",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-attributes.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29509",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:0e84d3010079312ea14339a8cfddddbedc8cd24fb23706202c8dc21fd5936537/mongofiles",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134985",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-attributes.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29509",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:65d7e7ac68d766eaa948788a0a75d079ec9a28ca507121a68f34f86fbfbd6f05/mongotop",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134985",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-attributes.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29509",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:a7a4236ea602a63c5757139209485587246d50221092613e23a1f9567773dc9e/mongorestore",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134985",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-attributes.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-24032",
+ "cvss_v2_score": 1.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 4.7,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 1.9,
+ "cvss3_max_score": 4.7,
+ "summary": "Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permissions and restricted those permissions immediately afterwards. Output files could therefore momentarily be readable or writable to unintended parties.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libzstd1:1.3.3+dfsg-2ubuntu1.1",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:92dc2a97ff99354714f17180401813eb3073e4f62a67643d66b461505a604cbe/sha256__92dc2a97ff99354714f17180401813eb3073e4f62a67643d66b461505a604cbe.tar.gz",
+ "deb://ubuntu:bionic:libzstd1:1.3.3+dfsg-2ubuntu1.1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [],
+ "published": "2021-03-08T04:05:26+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-141766",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permissions and restricted those permissions immediately afterwards. Output files could therefore momentarily be readable or writable to unintended parties.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24032",
+ "https://usn.ubuntu.com/usn/usn-4760-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29511",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:46bf239f7397a262cd0d2dd5ee52e0ac5fa1881a11d5134cd89c4d9df6343343/bsondump",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:16+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134983",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-elements.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29511",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:6f2f3e1c52c2b878bbd88c00e10fd0a71ba63867aa1f730ef321cef21343b85e/mongoexport",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:16+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134983",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-elements.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29511",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:6e788e7412a17b59ba9c52e51fea786a17f75cf553afb8145a8998b59f0ea254/mongoimport",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:16+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134983",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-elements.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29511",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:1e902c1bea6cf3f724caf067ffca5b7c2efb595dc2760cc160fa95200d642ae9/mongostat",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:16+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134983",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-elements.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29511",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:5aace8b9eaa6131313ceffd6ac6a587a9bd9c1162771f8c51cca98166d3493b7/mongodump",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:16+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134983",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-elements.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29511",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:0e84d3010079312ea14339a8cfddddbedc8cd24fb23706202c8dc21fd5936537/mongofiles",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:16+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134983",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-elements.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29511",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:65d7e7ac68d766eaa948788a0a75d079ec9a28ca507121a68f34f86fbfbd6f05/mongotop",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:16+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134983",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-elements.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29511",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "generic://sha256:a7a4236ea602a63c5757139209485587246d50221092613e23a1f9567773dc9e/mongorestore",
+ "go://github.com/golang/go:1.15"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:16+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-134983",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-elements.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-19012",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libonig4:6.7.0-1",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:bed7676d225b62a075a14ea55d481ef16be8268da0f422058156eb58843a0852/sha256__bed7676d225b62a075a14ea55d481ef16be8268da0f422058156eb58843a0852.tar.gz",
+ "deb://ubuntu:bionic:libonig4:6.7.0-1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [],
+ "published": "2019-11-25T15:43:32+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-91960",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19012",
+ "https://github.com/kkos/oniguruma/issues/164",
+ "https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2",
+ "https://usn.ubuntu.com/usn/usn-4460-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-13844",
+ "cvss_v2_score": 2.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 2.1,
+ "cvss3_max_score": 5.5,
+ "summary": "Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka \"straight-line speculation.\"",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libstdc++6:8.4.0-1ubuntu1~18.04",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:92dc2a97ff99354714f17180401813eb3073e4f62a67643d66b461505a604cbe/sha256__92dc2a97ff99354714f17180401813eb3073e4f62a67643d66b461505a604cbe.tar.gz",
+ "deb://ubuntu:bionic:libstdc++6:8.4.0-1ubuntu1~18.04"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [],
+ "published": "2020-06-14T14:39:42+10:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-100566",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka \"straight-line speculation.\"",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844",
+ "http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html",
+ "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability",
+ "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation",
+ "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions",
+ "https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html",
+ "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28367",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.13.10",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:ba553bcfc69ca276c3b73bee3ecd3a2f7802040489ef04c048ff92249901d67d/sha256__ba553bcfc69ca276c3b73bee3ecd3a2f7802040489ef04c048ff92249901d67d.tar.gz",
+ "generic://sha256:0f25a21cf64e58078057adc78f38705163c1d564a959ff30a891c31917011a54/gosu",
+ "go://github.com/golang/go:1.13.10"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.14.12",
+ "1.15.5"
+ ],
+ "published": "2020-11-19T20:55:03+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-128578",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM",
+ "https://github.com/golang/go/issues/42556",
+ "https://lists.apache.org/thread.html/rd02e75766cd333a0df417588460f5e4477060633000bfe94955851fd@%3Cissues.trafficcontrol.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libhogweed4:3.4-1",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:92dc2a97ff99354714f17180401813eb3073e4f62a67643d66b461505a604cbe/sha256__92dc2a97ff99354714f17180401813eb3073e4f62a67643d66b461505a604cbe.tar.gz",
+ "deb://ubuntu:bionic:libhogweed4:3.4-1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [],
+ "published": "2021-04-11T14:40:26+10:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-171785",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305",
+ "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html",
+ "https://usn.ubuntu.com/usn/usn-4906-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-20217",
+ "cvss_v2_score": 3.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:S/C:N/I:N/A:P",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 3.5,
+ "cvss3_max_score": 5.3,
+ "summary": "A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libk5crypto3:1.16-2ubuntu0.2",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "deb://ubuntu:bionic:libk5crypto3:1.16-2ubuntu0.2"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [],
+ "published": "2019-03-03T19:09:48+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-76141",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "It was discovered that Kerberos incorrectly handled certain S4U2Self requests. An attacker could possibly use this issue to cause a denial of service.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-9513",
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.5,
+ "summary": "Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libnghttp2-14:1.30.0-1ubuntu1",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "deb://ubuntu:bionic:libnghttp2-14:1.30.0-1ubuntu1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [],
+ "published": "2019-08-26T00:18:02+10:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-86454",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513",
+ "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md",
+ "https://usn.ubuntu.com/usn/usn-4099-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28366",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.13.10",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:ba553bcfc69ca276c3b73bee3ecd3a2f7802040489ef04c048ff92249901d67d/sha256__ba553bcfc69ca276c3b73bee3ecd3a2f7802040489ef04c048ff92249901d67d.tar.gz",
+ "generic://sha256:0f25a21cf64e58078057adc78f38705163c1d564a959ff30a891c31917011a54/gosu",
+ "go://github.com/golang/go:1.13.10"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.14.12",
+ "1.15.5"
+ ],
+ "published": "2020-11-20T00:55:03+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-128619",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM",
+ "https://github.com/golang/go/issues/42559",
+ "https://lists.apache.org/thread.html/rd02e75766cd333a0df417588460f5e4477060633000bfe94955851fd@%3Cissues.trafficcontrol.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-19204",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libonig4:6.7.0-1",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:bed7676d225b62a075a14ea55d481ef16be8268da0f422058156eb58843a0852/sha256__bed7676d225b62a075a14ea55d481ef16be8268da0f422058156eb58843a0852.tar.gz",
+ "deb://ubuntu:bionic:libonig4:6.7.0-1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [],
+ "published": "2019-11-25T16:00:00+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-91992",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19204",
+ "https://github.com/kkos/oniguruma/issues/162",
+ "https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2",
+ "https://usn.ubuntu.com/usn/usn-4460-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-9794",
+ "cvss_v2_score": 5.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.8,
+ "cvss3_max_score": 8.1,
+ "summary": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A malicious application may cause a denial of service or potentially disclose memory contents.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libsqlite3-0:3.22.0-1ubuntu0.4",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:ba553bcfc69ca276c3b73bee3ecd3a2f7802040489ef04c048ff92249901d67d/sha256__ba553bcfc69ca276c3b73bee3ecd3a2f7802040489ef04c048ff92249901d67d.tar.gz",
+ "deb://ubuntu:bionic:libsqlite3-0:3.22.0-1ubuntu0.4"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [],
+ "published": "2020-06-14T14:23:59+10:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-100549",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A malicious application may cause a denial of service or potentially disclose memory contents.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794",
+ "https://vuldb.com/?id.155768"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-13844",
+ "cvss_v2_score": 2.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 2.1,
+ "cvss3_max_score": 5.5,
+ "summary": "Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka \"straight-line speculation.\"",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libgcc1:1:8.4.0-1ubuntu1~18.04",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:92dc2a97ff99354714f17180401813eb3073e4f62a67643d66b461505a604cbe/sha256__92dc2a97ff99354714f17180401813eb3073e4f62a67643d66b461505a604cbe.tar.gz",
+ "deb://ubuntu:bionic:libgcc1:1:8.4.0-1ubuntu1~18.04"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [],
+ "published": "2020-06-14T14:39:42+10:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-100566",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka \"straight-line speculation.\"",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844",
+ "http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html",
+ "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability",
+ "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation",
+ "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions",
+ "https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html",
+ "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-20217",
+ "cvss_v2_score": 3.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:S/C:N/I:N/A:P",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 3.5,
+ "cvss3_max_score": 5.3,
+ "summary": "A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:krb5-locales:1.16-2ubuntu0.2",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "deb://ubuntu:bionic:krb5-locales:1.16-2ubuntu0.2"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [],
+ "published": "2019-03-03T19:09:48+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-76141",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "It was discovered that Kerberos incorrectly handled certain S4U2Self requests. An attacker could possibly use this issue to cause a denial of service.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27918",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.13.10",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:ba553bcfc69ca276c3b73bee3ecd3a2f7802040489ef04c048ff92249901d67d/sha256__ba553bcfc69ca276c3b73bee3ecd3a2f7802040489ef04c048ff92249901d67d.tar.gz",
+ "generic://sha256:0f25a21cf64e58078057adc78f38705163c1d564a959ff30a891c31917011a54/gosu",
+ "go://github.com/golang/go:1.13.10"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [
+ "1.16.1",
+ "1.15.9"
+ ],
+ "published": "2021-03-15T00:32:21+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-145876",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libnettle6:3.4-1",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:92dc2a97ff99354714f17180401813eb3073e4f62a67643d66b461505a604cbe/sha256__92dc2a97ff99354714f17180401813eb3073e4f62a67643d66b461505a604cbe.tar.gz",
+ "deb://ubuntu:bionic:libnettle6:3.4-1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [],
+ "published": "2021-04-11T14:40:26+10:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-171785",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305",
+ "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html",
+ "https://usn.ubuntu.com/usn/usn-4906-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-20839",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 9.8,
+ "summary": "systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libudev1:237-3ubuntu10.44",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:92dc2a97ff99354714f17180401813eb3073e4f62a67643d66b461505a604cbe/sha256__92dc2a97ff99354714f17180401813eb3073e4f62a67643d66b461505a604cbe.tar.gz",
+ "deb://ubuntu:bionic:libudev1:237-3ubuntu10.44"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [],
+ "published": "2019-08-26T00:27:05+10:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-86827",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20839",
+ "https://github.com/systemd/systemd/pull/12378",
+ "https://github.com/systemd/systemd/pull/13109"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-16163",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libonig4:6.7.0-1",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:bed7676d225b62a075a14ea55d481ef16be8268da0f422058156eb58843a0852/sha256__bed7676d225b62a075a14ea55d481ef16be8268da0f422058156eb58843a0852.tar.gz",
+ "deb://ubuntu:bionic:libonig4:6.7.0-1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [],
+ "published": "2019-09-15T14:39:04+10:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-88145",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16163",
+ "https://github.com/kkos/oniguruma/issues/147",
+ "https://github.com/kkos/oniguruma/commit/4097828d7cc87589864fecf452f2cd46c5f37180",
+ "https://github.com/kkos/oniguruma/compare/v6.9.2...v6.9.3",
+ "https://usn.ubuntu.com/usn/usn-4460-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-20217",
+ "cvss_v2_score": 3.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:S/C:N/I:N/A:P",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 3.5,
+ "cvss3_max_score": 5.3,
+ "summary": "A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libkrb5-3:1.16-2ubuntu0.2",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc/sha256__5605b8c2e9f7536c42666d6f34263beb7872e0d7a22a251432d10ed64dc765dc.tar.gz",
+ "deb://ubuntu:bionic:libkrb5-3:1.16-2ubuntu0.2"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [],
+ "published": "2019-03-03T19:09:48+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-76141",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "It was discovered that Kerberos incorrectly handled certain S4U2Self requests. An attacker could possibly use this issue to cause a denial of service.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-19203",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libonig4:6.7.0-1",
+ "impacted_artifact": "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "impact_path": [
+ "docker://library/mongo:sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579",
+ "generic://sha256:bed7676d225b62a075a14ea55d481ef16be8268da0f422058156eb58843a0852/sha256__bed7676d225b62a075a14ea55d481ef16be8268da0f422058156eb58843a0852.tar.gz",
+ "deb://ubuntu:bionic:libonig4:6.7.0-1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__10c5bfb6984134009c376e7a37c8523da195c9b8c5b9828bcc564efe55b32579/",
+ "fixed_versions": [],
+ "published": "2019-11-25T15:51:31+11:00",
+ "artifact_scan_time": "2021-03-09T08:56:07+11:00",
+ "issue_id": "XRAY-91979",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19203",
+ "https://github.com/kkos/oniguruma/issues/163",
+ "https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 5.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.4,
+ "cvss3_max_score": 5.3,
+ "summary": "GNU dbm (GDBM) Database Recovery Resource Exhaustion DoS Weakness",
+ "severity": "Medium",
+ "vulnerable_component": "alpine://3.13:gdbm:1.19-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "generic://sha256:b631c872dd0c171fca133bcd7481ac18f009dac211834de6dca4bc494421796e/sha256__b631c872dd0c171fca133bcd7481ac18f009dac211834de6dca4bc494421796e.tar.gz",
+ "alpine://3.13:gdbm:1.19-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412/",
+ "fixed_versions": [],
+ "published": "2021-03-18T19:46:38+11:00",
+ "artifact_scan_time": "2021-03-18T13:05:27+11:00",
+ "issue_id": "XRAY-147183",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "GNU dbm (GDBM) contains a flaw that is triggered when handling recovery operations on a specially crafted database file. This may allow a context-dependent attacker to exhaust available disk storage and potentially cause a denial of service.",
+ "references": [
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=2dc9267a91a98733a18ebb3b8488da8016539f83",
+ "https://git.savannah.gnu.org/cgit/gdbm.git/commit/?id=3f86431e830f867d14f2ad5a382f59b19acdded2",
+ "https://puszcza.gnu.org.ua/bugs/?502"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-21300",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive file system such as NTFS, HFS+ or APFS (i.e. the default file systems on Windows and macOS). Note that clean/smudge filters have to be configured for that. Git for Windows configures Git LFS by default, and is therefore vulnerable. The problem has been patched in the versions published on Tuesday, March 9th, 2021. As a workaound, if symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. Likewise, if no clean/smudge filters such as Git LFS are configured globally (i.e. _before_ cloning), the attack is foiled. As always, it is best to avoid cloning repositories from untrusted sources. The earliest impacted version is 2.14.2. The fix versions are: 2.30.1, 2.29.3, 2.28.1, 2.27.1, 2.26.3, 2.25.5, 2.24.4, 2.23.4, 2.22.5, 2.21.4, 2.20.5, 2.19.6, 2.18.5, 2.17.62.17.6.",
+ "severity": "Medium",
+ "vulnerable_component": "alpine://3.13:git:2.30.1-r0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "generic://sha256:b631c872dd0c171fca133bcd7481ac18f009dac211834de6dca4bc494421796e/sha256__b631c872dd0c171fca133bcd7481ac18f009dac211834de6dca4bc494421796e.tar.gz",
+ "alpine://3.13:git:2.30.1-r0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412/",
+ "fixed_versions": [
+ "2.30.2-r0"
+ ],
+ "published": "2021-03-24T23:11:00+11:00",
+ "artifact_scan_time": "2021-03-18T13:05:27+11:00",
+ "issue_id": "XRAY-157682",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive file system such as NTFS, HFS+ or APFS (i.e. the default file systems on Windows and macOS). Note that clean/smudge filters have to be configured for that. Git for Windows configures Git LFS by default, and is therefore vulnerable. The problem has been patched in the versions published on Tuesday, March 9th, 2021. As a workaound, if symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. Likewise, if no clean/smudge filters such as Git LFS are configured globally (i.e. _before_ cloning), the attack is foiled. As always, it is best to avoid cloning repositories from untrusted sources. The earliest impacted version is 2.14.2. The fix versions are: 2.30.1, 2.29.3, 2.28.1, 2.27.1, 2.26.3, 2.25.5, 2.24.4, 2.23.4, 2.22.5, 2.21.4, 2.20.5, 2.19.6, 2.18.5, 2.17.62.17.6.",
+ "references": [
+ "http://www.openwall.com/lists/oss-security/2021/03/09/3",
+ "https://lore.kernel.org/git/xmqqim6019yd.fsf@gitster.c.googlers.com/",
+ "https://github.com/git/git/commit/684dd4c2b414bcf648505e74498a608f28de4592",
+ "https://git-scm.com/docs/gitattributes#_filter",
+ "https://git-scm.com/docs/git-config#Documentation/git-config.txt-coresymlinks",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LMXX2POK5X576BSDWSXGU7EIK6I72ERU/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCLJJLKKMS5WRFO6C475AOUZTWQLIARX/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BBPNGLQSYJHLZZ37BO42YY6S5OTIF4L4/",
+ "https://github.com/git/git/security/advisories/GHSA-8prw-h3cq-mghm"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 7.4,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"
+ }
+ ],
+ "cvss2_max_score": 4,
+ "cvss3_max_score": 7.4,
+ "summary": "cURL / libcurl TLS 1.3 Session Ticket Improper Host Handshake Handling MitM Spoofing",
+ "severity": "Medium",
+ "vulnerable_component": "alpine://3.13:libcurl:7.74.0-r1",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "generic://sha256:b631c872dd0c171fca133bcd7481ac18f009dac211834de6dca4bc494421796e/sha256__b631c872dd0c171fca133bcd7481ac18f009dac211834de6dca4bc494421796e.tar.gz",
+ "alpine://3.13:libcurl:7.74.0-r1"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412/",
+ "fixed_versions": [],
+ "published": "2021-04-02T02:39:36+11:00",
+ "artifact_scan_time": "2021-03-18T13:05:27+11:00",
+ "issue_id": "XRAY-160704",
+ "package_type": "alpine",
+ "provider": "JFrog",
+ "description": "cURL / libcurl contains a flaw that is triggered as host handshakes are improperly bypassed when processing TLS 1.3 session ticket from an HTTPS proxy. With a specially crafted HTTPS proxy, an attacker can bypass the TLS certificate check and disclose or manipulate transmitted data.",
+ "references": [
+ "https://ubuntu.com/security/notices/USN-4898-1",
+ "https://seclists.org/oss-sec/2021/q1/280",
+ "https://github.com/curl/curl/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844",
+ "https://curl.se/docs/CVE-2021-22890.html",
+ "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-22890"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28852",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "In x/text in Go before v0.3.5, a \"slice bounds out of range\" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)",
+ "severity": "Medium",
+ "vulnerable_component": "go://golang.org/x/text:0.3.4",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "generic://sha256:dea0207275e948d0460c89f6f118965e30d3310c19bacdf116090038a6ce687c/sha256__dea0207275e948d0460c89f6f118965e30d3310c19bacdf116090038a6ce687c.tar.gz",
+ "generic://sha256:783c7d3b26de469151b40de20677b8721678a081ac12ff93f3daab0a4238dcc5/kustomize-controller",
+ "go://golang.org/x/text:0.3.4"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412/",
+ "fixed_versions": [
+ "0.3.5"
+ ],
+ "published": "2021-01-03T23:36:30+11:00",
+ "artifact_scan_time": "2021-03-18T13:05:27+11:00",
+ "issue_id": "XRAY-138125",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In x/text in Go before v0.3.5, a \"slice bounds out of range\" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)",
+ "references": [
+ "https://github.com/golang/go/issues/42536",
+ "https://security.netapp.com/advisory/ntap-20210212-0004/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27918",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.15.8",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "generic://sha256:dea0207275e948d0460c89f6f118965e30d3310c19bacdf116090038a6ce687c/sha256__dea0207275e948d0460c89f6f118965e30d3310c19bacdf116090038a6ce687c.tar.gz",
+ "generic://sha256:783c7d3b26de469151b40de20677b8721678a081ac12ff93f3daab0a4238dcc5/kustomize-controller",
+ "go://github.com/golang/go:1.15.8"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412/",
+ "fixed_versions": [
+ "1.16.1",
+ "1.15.9"
+ ],
+ "published": "2021-03-15T00:32:21+11:00",
+ "artifact_scan_time": "2021-03-18T13:05:27+11:00",
+ "issue_id": "XRAY-145876",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29652",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.",
+ "severity": "Medium",
+ "vulnerable_component": "go://golang.org/x/crypto:0.0.0-20201002170205-7f63de1d35b0",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "generic://sha256:dea0207275e948d0460c89f6f118965e30d3310c19bacdf116090038a6ce687c/sha256__dea0207275e948d0460c89f6f118965e30d3310c19bacdf116090038a6ce687c.tar.gz",
+ "generic://sha256:783c7d3b26de469151b40de20677b8721678a081ac12ff93f3daab0a4238dcc5/kustomize-controller",
+ "go://golang.org/x/crypto:0.0.0-20201002170205-7f63de1d35b0"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412/",
+ "fixed_versions": [
+ "0.0.0-20201216223049-8b5274cf687f"
+ ],
+ "published": "2020-12-21T03:38:59+11:00",
+ "artifact_scan_time": "2021-03-18T13:05:27+11:00",
+ "issue_id": "XRAY-135107",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1",
+ "https://go-review.googlesource.com/c/crypto/+/278852"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 6.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 6.1,
+ "summary": "Kubernetes /proxy/ pagesize Parameter Reflected XSS",
+ "severity": "Medium",
+ "vulnerable_component": "go://k8s.io/apimachinery:0.20.2",
+ "impacted_artifact": "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "impact_path": [
+ "docker://fluxcd/kustomize-controller:sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412",
+ "generic://sha256:dea0207275e948d0460c89f6f118965e30d3310c19bacdf116090038a6ce687c/sha256__dea0207275e948d0460c89f6f118965e30d3310c19bacdf116090038a6ce687c.tar.gz",
+ "generic://sha256:783c7d3b26de469151b40de20677b8721678a081ac12ff93f3daab0a4238dcc5/kustomize-controller",
+ "go://k8s.io/apimachinery:0.20.2"
+ ],
+ "path": "dockerhub-remote/fluxcd/kustomize-controller/sha256__1217bf214c05339721e865e1842393fbe37f17a3923918572ef30b8031d61412/",
+ "fixed_versions": [
+ "1.16.0-alpha.3"
+ ],
+ "published": "2019-06-05T20:03:10+10:00",
+ "artifact_scan_time": "2021-03-18T13:05:27+11:00",
+ "issue_id": "XRAY-83594",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Kubernetes contains a flaw that allows a reflected cross-site scripting (XSS) attack. This flaw exists because the /proxy/ script does not properly sanitize input to the 'pagesize' GET parameter before returning it to users. This may allow a context-dependent attacker to create a specially crafted request that executes arbitrary script code in a user's browser session within the trust relationship between their browser and the server.",
+ "references": [
+ "https://github.com/kubernetes/kubernetes/issues/78467"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-15945",
+ "cvss_v2_score": 2.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 2.1,
+ "cvss3_max_score": 5.5,
+ "summary": "CVE-2020-15945 lua: segmentation fault in changedline in ldebug.c (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:lua:0:5.3.4-11.el8",
+ "impacted_artifact": "rpm://8:lua:0:5.3.4-11.el8",
+ "impact_path": [
+ "rpm://8:lua:0:5.3.4-11.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/l/lua-5.3.4-11.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T16:18:34+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:38+11:00",
+ "issue_id": "XRAY-134918",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "STATEMENT: Red Hat Ceph Storage 3 and 4 ships vulnerable version of Lua(embedded in Ceph), however Lua is no longer supported in Ceph.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-15945"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-16435",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.5,
+ "summary": "CVE-2018-16435 lcms2: Integer overflow in AllocateDataSet() in cmscgats.c leading to heap-based buffer overflow (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:lcms2:0:2.9-2.el8",
+ "impacted_artifact": "rpm://8:lcms2:0:2.9-2.el8",
+ "impact_path": [
+ "rpm://8:lcms2:0:2.9-2.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/l/lcms2-2.9-2.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T16:10:17+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:38+11:00",
+ "issue_id": "XRAY-134531",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "STATEMENT: This issue affects the versions of lcms2 as shipped with Red Hat Enterprise Linux 7.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2018-16435"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-18640",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.",
+ "severity": "Medium",
+ "vulnerable_component": "gav://org.yaml:snakeyaml:1.21",
+ "impacted_artifact": "gav://org.yaml:snakeyaml:1.21",
+ "impact_path": [
+ "gav://org.yaml:snakeyaml:1.21"
+ ],
+ "path": "mavencentral-remote/org/yaml/snakeyaml/1.21/snakeyaml-1.21.jar",
+ "fixed_versions": [
+ "1.26"
+ ],
+ "published": "2019-12-20T04:53:32+11:00",
+ "artifact_scan_time": "2021-03-09T08:42:51+11:00",
+ "issue_id": "XRAY-92904",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "The Alias feature in SnakeYAML 1.18 allows entity expansion during a load operation, a related issue to CVE-2003-1564.",
+ "references": [
+ "https://mvnrepository.com/artifact/org.yaml/snakeyaml/1.25/usages",
+ "https://bitbucket.org/asomov/snakeyaml/wiki/Billion%20laughs%20attack",
+ "https://bitbucket.org/asomov/snakeyaml/issues/377/allow-configuration-for-preventing-billion",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CKN7VGIKTYBCAKYBRG55QHXAY5UDZ7HA/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PTVJC54XGX26UJVVYCXZ7D25X3R5T2G6/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 7.5,
+ "summary": "Robert Harder base64 Base64.java Base64.decode() Function String Decoding Decompression Handling Resource Exhaustion DoS",
+ "severity": "Medium",
+ "vulnerable_component": "gav://net.iharder:base64:2.3.8",
+ "impacted_artifact": "gav://io.cucumber:gherkin-jvm-deps:1.0.4",
+ "impact_path": [
+ "gav://io.cucumber:gherkin-jvm-deps:1.0.4",
+ "gav://net.iharder:base64:2.3.8"
+ ],
+ "path": "mavencentral-remote/io/cucumber/gherkin-jvm-deps/1.0.4/gherkin-jvm-deps-1.0.4.jar",
+ "fixed_versions": [],
+ "published": "2020-09-22T18:00:20+10:00",
+ "artifact_scan_time": "2021-03-09T08:42:52+11:00",
+ "issue_id": "XRAY-124941",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Robert Harder base64 contains a flaw in the Base64.decode() function in Base64.java that is triggered as data is automatically decompressed when decoding strings. This may allow a context-dependent to exhaust resources and cause a denial of service.",
+ "references": [
+ "https://issues.shibboleth.net/jira/browse/JXT-126"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "summary": "Apache Maven org.apache.maven.shared.utils.Expand Expand.java extractFile() Function Traversal Remote File Write",
+ "severity": "Medium",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0.8",
+ "impacted_artifact": "gav://org.apache.maven.surefire:maven-surefire-common:2.12.4",
+ "impact_path": [
+ "gav://org.apache.maven.surefire:maven-surefire-common:2.12.4",
+ "gav://org.codehaus.plexus:plexus-utils:3.0.8"
+ ],
+ "path": "mavencentral-remote/org/apache/maven/surefire/maven-surefire-common/2.12.4/maven-surefire-common-2.12.4.jar",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-05-03T00:45:39+10:00",
+ "artifact_scan_time": "2021-03-09T08:42:52+11:00",
+ "issue_id": "XRAY-81282",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Maven contains a flaw in org.apache.maven.shared.utils.Expand that allows traversing outside of a restricted path. The issue is due to the extractFile() function in Expand.java not properly sanitizing user input, specifically path traversal style attacks (e.g. '../'). With a specially crafted request, a remote attacker can write arbitrary files.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/commit/33a2853df8185b4519b1b8bfae284f03392618ef",
+ "https://github.com/codehaus-plexus/plexus-utils/issues/4",
+ "http://svn.apache.org/viewvc?view=revision\u0026revision=1749800",
+ "https://issues.apache.org/jira/browse/MSHARED-563"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 6.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:M/Au:N/C:C/I:C/A:C"
+ }
+ ],
+ "cvss2_max_score": 6.9,
+ "summary": "Apache Commons CLI Path Subversion Local Privilege Escalation",
+ "severity": "Medium",
+ "vulnerable_component": "gav://commons-cli:commons-cli:1.2",
+ "impacted_artifact": "gav://org.codehaus.groovy:groovy-all:1.7.6",
+ "impact_path": [
+ "gav://org.codehaus.groovy:groovy-all:1.7.6",
+ "gav://commons-cli:commons-cli:1.2"
+ ],
+ "path": "mavencentral-remote/org/codehaus/groovy/groovy-all/1.7.6/groovy-all-1.7.6.jar",
+ "fixed_versions": [
+ "1.3-RC1"
+ ],
+ "published": "2019-09-03T02:39:52+10:00",
+ "artifact_scan_time": "2021-03-09T08:45:52+11:00",
+ "issue_id": "XRAY-87345",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons is prone to a flaw in the way it loads CLI paths. The program uses a fixed path to look for specific files or libraries. This path includes directories that may not be trusted or under user control. By placing a custom version of the file or library in the path, the program will load it before the legitimate version. This allows a local attacker to inject custom code that will be run with the privilege of the program or user executing the program.\r \rThis attack can be leveraged remotely in some cases by placing the malicious file or library on a network share or extracted archive downloaded from a remote source. This can be done by tricking a user into opening an unspecified file from the local file system or a USB drive in some cases. This attack scenario is certainly possible, but rare.",
+ "references": [
+ "https://issues.apache.org/jira/browse/CLI-166",
+ "http://commons.apache.org/cli/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10543",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:P",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 8.2,
+ "summary": "CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:perl-Errno:0:1.28-416.el8",
+ "impacted_artifact": "rpm://8:perl-Errno:0:1.28-416.el8",
+ "impact_path": [
+ "rpm://8:perl-Errno:0:1.28-416.el8"
+ ],
+ "path": "ubi8-baseos-remote/Packages/p/perl-Errno-1.28-416.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:18+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:40+11:00",
+ "issue_id": "XRAY-133713",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "MITIGATION: To mitigate this flaw, developers should not allow untrusted regular expressions to be compiled by the Perl regular expression compiler.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-10543"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10878",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:perl-Errno:0:1.28-416.el8",
+ "impacted_artifact": "rpm://8:perl-Errno:0:1.28-416.el8",
+ "impact_path": [
+ "rpm://8:perl-Errno:0:1.28-416.el8"
+ ],
+ "path": "ubi8-baseos-remote/Packages/p/perl-Errno-1.28-416.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:18+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:40+11:00",
+ "issue_id": "XRAY-133725",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "MITIGATION: To mitigate this flaw, developers should not allow untrusted regular expressions to be compiled by the Perl regular expression compiler.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-10878"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12723",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "CVE-2020-12723 perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:perl-Errno:0:1.28-416.el8",
+ "impacted_artifact": "rpm://8:perl-Errno:0:1.28-416.el8",
+ "impact_path": [
+ "rpm://8:perl-Errno:0:1.28-416.el8"
+ ],
+ "path": "ubi8-baseos-remote/Packages/p/perl-Errno-1.28-416.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:20+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:40+11:00",
+ "issue_id": "XRAY-133802",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "MITIGATION: To mitigate this flaw, developers should not allow untrusted regular expressions to be compiled by the Perl regular expression compiler.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-12723"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12723",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "RHSA-2021:0557: perl security update (Moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:perl-Errno:0:1.28-416.el8",
+ "impacted_artifact": "rpm://8:perl-Errno:0:1.28-416.el8",
+ "impact_path": [
+ "rpm://8:perl-Errno:0:1.28-416.el8"
+ ],
+ "path": "ubi8-baseos-remote/Packages/p/perl-Errno-1.28-416.el8.x86_64.rpm",
+ "fixed_versions": [
+ "≥ 0:1.28-417.el8_3"
+ ],
+ "published": "2021-02-24T05:43:50+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:40+11:00",
+ "issue_id": "XRAY-141155",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Perl is a high-level programming language that is commonly used for system administration utilities and web programming.Security Fix(es):* perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS (CVE-2020-12723)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-12723",
+ "https://access.redhat.com/errata/RHSA-2021:0557"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12723",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "RHSA-2021:0557: perl security update (Moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:perl-libs:4:5.26.3-416.el8",
+ "impacted_artifact": "rpm://8:perl-libs:4:5.26.3-416.el8",
+ "impact_path": [
+ "rpm://8:perl-libs:4:5.26.3-416.el8"
+ ],
+ "path": "ubi8-baseos-remote/Packages/p/perl-libs-5.26.3-416.el8.x86_64.rpm",
+ "fixed_versions": [
+ "≥ 4:5.26.3-417.el8_3"
+ ],
+ "published": "2021-02-24T05:43:50+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:43+11:00",
+ "issue_id": "XRAY-141155",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Perl is a high-level programming language that is commonly used for system administration utilities and web programming.Security Fix(es):* perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS (CVE-2020-12723)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-12723",
+ "https://access.redhat.com/errata/RHSA-2021:0557"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10543",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:P",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 8.2,
+ "summary": "CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:perl-libs:4:5.26.3-416.el8",
+ "impacted_artifact": "rpm://8:perl-libs:4:5.26.3-416.el8",
+ "impact_path": [
+ "rpm://8:perl-libs:4:5.26.3-416.el8"
+ ],
+ "path": "ubi8-baseos-remote/Packages/p/perl-libs-5.26.3-416.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:18+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:43+11:00",
+ "issue_id": "XRAY-133713",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "MITIGATION: To mitigate this flaw, developers should not allow untrusted regular expressions to be compiled by the Perl regular expression compiler.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-10543"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10878",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:perl-libs:4:5.26.3-416.el8",
+ "impacted_artifact": "rpm://8:perl-libs:4:5.26.3-416.el8",
+ "impact_path": [
+ "rpm://8:perl-libs:4:5.26.3-416.el8"
+ ],
+ "path": "ubi8-baseos-remote/Packages/p/perl-libs-5.26.3-416.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:18+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:43+11:00",
+ "issue_id": "XRAY-133725",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "MITIGATION: To mitigate this flaw, developers should not allow untrusted regular expressions to be compiled by the Perl regular expression compiler.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-10878"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "summary": "Apache Maven org.apache.maven.shared.utils.Expand Expand.java extractFile() Function Traversal Remote File Write",
+ "severity": "Medium",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0.22",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:3.0.22",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:3.0.22"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/3.0.22/plexus-utils-3.0.22.jar",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-05-03T00:45:39+10:00",
+ "artifact_scan_time": "2021-03-09T08:43:53+11:00",
+ "issue_id": "XRAY-81282",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Maven contains a flaw in org.apache.maven.shared.utils.Expand that allows traversing outside of a restricted path. The issue is due to the extractFile() function in Expand.java not properly sanitizing user input, specifically path traversal style attacks (e.g. '../'). With a specially crafted request, a remote attacker can write arbitrary files.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/commit/33a2853df8185b4519b1b8bfae284f03392618ef",
+ "https://github.com/codehaus-plexus/plexus-utils/issues/4",
+ "http://svn.apache.org/viewvc?view=revision\u0026revision=1749800",
+ "https://issues.apache.org/jira/browse/MSHARED-563"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-11979",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without said protection, effectively nullifying the effort. This would still allow an attacker to inject modified source files into the build process.",
+ "severity": "Medium",
+ "vulnerable_component": "gav://org.apache.ant:ant:1.9.4",
+ "impacted_artifact": "gav://org.apache.ant:ant:1.9.4",
+ "impact_path": [
+ "gav://org.apache.ant:ant:1.9.4"
+ ],
+ "path": "mavencentral-remote/org/apache/ant/ant/1.9.4/ant-1.9.4.jar",
+ "fixed_versions": [
+ "1.10.9"
+ ],
+ "published": "2020-10-04T21:14:47+11:00",
+ "artifact_scan_time": "2021-03-09T08:44:51+11:00",
+ "issue_id": "XRAY-125793",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without said protection, effectively nullifying the effort. This would still allow an attacker to inject modified source files into the build process.",
+ "references": [
+ "https://lists.apache.org/thread.html/r2306b67f20c24942b872b0a41fbdc9330e8467388158bcd19c1094e0@%3Cdev.creadur.apache.org%3E",
+ "https://lists.apache.org/thread.html/r107ea1b1a7a214bc72fe1a04207546ccef542146ae22952e1013b5cc@%3Cdev.creadur.apache.org%3E",
+ "https://lists.apache.org/thread.html/r5e1cdd79f019162f76414708b2092acad0a6703d666d72d717319305@%3Cdev.creadur.apache.org%3E",
+ "https://lists.apache.org/thread.html/r1dc8518dc99c42ecca5ff82d0d2de64cd5d3a4fa691eb9ee0304781e@%3Cdev.creadur.apache.org%3E",
+ "https://lists.apache.org/thread.html/r4ca33fad3fb39d130cda287d5a60727d9e706e6f2cf2339b95729490@%3Cdev.creadur.apache.org%3E",
+ "https://www.oracle.com/security-alerts/cpujan2021.html",
+ "https://lists.apache.org/thread.html/rc3c8ef9724b5b1e171529b47f4b35cb7920edfb6e917fa21eb6c64ea%40%3Cdev.ant.apache.org%3E",
+ "https://github.com/gradle/gradle/security/advisories/GHSA-j45w-qrgf-25vm",
+ "https://security.gentoo.org/glsa/202011-18",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AALW42FWNQ35F7KB3JVRC6NBVV7AAYYI/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DYBRN5C2RW7JRY75IB7Q7ZVKZCHWAQWS/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3NRQQ7ECII4ZNGW7GBC225LVYMPQEKB/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "summary": "Apache Maven org.apache.maven.shared.utils.Expand Expand.java extractFile() Function Traversal Remote File Write",
+ "severity": "Medium",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0.5",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:3.0.5",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:3.0.5"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/3.0.5/plexus-utils-3.0.5.jar",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-05-03T00:45:39+10:00",
+ "artifact_scan_time": "2021-03-09T08:46:51+11:00",
+ "issue_id": "XRAY-81282",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Maven contains a flaw in org.apache.maven.shared.utils.Expand that allows traversing outside of a restricted path. The issue is due to the extractFile() function in Expand.java not properly sanitizing user input, specifically path traversal style attacks (e.g. '../'). With a specially crafted request, a remote attacker can write arbitrary files.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/commit/33a2853df8185b4519b1b8bfae284f03392618ef",
+ "https://github.com/codehaus-plexus/plexus-utils/issues/4",
+ "http://svn.apache.org/viewvc?view=revision\u0026revision=1749800",
+ "https://issues.apache.org/jira/browse/MSHARED-563"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28196",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libgssapi-krb5-2:1.16-2ubuntu0.1",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "deb://ubuntu:bionic:libgssapi-krb5-2:1.16-2ubuntu0.1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2020-11-12T05:00:54+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128250",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4635-1",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00011.html",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28196"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3114",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 6.5,
+ "summary": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:6aec7280f8c504d22bc91ebd8ab90c2f3ce2382786aeb505a010967b8d1d4073/bsondump",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-02T00:46:31+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139164",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "references": [
+ "https://github.com/golang/go/commit/d95ca9138026cbe40e0857d76a81a16d03230871",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3114",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 6.5,
+ "summary": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:42de18fd91da55d78f6990850cce9d90e3aa76f56798e34bfd055b3248bf194f/mongoexport",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-02T00:46:31+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139164",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "references": [
+ "https://github.com/golang/go/commit/d95ca9138026cbe40e0857d76a81a16d03230871",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3114",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 6.5,
+ "summary": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:9a7ef0b65a2290bbfad7aa0b1715a687337eb66a10945629e84839ef623e8cbe/mongoimport",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-02T00:46:31+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139164",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "references": [
+ "https://github.com/golang/go/commit/d95ca9138026cbe40e0857d76a81a16d03230871",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3114",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 6.5,
+ "summary": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:b23d5de76064f7969468e87a618ac87a442283a079e81ddbf7e8a9f64083ab57/mongostat",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-02T00:46:31+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139164",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "references": [
+ "https://github.com/golang/go/commit/d95ca9138026cbe40e0857d76a81a16d03230871",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3114",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 6.5,
+ "summary": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:aff160a75a624d76fa9d8624dbc0ecfb0632db77384e376acb49355aab008234/mongodump",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-02T00:46:31+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139164",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "references": [
+ "https://github.com/golang/go/commit/d95ca9138026cbe40e0857d76a81a16d03230871",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3114",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 6.5,
+ "summary": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:039012ae96b3c7be75e99c6c05d0543c7635e02d660630e76b967e4607501182/mongofiles",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-02T00:46:31+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139164",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "references": [
+ "https://github.com/golang/go/commit/d95ca9138026cbe40e0857d76a81a16d03230871",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3114",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 6.5,
+ "summary": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:be381c77c5e74899ad45dc41cec9c40510f35cd1c03618f6b766083f39e40d06/mongotop",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-02T00:46:31+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139164",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "references": [
+ "https://github.com/golang/go/commit/d95ca9138026cbe40e0857d76a81a16d03230871",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3114",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 6.5,
+ "summary": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:2e9fafe058442a512ba193d9e5ad0bf0356b76db99cf877caac6f5376d6e7f0e/mongorestore",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-02T00:46:31+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139164",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "references": [
+ "https://github.com/golang/go/commit/d95ca9138026cbe40e0857d76a81a16d03230871",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-36221",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-02-07T21:39:03+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139572",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4724-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36221"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28367",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.13.10",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "generic://sha256:0f25a21cf64e58078057adc78f38705163c1d564a959ff30a891c31917011a54/gosu",
+ "go://github.com/golang/go:1.13.10"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.12",
+ "1.15.5"
+ ],
+ "published": "2020-11-19T20:55:03+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128578",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM",
+ "https://github.com/golang/go/issues/42556",
+ "https://lists.apache.org/thread.html/rd02e75766cd333a0df417588460f5e4477060633000bfe94955851fd@%3Cissues.trafficcontrol.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29361",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libp11-kit0:0.23.9-2",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848/sha256__171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848.tar.gz",
+ "deb://ubuntu:bionic:libp11-kit0:0.23.9-2"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2020-12-25T16:04:43+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-137374",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4677-2",
+ "https://usn.ubuntu.com/usn/usn-4677-1",
+ "https://github.com/p11-glue/p11-kit/security/advisories/GHSA-q4r3-hm6m-mvc2",
+ "https://lists.freedesktop.org/archives/p11-glue/2020-December/000712.html",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29361"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-36227",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-02-07T22:01:56+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139640",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4724-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36227"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-36223",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-02-07T22:16:48+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139687",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4724-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36223"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-16845",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:6aec7280f8c504d22bc91ebd8ab90c2f3ce2382786aeb505a010967b8d1d4073/bsondump",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.13.15",
+ "1.14.7",
+ "1.15rc2"
+ ],
+ "published": "2020-08-11T20:54:34+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-117511",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.",
+ "references": [
+ "https://groups.google.com/forum/#!topic/golang-announce/NyPIaucMgXo",
+ "https://security.netapp.com/advisory/ntap-20200924-0002/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WV2VWKFTH4EJGZBZALVUJQJOAQB5MDQ4/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KWRBAH4UZJO3RROQ72SYCUPFCJFA22FO/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6RCFJTMKHY5ICGEM5BUFUEDDGSPJ25XU/",
+ "https://groups.google.com/forum/#!topic/golang-announce/_ulYYcIWg3Q",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00021.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00028.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-16845",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:42de18fd91da55d78f6990850cce9d90e3aa76f56798e34bfd055b3248bf194f/mongoexport",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.13.15",
+ "1.14.7",
+ "1.15rc2"
+ ],
+ "published": "2020-08-11T20:54:34+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-117511",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.",
+ "references": [
+ "https://groups.google.com/forum/#!topic/golang-announce/NyPIaucMgXo",
+ "https://security.netapp.com/advisory/ntap-20200924-0002/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WV2VWKFTH4EJGZBZALVUJQJOAQB5MDQ4/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KWRBAH4UZJO3RROQ72SYCUPFCJFA22FO/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6RCFJTMKHY5ICGEM5BUFUEDDGSPJ25XU/",
+ "https://groups.google.com/forum/#!topic/golang-announce/_ulYYcIWg3Q",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00021.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00028.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-16845",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:9a7ef0b65a2290bbfad7aa0b1715a687337eb66a10945629e84839ef623e8cbe/mongoimport",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.13.15",
+ "1.14.7",
+ "1.15rc2"
+ ],
+ "published": "2020-08-11T20:54:34+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-117511",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.",
+ "references": [
+ "https://groups.google.com/forum/#!topic/golang-announce/NyPIaucMgXo",
+ "https://security.netapp.com/advisory/ntap-20200924-0002/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WV2VWKFTH4EJGZBZALVUJQJOAQB5MDQ4/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KWRBAH4UZJO3RROQ72SYCUPFCJFA22FO/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6RCFJTMKHY5ICGEM5BUFUEDDGSPJ25XU/",
+ "https://groups.google.com/forum/#!topic/golang-announce/_ulYYcIWg3Q",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00021.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00028.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-16845",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:b23d5de76064f7969468e87a618ac87a442283a079e81ddbf7e8a9f64083ab57/mongostat",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.13.15",
+ "1.14.7",
+ "1.15rc2"
+ ],
+ "published": "2020-08-11T20:54:34+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-117511",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.",
+ "references": [
+ "https://groups.google.com/forum/#!topic/golang-announce/NyPIaucMgXo",
+ "https://security.netapp.com/advisory/ntap-20200924-0002/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WV2VWKFTH4EJGZBZALVUJQJOAQB5MDQ4/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KWRBAH4UZJO3RROQ72SYCUPFCJFA22FO/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6RCFJTMKHY5ICGEM5BUFUEDDGSPJ25XU/",
+ "https://groups.google.com/forum/#!topic/golang-announce/_ulYYcIWg3Q",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00021.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00028.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-16845",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:aff160a75a624d76fa9d8624dbc0ecfb0632db77384e376acb49355aab008234/mongodump",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.13.15",
+ "1.14.7",
+ "1.15rc2"
+ ],
+ "published": "2020-08-11T20:54:34+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-117511",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.",
+ "references": [
+ "https://groups.google.com/forum/#!topic/golang-announce/NyPIaucMgXo",
+ "https://security.netapp.com/advisory/ntap-20200924-0002/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WV2VWKFTH4EJGZBZALVUJQJOAQB5MDQ4/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KWRBAH4UZJO3RROQ72SYCUPFCJFA22FO/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6RCFJTMKHY5ICGEM5BUFUEDDGSPJ25XU/",
+ "https://groups.google.com/forum/#!topic/golang-announce/_ulYYcIWg3Q",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00021.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00028.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-16845",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:039012ae96b3c7be75e99c6c05d0543c7635e02d660630e76b967e4607501182/mongofiles",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.13.15",
+ "1.14.7",
+ "1.15rc2"
+ ],
+ "published": "2020-08-11T20:54:34+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-117511",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.",
+ "references": [
+ "https://groups.google.com/forum/#!topic/golang-announce/NyPIaucMgXo",
+ "https://security.netapp.com/advisory/ntap-20200924-0002/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WV2VWKFTH4EJGZBZALVUJQJOAQB5MDQ4/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KWRBAH4UZJO3RROQ72SYCUPFCJFA22FO/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6RCFJTMKHY5ICGEM5BUFUEDDGSPJ25XU/",
+ "https://groups.google.com/forum/#!topic/golang-announce/_ulYYcIWg3Q",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00021.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00028.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-16845",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:be381c77c5e74899ad45dc41cec9c40510f35cd1c03618f6b766083f39e40d06/mongotop",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.13.15",
+ "1.14.7",
+ "1.15rc2"
+ ],
+ "published": "2020-08-11T20:54:34+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-117511",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.",
+ "references": [
+ "https://groups.google.com/forum/#!topic/golang-announce/NyPIaucMgXo",
+ "https://security.netapp.com/advisory/ntap-20200924-0002/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WV2VWKFTH4EJGZBZALVUJQJOAQB5MDQ4/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KWRBAH4UZJO3RROQ72SYCUPFCJFA22FO/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6RCFJTMKHY5ICGEM5BUFUEDDGSPJ25XU/",
+ "https://groups.google.com/forum/#!topic/golang-announce/_ulYYcIWg3Q",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00021.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00028.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-16845",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:2e9fafe058442a512ba193d9e5ad0bf0356b76db99cf877caac6f5376d6e7f0e/mongorestore",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.13.15",
+ "1.14.7",
+ "1.15rc2"
+ ],
+ "published": "2020-08-11T20:54:34+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-117511",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.",
+ "references": [
+ "https://groups.google.com/forum/#!topic/golang-announce/NyPIaucMgXo",
+ "https://security.netapp.com/advisory/ntap-20200924-0002/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WV2VWKFTH4EJGZBZALVUJQJOAQB5MDQ4/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KWRBAH4UZJO3RROQ72SYCUPFCJFA22FO/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6RCFJTMKHY5ICGEM5BUFUEDDGSPJ25XU/",
+ "https://groups.google.com/forum/#!topic/golang-announce/_ulYYcIWg3Q",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00021.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00028.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-25710"
+ }
+ ],
+ "summary": "assertion failure in CSN normalization with invalid input",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2020-11-23T08:07:10+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128739",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "assertion failure in CSN normalization with invalid input",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4634-2",
+ "https://usn.ubuntu.com/usn/usn-4634-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25710"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29363",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "An issue was discovered in p11-kit 0.23.6 through 0.23.21. A heap-based buffer overflow has been discovered in the RPC protocol used by p11-kit server/remote commands and the client library. When the remote entity supplies a serialized byte array in a CK_ATTRIBUTE, the receiving entity may not allocate sufficient length for the buffer to store the deserialized value.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libp11-kit0:0.23.9-2",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848/sha256__171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848.tar.gz",
+ "deb://ubuntu:bionic:libp11-kit0:0.23.9-2"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2020-12-25T15:38:31+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-137267",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An issue was discovered in p11-kit 0.23.6 through 0.23.21. A heap-based buffer overflow has been discovered in the RPC protocol used by p11-kit server/remote commands and the client library. When the remote entity supplies a serialized byte array in a CK_ATTRIBUTE, the receiving entity may not allocate sufficient length for the buffer to store the deserialized value.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4677-1",
+ "https://github.com/p11-glue/p11-kit/security/advisories/GHSA-5j67-fw89-fp6x",
+ "https://lists.freedesktop.org/archives/p11-glue/2020-December/000712.html",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29363"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-20839",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 9.8,
+ "summary": "systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libudev1:237-3ubuntu10.42",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848/sha256__171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848.tar.gz",
+ "deb://ubuntu:bionic:libudev1:237-3ubuntu10.42"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2019-08-26T00:27:05+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-86827",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20839",
+ "https://github.com/systemd/systemd/pull/12378",
+ "https://github.com/systemd/systemd/pull/13109"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-36230",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-02-07T21:44:57+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139587",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4724-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36230"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27918",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:be381c77c5e74899ad45dc41cec9c40510f35cd1c03618f6b766083f39e40d06/mongotop",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.16.1",
+ "1.15.9"
+ ],
+ "published": "2021-03-15T00:32:21+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-145876",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27918",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:aff160a75a624d76fa9d8624dbc0ecfb0632db77384e376acb49355aab008234/mongodump",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.16.1",
+ "1.15.9"
+ ],
+ "published": "2021-03-15T00:32:21+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-145876",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27918",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:6aec7280f8c504d22bc91ebd8ab90c2f3ce2382786aeb505a010967b8d1d4073/bsondump",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.16.1",
+ "1.15.9"
+ ],
+ "published": "2021-03-15T00:32:21+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-145876",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27918",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:b23d5de76064f7969468e87a618ac87a442283a079e81ddbf7e8a9f64083ab57/mongostat",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.16.1",
+ "1.15.9"
+ ],
+ "published": "2021-03-15T00:32:21+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-145876",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27918",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:9a7ef0b65a2290bbfad7aa0b1715a687337eb66a10945629e84839ef623e8cbe/mongoimport",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.16.1",
+ "1.15.9"
+ ],
+ "published": "2021-03-15T00:32:21+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-145876",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27918",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:2e9fafe058442a512ba193d9e5ad0bf0356b76db99cf877caac6f5376d6e7f0e/mongorestore",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.16.1",
+ "1.15.9"
+ ],
+ "published": "2021-03-15T00:32:21+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-145876",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27918",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:42de18fd91da55d78f6990850cce9d90e3aa76f56798e34bfd055b3248bf194f/mongoexport",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.16.1",
+ "1.15.9"
+ ],
+ "published": "2021-03-15T00:32:21+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-145876",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27918",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:039012ae96b3c7be75e99c6c05d0543c7635e02d660630e76b967e4607501182/mongofiles",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.16.1",
+ "1.15.9"
+ ],
+ "published": "2021-03-15T00:32:21+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-145876",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-13224",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte encoding that gets handled by onig_new_deluxe(). Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libonig4:6.7.0-1",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:06e2d54757a5b0c81dcbc423ed468c533b04e1c8a69debe60ed90bde3e2ffd52/sha256__06e2d54757a5b0c81dcbc423ed468c533b04e1c8a69debe60ed90bde3e2ffd52.tar.gz",
+ "deb://ubuntu:bionic:libonig4:6.7.0-1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2019-08-26T00:18:00+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-86452",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "It was discovered that Oniguruma incorrectly handled certain regular expressions. An attacker could possibly use this issue to obtain sensitive information, cause a denial of service or execute arbitrary code.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13224",
+ "https://github.com/kkos/oniguruma/commit/0f7f61ed1b7b697e283e37bd2d731d0bd57adb55",
+ "https://usn.ubuntu.com/usn/usn-4088-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28366",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:6aec7280f8c504d22bc91ebd8ab90c2f3ce2382786aeb505a010967b8d1d4073/bsondump",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.12",
+ "1.15.5"
+ ],
+ "published": "2020-11-20T00:55:03+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128619",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM",
+ "https://github.com/golang/go/issues/42559",
+ "https://lists.apache.org/thread.html/rd02e75766cd333a0df417588460f5e4477060633000bfe94955851fd@%3Cissues.trafficcontrol.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28366",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:42de18fd91da55d78f6990850cce9d90e3aa76f56798e34bfd055b3248bf194f/mongoexport",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.12",
+ "1.15.5"
+ ],
+ "published": "2020-11-20T00:55:03+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128619",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM",
+ "https://github.com/golang/go/issues/42559",
+ "https://lists.apache.org/thread.html/rd02e75766cd333a0df417588460f5e4477060633000bfe94955851fd@%3Cissues.trafficcontrol.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28366",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:9a7ef0b65a2290bbfad7aa0b1715a687337eb66a10945629e84839ef623e8cbe/mongoimport",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.12",
+ "1.15.5"
+ ],
+ "published": "2020-11-20T00:55:03+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128619",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM",
+ "https://github.com/golang/go/issues/42559",
+ "https://lists.apache.org/thread.html/rd02e75766cd333a0df417588460f5e4477060633000bfe94955851fd@%3Cissues.trafficcontrol.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28366",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:b23d5de76064f7969468e87a618ac87a442283a079e81ddbf7e8a9f64083ab57/mongostat",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.12",
+ "1.15.5"
+ ],
+ "published": "2020-11-20T00:55:03+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128619",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM",
+ "https://github.com/golang/go/issues/42559",
+ "https://lists.apache.org/thread.html/rd02e75766cd333a0df417588460f5e4477060633000bfe94955851fd@%3Cissues.trafficcontrol.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28366",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:aff160a75a624d76fa9d8624dbc0ecfb0632db77384e376acb49355aab008234/mongodump",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.12",
+ "1.15.5"
+ ],
+ "published": "2020-11-20T00:55:03+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128619",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM",
+ "https://github.com/golang/go/issues/42559",
+ "https://lists.apache.org/thread.html/rd02e75766cd333a0df417588460f5e4477060633000bfe94955851fd@%3Cissues.trafficcontrol.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28366",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:039012ae96b3c7be75e99c6c05d0543c7635e02d660630e76b967e4607501182/mongofiles",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.12",
+ "1.15.5"
+ ],
+ "published": "2020-11-20T00:55:03+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128619",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM",
+ "https://github.com/golang/go/issues/42559",
+ "https://lists.apache.org/thread.html/rd02e75766cd333a0df417588460f5e4477060633000bfe94955851fd@%3Cissues.trafficcontrol.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28366",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:be381c77c5e74899ad45dc41cec9c40510f35cd1c03618f6b766083f39e40d06/mongotop",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.12",
+ "1.15.5"
+ ],
+ "published": "2020-11-20T00:55:03+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128619",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM",
+ "https://github.com/golang/go/issues/42559",
+ "https://lists.apache.org/thread.html/rd02e75766cd333a0df417588460f5e4477060633000bfe94955851fd@%3Cissues.trafficcontrol.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28366",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:2e9fafe058442a512ba193d9e5ad0bf0356b76db99cf877caac6f5376d6e7f0e/mongorestore",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.12",
+ "1.15.5"
+ ],
+ "published": "2020-11-20T00:55:03+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128619",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM",
+ "https://github.com/golang/go/issues/42559",
+ "https://lists.apache.org/thread.html/rd02e75766cd333a0df417588460f5e4477060633000bfe94955851fd@%3Cissues.trafficcontrol.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29509",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:6aec7280f8c504d22bc91ebd8ab90c2f3ce2382786aeb505a010967b8d1d4073/bsondump",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134985",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-attributes.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29509",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:42de18fd91da55d78f6990850cce9d90e3aa76f56798e34bfd055b3248bf194f/mongoexport",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134985",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-attributes.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29509",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:9a7ef0b65a2290bbfad7aa0b1715a687337eb66a10945629e84839ef623e8cbe/mongoimport",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134985",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-attributes.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29509",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:b23d5de76064f7969468e87a618ac87a442283a079e81ddbf7e8a9f64083ab57/mongostat",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134985",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-attributes.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29509",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:aff160a75a624d76fa9d8624dbc0ecfb0632db77384e376acb49355aab008234/mongodump",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134985",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-attributes.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29509",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:039012ae96b3c7be75e99c6c05d0543c7635e02d660630e76b967e4607501182/mongofiles",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134985",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-attributes.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29509",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:be381c77c5e74899ad45dc41cec9c40510f35cd1c03618f6b766083f39e40d06/mongotop",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134985",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-attributes.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29509",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:2e9fafe058442a512ba193d9e5ad0bf0356b76db99cf877caac6f5376d6e7f0e/mongorestore",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134985",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-attributes.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27212",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-02-22T15:38:05+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-140788",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4744-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27212"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-20217",
+ "cvss_v2_score": 3.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:S/C:N/I:N/A:P",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 3.5,
+ "cvss3_max_score": 5.3,
+ "summary": "A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libkrb5support0:1.16-2ubuntu0.1",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "deb://ubuntu:bionic:libkrb5support0:1.16-2ubuntu0.1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2019-03-03T19:09:48+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-76141",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "It was discovered that Kerberos incorrectly handled certain S4U2Self requests. An attacker could possibly use this issue to cause a denial of service.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-24553",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 6.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 6.1,
+ "summary": "Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:6aec7280f8c504d22bc91ebd8ab90c2f3ce2382786aeb505a010967b8d1d4073/bsondump",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.8",
+ "1.15.1"
+ ],
+ "published": "2020-09-04T01:19:11+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-122286",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.",
+ "references": [
+ "http://seclists.org/fulldisclosure/2020/Sep/5",
+ "http://packetstormsecurity.com/files/159049/Go-CGI-FastCGI-Transport-Cross-Site-Scripting.html",
+ "https://groups.google.com/forum/#!topic/golang-announce/8wqlSbkLdPs"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-24553",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 6.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 6.1,
+ "summary": "Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:42de18fd91da55d78f6990850cce9d90e3aa76f56798e34bfd055b3248bf194f/mongoexport",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.8",
+ "1.15.1"
+ ],
+ "published": "2020-09-04T01:19:11+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-122286",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.",
+ "references": [
+ "http://seclists.org/fulldisclosure/2020/Sep/5",
+ "http://packetstormsecurity.com/files/159049/Go-CGI-FastCGI-Transport-Cross-Site-Scripting.html",
+ "https://groups.google.com/forum/#!topic/golang-announce/8wqlSbkLdPs"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-24553",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 6.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 6.1,
+ "summary": "Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:9a7ef0b65a2290bbfad7aa0b1715a687337eb66a10945629e84839ef623e8cbe/mongoimport",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.8",
+ "1.15.1"
+ ],
+ "published": "2020-09-04T01:19:11+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-122286",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.",
+ "references": [
+ "http://seclists.org/fulldisclosure/2020/Sep/5",
+ "http://packetstormsecurity.com/files/159049/Go-CGI-FastCGI-Transport-Cross-Site-Scripting.html",
+ "https://groups.google.com/forum/#!topic/golang-announce/8wqlSbkLdPs"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-24553",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 6.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 6.1,
+ "summary": "Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:b23d5de76064f7969468e87a618ac87a442283a079e81ddbf7e8a9f64083ab57/mongostat",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.8",
+ "1.15.1"
+ ],
+ "published": "2020-09-04T01:19:11+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-122286",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.",
+ "references": [
+ "http://seclists.org/fulldisclosure/2020/Sep/5",
+ "http://packetstormsecurity.com/files/159049/Go-CGI-FastCGI-Transport-Cross-Site-Scripting.html",
+ "https://groups.google.com/forum/#!topic/golang-announce/8wqlSbkLdPs"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-24553",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 6.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 6.1,
+ "summary": "Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:aff160a75a624d76fa9d8624dbc0ecfb0632db77384e376acb49355aab008234/mongodump",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.8",
+ "1.15.1"
+ ],
+ "published": "2020-09-04T01:19:11+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-122286",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.",
+ "references": [
+ "http://seclists.org/fulldisclosure/2020/Sep/5",
+ "http://packetstormsecurity.com/files/159049/Go-CGI-FastCGI-Transport-Cross-Site-Scripting.html",
+ "https://groups.google.com/forum/#!topic/golang-announce/8wqlSbkLdPs"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-24553",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 6.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 6.1,
+ "summary": "Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:039012ae96b3c7be75e99c6c05d0543c7635e02d660630e76b967e4607501182/mongofiles",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.8",
+ "1.15.1"
+ ],
+ "published": "2020-09-04T01:19:11+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-122286",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.",
+ "references": [
+ "http://seclists.org/fulldisclosure/2020/Sep/5",
+ "http://packetstormsecurity.com/files/159049/Go-CGI-FastCGI-Transport-Cross-Site-Scripting.html",
+ "https://groups.google.com/forum/#!topic/golang-announce/8wqlSbkLdPs"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-24553",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 6.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 6.1,
+ "summary": "Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:be381c77c5e74899ad45dc41cec9c40510f35cd1c03618f6b766083f39e40d06/mongotop",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.8",
+ "1.15.1"
+ ],
+ "published": "2020-09-04T01:19:11+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-122286",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.",
+ "references": [
+ "http://seclists.org/fulldisclosure/2020/Sep/5",
+ "http://packetstormsecurity.com/files/159049/Go-CGI-FastCGI-Transport-Cross-Site-Scripting.html",
+ "https://groups.google.com/forum/#!topic/golang-announce/8wqlSbkLdPs"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-24553",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 6.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 6.1,
+ "summary": "Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:2e9fafe058442a512ba193d9e5ad0bf0356b76db99cf877caac6f5376d6e7f0e/mongorestore",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.8",
+ "1.15.1"
+ ],
+ "published": "2020-09-04T01:19:11+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-122286",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.",
+ "references": [
+ "http://seclists.org/fulldisclosure/2020/Sep/5",
+ "http://packetstormsecurity.com/files/159049/Go-CGI-FastCGI-Transport-Cross-Site-Scripting.html",
+ "https://groups.google.com/forum/#!topic/golang-announce/8wqlSbkLdPs"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29362",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 5.3,
+ "summary": "An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS#11 function call, the receiving entity may allow the reading of up to 4 bytes of memory past the heap allocation.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libp11-kit0:0.23.9-2",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848/sha256__171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848.tar.gz",
+ "deb://ubuntu:bionic:libp11-kit0:0.23.9-2"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2020-12-25T15:51:38+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-137315",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When the remote entity supplies a byte array through a serialized PKCS#11 function call, the receiving entity may allow the reading of up to 4 bytes of memory past the heap allocation.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4677-1",
+ "https://github.com/p11-glue/p11-kit/security/advisories/GHSA-5wpq-43j2-6qwc",
+ "https://lists.freedesktop.org/archives/p11-glue/2020-December/000712.html",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29362"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-23841",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:openssl:1.1.1-1ubuntu2.1~18.04.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:06e2d54757a5b0c81dcbc423ed468c533b04e1c8a69debe60ed90bde3e2ffd52/sha256__06e2d54757a5b0c81dcbc423ed468c533b04e1c8a69debe60ed90bde3e2ffd52.tar.gz",
+ "deb://ubuntu:bionic:openssl:1.1.1-1ubuntu2.1~18.04.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "≥ 1.1.1-1ubuntu2.1~18.04.8"
+ ],
+ "published": "2021-02-22T15:42:30+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-140795",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4745-1",
+ "https://usn.ubuntu.com/usn/usn-4738-1",
+ "https://www.openssl.org/news/secadv/20210216.txt",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-14039",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 5.3,
+ "summary": "In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.13.10",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "generic://sha256:0f25a21cf64e58078057adc78f38705163c1d564a959ff30a891c31917011a54/gosu",
+ "go://github.com/golang/go:1.13.10"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.13.13",
+ "1.14.5",
+ "1.15rc1"
+ ],
+ "published": "2020-07-26T21:38:48+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-114289",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.",
+ "references": [
+ "https://groups.google.com/forum/#!topic/golang-announce/XZNfaiwgt2w",
+ "https://groups.google.com/forum/#!forum/golang-announce"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-19204",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libonig4:6.7.0-1",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:06e2d54757a5b0c81dcbc423ed468c533b04e1c8a69debe60ed90bde3e2ffd52/sha256__06e2d54757a5b0c81dcbc423ed468c533b04e1c8a69debe60ed90bde3e2ffd52.tar.gz",
+ "deb://ubuntu:bionic:libonig4:6.7.0-1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2019-11-25T16:00:00+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-91992",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19204",
+ "https://github.com/kkos/oniguruma/issues/162",
+ "https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2",
+ "https://usn.ubuntu.com/usn/usn-4460-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-36224",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-02-07T22:09:06+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139663",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4724-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36224"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-36225",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-02-07T22:22:47+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139704",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4724-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36225"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-24031",
+ "cvss_v2_score": 2.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 2.1,
+ "cvss3_max_score": 5.5,
+ "summary": "In the Zstandard command-line utility prior to v1.4.1, output files were created with default permissions. Correct file permissions (matching the input) would only be set at completion time. Output files could therefore be readable or writable to unintended parties.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libzstd1:1.3.3+dfsg-2ubuntu1.1",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848/sha256__171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848.tar.gz",
+ "deb://ubuntu:bionic:libzstd1:1.3.3+dfsg-2ubuntu1.1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-03-08T03:58:16+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-141757",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In the Zstandard command-line utility prior to v1.4.1, output files were created with default permissions. Correct file permissions (matching the input) would only be set at completion time. Output files could therefore be readable or writable to unintended parties.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24031",
+ "https://usn.ubuntu.com/usn/usn-4760-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-9513",
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.5,
+ "summary": "Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libnghttp2-14:1.30.0-1ubuntu1",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "deb://ubuntu:bionic:libnghttp2-14:1.30.0-1ubuntu1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2019-08-26T00:18:02+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-86454",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9513",
+ "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md",
+ "https://usn.ubuntu.com/usn/usn-4099-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-13844",
+ "cvss_v2_score": 2.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 2.1,
+ "cvss3_max_score": 5.5,
+ "summary": "Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka \"straight-line speculation.\"",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:gcc-8-base:8.4.0-1ubuntu1~18.04",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848/sha256__171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848.tar.gz",
+ "deb://ubuntu:bionic:gcc-8-base:8.4.0-1ubuntu1~18.04"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2020-06-14T14:39:42+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-100566",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka \"straight-line speculation.\"",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844",
+ "http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html",
+ "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability",
+ "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation",
+ "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions",
+ "https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html",
+ "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-36227",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-02-07T22:01:56+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139640",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4724-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36227"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-19012",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 9.8,
+ "summary": "An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libonig4:6.7.0-1",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:06e2d54757a5b0c81dcbc423ed468c533b04e1c8a69debe60ed90bde3e2ffd52/sha256__06e2d54757a5b0c81dcbc423ed468c533b04e1c8a69debe60ed90bde3e2ffd52.tar.gz",
+ "deb://ubuntu:bionic:libonig4:6.7.0-1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2019-11-25T15:43:32+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-91960",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19012",
+ "https://github.com/kkos/oniguruma/issues/164",
+ "https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2",
+ "https://usn.ubuntu.com/usn/usn-4460-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-25709"
+ }
+ ],
+ "summary": "assertion failure in Certificate List syntax validation",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2020-11-23T08:00:24+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128736",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "assertion failure in Certificate List syntax validation",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4634-2",
+ "https://usn.ubuntu.com/usn/usn-4634-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25709"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-20217",
+ "cvss_v2_score": 3.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:S/C:N/I:N/A:P",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 3.5,
+ "cvss3_max_score": 5.3,
+ "summary": "A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libgssapi-krb5-2:1.16-2ubuntu0.1",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "deb://ubuntu:bionic:libgssapi-krb5-2:1.16-2ubuntu0.1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2019-03-03T19:09:48+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-76141",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "It was discovered that Kerberos incorrectly handled certain S4U2Self requests. An attacker could possibly use this issue to cause a denial of service.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-16845",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.13.10",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "generic://sha256:0f25a21cf64e58078057adc78f38705163c1d564a959ff30a891c31917011a54/gosu",
+ "go://github.com/golang/go:1.13.10"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.13.15",
+ "1.14.7",
+ "1.15rc2"
+ ],
+ "published": "2020-08-11T20:54:34+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-117511",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.",
+ "references": [
+ "https://groups.google.com/forum/#!topic/golang-announce/NyPIaucMgXo",
+ "https://security.netapp.com/advisory/ntap-20200924-0002/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WV2VWKFTH4EJGZBZALVUJQJOAQB5MDQ4/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KWRBAH4UZJO3RROQ72SYCUPFCJFA22FO/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6RCFJTMKHY5ICGEM5BUFUEDDGSPJ25XU/",
+ "https://groups.google.com/forum/#!topic/golang-announce/_ulYYcIWg3Q",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00021.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00028.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-25710"
+ }
+ ],
+ "summary": "assertion failure in CSN normalization with invalid input",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2020-11-23T08:07:10+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128739",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "assertion failure in CSN normalization with invalid input",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4634-2",
+ "https://usn.ubuntu.com/usn/usn-4634-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25710"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-13844",
+ "cvss_v2_score": 2.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 2.1,
+ "cvss3_max_score": 5.5,
+ "summary": "Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka \"straight-line speculation.\"",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libgcc1:1:8.4.0-1ubuntu1~18.04",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848/sha256__171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848.tar.gz",
+ "deb://ubuntu:bionic:libgcc1:1:8.4.0-1ubuntu1~18.04"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2020-06-14T14:39:42+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-100566",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka \"straight-line speculation.\"",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844",
+ "http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html",
+ "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability",
+ "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation",
+ "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions",
+ "https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html",
+ "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-13844",
+ "cvss_v2_score": 2.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 2.1,
+ "cvss3_max_score": 5.5,
+ "summary": "Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka \"straight-line speculation.\"",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libstdc++6:8.4.0-1ubuntu1~18.04",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848/sha256__171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848.tar.gz",
+ "deb://ubuntu:bionic:libstdc++6:8.4.0-1ubuntu1~18.04"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2020-06-14T14:39:42+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-100566",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka \"straight-line speculation.\"",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844",
+ "http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html",
+ "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability",
+ "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation",
+ "https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions",
+ "https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html",
+ "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-25692",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2020-11-08T15:57:13+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-127926",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4622-2",
+ "https://usn.ubuntu.com/usn/usn-4622-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25692"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-19246",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libonig4:6.7.0-1",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:06e2d54757a5b0c81dcbc423ed468c533b04e1c8a69debe60ed90bde3e2ffd52/sha256__06e2d54757a5b0c81dcbc423ed468c533b04e1c8a69debe60ed90bde3e2ffd52.tar.gz",
+ "deb://ubuntu:bionic:libonig4:6.7.0-1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2019-12-08T15:34:20+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-92457",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has a heap-based buffer over-read in str_lower_case_match in regexec.c.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19246",
+ "https://bugs.php.net/bug.php?id=78559",
+ "https://github.com/kkos/oniguruma/commit/d3e402928b6eb3327f8f7d59a9edfa622fec557b",
+ "https://usn.ubuntu.com/usn/usn-4460-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-16163",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libonig4:6.7.0-1",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:06e2d54757a5b0c81dcbc423ed468c533b04e1c8a69debe60ed90bde3e2ffd52/sha256__06e2d54757a5b0c81dcbc423ed468c533b04e1c8a69debe60ed90bde3e2ffd52.tar.gz",
+ "deb://ubuntu:bionic:libonig4:6.7.0-1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2019-09-15T14:39:04+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-88145",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16163",
+ "https://github.com/kkos/oniguruma/issues/147",
+ "https://github.com/kkos/oniguruma/commit/4097828d7cc87589864fecf452f2cd46c5f37180",
+ "https://github.com/kkos/oniguruma/compare/v6.9.2...v6.9.3",
+ "https://usn.ubuntu.com/usn/usn-4460-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28196",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libkrb5-3:1.16-2ubuntu0.1",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "deb://ubuntu:bionic:libkrb5-3:1.16-2ubuntu0.1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2020-11-12T05:00:54+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128250",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4635-1",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00011.html",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28196"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28367",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:6aec7280f8c504d22bc91ebd8ab90c2f3ce2382786aeb505a010967b8d1d4073/bsondump",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.12",
+ "1.15.5"
+ ],
+ "published": "2020-11-19T20:55:03+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128578",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM",
+ "https://github.com/golang/go/issues/42556",
+ "https://lists.apache.org/thread.html/rd02e75766cd333a0df417588460f5e4477060633000bfe94955851fd@%3Cissues.trafficcontrol.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28367",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:42de18fd91da55d78f6990850cce9d90e3aa76f56798e34bfd055b3248bf194f/mongoexport",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.12",
+ "1.15.5"
+ ],
+ "published": "2020-11-19T20:55:03+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128578",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM",
+ "https://github.com/golang/go/issues/42556",
+ "https://lists.apache.org/thread.html/rd02e75766cd333a0df417588460f5e4477060633000bfe94955851fd@%3Cissues.trafficcontrol.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28367",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:9a7ef0b65a2290bbfad7aa0b1715a687337eb66a10945629e84839ef623e8cbe/mongoimport",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.12",
+ "1.15.5"
+ ],
+ "published": "2020-11-19T20:55:03+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128578",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM",
+ "https://github.com/golang/go/issues/42556",
+ "https://lists.apache.org/thread.html/rd02e75766cd333a0df417588460f5e4477060633000bfe94955851fd@%3Cissues.trafficcontrol.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28367",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:b23d5de76064f7969468e87a618ac87a442283a079e81ddbf7e8a9f64083ab57/mongostat",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.12",
+ "1.15.5"
+ ],
+ "published": "2020-11-19T20:55:03+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128578",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM",
+ "https://github.com/golang/go/issues/42556",
+ "https://lists.apache.org/thread.html/rd02e75766cd333a0df417588460f5e4477060633000bfe94955851fd@%3Cissues.trafficcontrol.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28367",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:aff160a75a624d76fa9d8624dbc0ecfb0632db77384e376acb49355aab008234/mongodump",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.12",
+ "1.15.5"
+ ],
+ "published": "2020-11-19T20:55:03+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128578",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM",
+ "https://github.com/golang/go/issues/42556",
+ "https://lists.apache.org/thread.html/rd02e75766cd333a0df417588460f5e4477060633000bfe94955851fd@%3Cissues.trafficcontrol.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28367",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:039012ae96b3c7be75e99c6c05d0543c7635e02d660630e76b967e4607501182/mongofiles",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.12",
+ "1.15.5"
+ ],
+ "published": "2020-11-19T20:55:03+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128578",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM",
+ "https://github.com/golang/go/issues/42556",
+ "https://lists.apache.org/thread.html/rd02e75766cd333a0df417588460f5e4477060633000bfe94955851fd@%3Cissues.trafficcontrol.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28367",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:be381c77c5e74899ad45dc41cec9c40510f35cd1c03618f6b766083f39e40d06/mongotop",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.12",
+ "1.15.5"
+ ],
+ "published": "2020-11-19T20:55:03+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128578",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM",
+ "https://github.com/golang/go/issues/42556",
+ "https://lists.apache.org/thread.html/rd02e75766cd333a0df417588460f5e4477060633000bfe94955851fd@%3Cissues.trafficcontrol.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28367",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:2e9fafe058442a512ba193d9e5ad0bf0356b76db99cf877caac6f5376d6e7f0e/mongorestore",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.12",
+ "1.15.5"
+ ],
+ "published": "2020-11-19T20:55:03+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128578",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM",
+ "https://github.com/golang/go/issues/42556",
+ "https://lists.apache.org/thread.html/rd02e75766cd333a0df417588460f5e4477060633000bfe94955851fd@%3Cissues.trafficcontrol.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-36228",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-02-07T22:23:15+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139706",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4724-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36228"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-36224",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-02-07T22:09:06+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139663",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4724-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36224"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-36223",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-02-07T22:16:48+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139687",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4724-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36223"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-20217",
+ "cvss_v2_score": 3.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:S/C:N/I:N/A:P",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 3.5,
+ "cvss3_max_score": 5.3,
+ "summary": "A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libk5crypto3:1.16-2ubuntu0.1",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "deb://ubuntu:bionic:libk5crypto3:1.16-2ubuntu0.1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2019-03-03T19:09:48+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-76141",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "It was discovered that Kerberos incorrectly handled certain S4U2Self requests. An attacker could possibly use this issue to cause a denial of service.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-14039",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 5.3,
+ "summary": "In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:6aec7280f8c504d22bc91ebd8ab90c2f3ce2382786aeb505a010967b8d1d4073/bsondump",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.13.13",
+ "1.14.5",
+ "1.15rc1"
+ ],
+ "published": "2020-07-26T21:38:48+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-114289",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.",
+ "references": [
+ "https://groups.google.com/forum/#!topic/golang-announce/XZNfaiwgt2w",
+ "https://groups.google.com/forum/#!forum/golang-announce"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-14039",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 5.3,
+ "summary": "In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:42de18fd91da55d78f6990850cce9d90e3aa76f56798e34bfd055b3248bf194f/mongoexport",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.13.13",
+ "1.14.5",
+ "1.15rc1"
+ ],
+ "published": "2020-07-26T21:38:48+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-114289",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.",
+ "references": [
+ "https://groups.google.com/forum/#!topic/golang-announce/XZNfaiwgt2w",
+ "https://groups.google.com/forum/#!forum/golang-announce"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-14039",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 5.3,
+ "summary": "In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:9a7ef0b65a2290bbfad7aa0b1715a687337eb66a10945629e84839ef623e8cbe/mongoimport",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.13.13",
+ "1.14.5",
+ "1.15rc1"
+ ],
+ "published": "2020-07-26T21:38:48+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-114289",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.",
+ "references": [
+ "https://groups.google.com/forum/#!topic/golang-announce/XZNfaiwgt2w",
+ "https://groups.google.com/forum/#!forum/golang-announce"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-14039",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 5.3,
+ "summary": "In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:b23d5de76064f7969468e87a618ac87a442283a079e81ddbf7e8a9f64083ab57/mongostat",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.13.13",
+ "1.14.5",
+ "1.15rc1"
+ ],
+ "published": "2020-07-26T21:38:48+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-114289",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.",
+ "references": [
+ "https://groups.google.com/forum/#!topic/golang-announce/XZNfaiwgt2w",
+ "https://groups.google.com/forum/#!forum/golang-announce"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-14039",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 5.3,
+ "summary": "In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:aff160a75a624d76fa9d8624dbc0ecfb0632db77384e376acb49355aab008234/mongodump",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.13.13",
+ "1.14.5",
+ "1.15rc1"
+ ],
+ "published": "2020-07-26T21:38:48+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-114289",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.",
+ "references": [
+ "https://groups.google.com/forum/#!topic/golang-announce/XZNfaiwgt2w",
+ "https://groups.google.com/forum/#!forum/golang-announce"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-14039",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 5.3,
+ "summary": "In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:039012ae96b3c7be75e99c6c05d0543c7635e02d660630e76b967e4607501182/mongofiles",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.13.13",
+ "1.14.5",
+ "1.15rc1"
+ ],
+ "published": "2020-07-26T21:38:48+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-114289",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.",
+ "references": [
+ "https://groups.google.com/forum/#!topic/golang-announce/XZNfaiwgt2w",
+ "https://groups.google.com/forum/#!forum/golang-announce"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-14039",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 5.3,
+ "summary": "In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:be381c77c5e74899ad45dc41cec9c40510f35cd1c03618f6b766083f39e40d06/mongotop",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.13.13",
+ "1.14.5",
+ "1.15rc1"
+ ],
+ "published": "2020-07-26T21:38:48+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-114289",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.",
+ "references": [
+ "https://groups.google.com/forum/#!topic/golang-announce/XZNfaiwgt2w",
+ "https://groups.google.com/forum/#!forum/golang-announce"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-14039",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 5.3,
+ "summary": "In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:2e9fafe058442a512ba193d9e5ad0bf0356b76db99cf877caac6f5376d6e7f0e/mongorestore",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.13.13",
+ "1.14.5",
+ "1.15rc1"
+ ],
+ "published": "2020-07-26T21:38:48+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-114289",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.",
+ "references": [
+ "https://groups.google.com/forum/#!topic/golang-announce/XZNfaiwgt2w",
+ "https://groups.google.com/forum/#!forum/golang-announce"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-25709"
+ }
+ ],
+ "summary": "assertion failure in Certificate List syntax validation",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2020-11-23T08:00:24+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128736",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "assertion failure in Certificate List syntax validation",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4634-2",
+ "https://usn.ubuntu.com/usn/usn-4634-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25709"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29509",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.13.10",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "generic://sha256:0f25a21cf64e58078057adc78f38705163c1d564a959ff30a891c31917011a54/gosu",
+ "go://github.com/golang/go:1.13.10"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134985",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-attributes.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28196",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libk5crypto3:1.16-2ubuntu0.1",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "deb://ubuntu:bionic:libk5crypto3:1.16-2ubuntu0.1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2020-11-12T05:00:54+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128250",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4635-1",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00011.html",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28196"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-36222",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-02-07T22:21:28+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139701",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4724-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36222"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-23841",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libssl1.1:1.1.1-1ubuntu2.1~18.04.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:06e2d54757a5b0c81dcbc423ed468c533b04e1c8a69debe60ed90bde3e2ffd52/sha256__06e2d54757a5b0c81dcbc423ed468c533b04e1c8a69debe60ed90bde3e2ffd52.tar.gz",
+ "deb://ubuntu:bionic:libssl1.1:1.1.1-1ubuntu2.1~18.04.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-02-22T15:42:30+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-140795",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4745-1",
+ "https://usn.ubuntu.com/usn/usn-4738-1",
+ "https://www.openssl.org/news/secadv/20210216.txt",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-20839",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 9.8,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 9.8,
+ "summary": "systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libsystemd0:237-3ubuntu10.42",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848/sha256__171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848.tar.gz",
+ "deb://ubuntu:bionic:libsystemd0:237-3ubuntu10.42"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2019-08-26T00:27:05+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-86827",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20839",
+ "https://github.com/systemd/systemd/pull/12378",
+ "https://github.com/systemd/systemd/pull/13109"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-9511",
+ "cvss_v2_score": 7.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.8,
+ "cvss3_max_score": 7.5,
+ "summary": "Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libnghttp2-14:1.30.0-1ubuntu1",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "deb://ubuntu:bionic:libnghttp2-14:1.30.0-1ubuntu1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2019-08-26T00:28:14+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-86870",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9511",
+ "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md",
+ "https://usn.ubuntu.com/usn/usn-4099-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29511",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:6aec7280f8c504d22bc91ebd8ab90c2f3ce2382786aeb505a010967b8d1d4073/bsondump",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:16+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134983",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-elements.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29511",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:42de18fd91da55d78f6990850cce9d90e3aa76f56798e34bfd055b3248bf194f/mongoexport",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:16+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134983",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-elements.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29511",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:9a7ef0b65a2290bbfad7aa0b1715a687337eb66a10945629e84839ef623e8cbe/mongoimport",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:16+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134983",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-elements.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29511",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:b23d5de76064f7969468e87a618ac87a442283a079e81ddbf7e8a9f64083ab57/mongostat",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:16+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134983",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-elements.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29511",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:aff160a75a624d76fa9d8624dbc0ecfb0632db77384e376acb49355aab008234/mongodump",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:16+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134983",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-elements.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29511",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:039012ae96b3c7be75e99c6c05d0543c7635e02d660630e76b967e4607501182/mongofiles",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:16+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134983",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-elements.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29511",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:be381c77c5e74899ad45dc41cec9c40510f35cd1c03618f6b766083f39e40d06/mongotop",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:16+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134983",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-elements.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29511",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:2e9fafe058442a512ba193d9e5ad0bf0356b76db99cf877caac6f5376d6e7f0e/mongorestore",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:16+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134983",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-elements.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-36229",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-02-07T21:40:42+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139576",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4724-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36229"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-36225",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-02-07T22:22:47+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139704",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4724-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36225"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-20217",
+ "cvss_v2_score": 3.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:S/C:N/I:N/A:P",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 3.5,
+ "cvss3_max_score": 5.3,
+ "summary": "A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:krb5-locales:1.16-2ubuntu0.1",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "deb://ubuntu:bionic:krb5-locales:1.16-2ubuntu0.1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2019-03-03T19:09:48+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-76141",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "It was discovered that Kerberos incorrectly handled certain S4U2Self requests. An attacker could possibly use this issue to cause a denial of service.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-25692",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2020-11-08T15:57:13+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-127926",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4622-2",
+ "https://usn.ubuntu.com/usn/usn-4622-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25692"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-36226",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch-\u003ebv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-02-07T21:40:36+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139575",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch-\u003ebv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4724-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36226"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-36230",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-02-07T21:44:57+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139587",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4724-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36230"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29510",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.13.10",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "generic://sha256:0f25a21cf64e58078057adc78f38705163c1d564a959ff30a891c31917011a54/gosu",
+ "go://github.com/golang/go:1.13.10"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134984",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-19203",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libonig4:6.7.0-1",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:06e2d54757a5b0c81dcbc423ed468c533b04e1c8a69debe60ed90bde3e2ffd52/sha256__06e2d54757a5b0c81dcbc423ed468c533b04e1c8a69debe60ed90bde3e2ffd52.tar.gz",
+ "deb://ubuntu:bionic:libonig4:6.7.0-1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2019-11-25T15:51:31+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-91979",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19203",
+ "https://github.com/kkos/oniguruma/issues/163",
+ "https://github.com/kkos/oniguruma/releases/tag/v6.9.4_rc2"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3115",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:6aec7280f8c504d22bc91ebd8ab90c2f3ce2382786aeb505a010967b8d1d4073/bsondump",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139137",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "references": [
+ "https://blog.golang.org/path-security",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3115",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:42de18fd91da55d78f6990850cce9d90e3aa76f56798e34bfd055b3248bf194f/mongoexport",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139137",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "references": [
+ "https://blog.golang.org/path-security",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3115",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:9a7ef0b65a2290bbfad7aa0b1715a687337eb66a10945629e84839ef623e8cbe/mongoimport",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139137",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "references": [
+ "https://blog.golang.org/path-security",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3115",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:b23d5de76064f7969468e87a618ac87a442283a079e81ddbf7e8a9f64083ab57/mongostat",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139137",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "references": [
+ "https://blog.golang.org/path-security",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3115",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:aff160a75a624d76fa9d8624dbc0ecfb0632db77384e376acb49355aab008234/mongodump",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139137",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "references": [
+ "https://blog.golang.org/path-security",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3115",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:039012ae96b3c7be75e99c6c05d0543c7635e02d660630e76b967e4607501182/mongofiles",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139137",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "references": [
+ "https://blog.golang.org/path-security",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3115",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:be381c77c5e74899ad45dc41cec9c40510f35cd1c03618f6b766083f39e40d06/mongotop",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139137",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "references": [
+ "https://blog.golang.org/path-security",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3115",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:2e9fafe058442a512ba193d9e5ad0bf0356b76db99cf877caac6f5376d6e7f0e/mongorestore",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139137",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "references": [
+ "https://blog.golang.org/path-security",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3115",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.13.10",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "generic://sha256:0f25a21cf64e58078057adc78f38705163c1d564a959ff30a891c31917011a54/gosu",
+ "go://github.com/golang/go:1.13.10"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-01T22:46:23+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139137",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the \"go get\" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download).",
+ "references": [
+ "https://blog.golang.org/path-security",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-9794",
+ "cvss_v2_score": 5.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.8,
+ "cvss3_max_score": 8.1,
+ "summary": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A malicious application may cause a denial of service or potentially disclose memory contents.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libsqlite3-0:3.22.0-1ubuntu0.4",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libsqlite3-0:3.22.0-1ubuntu0.4"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2020-06-14T14:23:59+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-100549",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A malicious application may cause a denial of service or potentially disclose memory contents.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794",
+ "https://vuldb.com/?id.155768"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3114",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 6.5,
+ "summary": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.13.10",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "generic://sha256:0f25a21cf64e58078057adc78f38705163c1d564a959ff30a891c31917011a54/gosu",
+ "go://github.com/golang/go:1.13.10"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.14",
+ "1.15.7"
+ ],
+ "published": "2021-02-02T00:46:31+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139164",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field.",
+ "references": [
+ "https://github.com/golang/go/commit/d95ca9138026cbe40e0857d76a81a16d03230871",
+ "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-36222",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-02-07T22:21:28+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139701",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4724-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36222"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-24032",
+ "cvss_v2_score": 1.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 4.7,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 1.9,
+ "cvss3_max_score": 4.7,
+ "summary": "Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permissions and restricted those permissions immediately afterwards. Output files could therefore momentarily be readable or writable to unintended parties.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libzstd1:1.3.3+dfsg-2ubuntu1.1",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848/sha256__171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848.tar.gz",
+ "deb://ubuntu:bionic:libzstd1:1.3.3+dfsg-2ubuntu1.1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-03-08T04:05:26+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-141766",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permissions and restricted those permissions immediately afterwards. Output files could therefore momentarily be readable or writable to unintended parties.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24032",
+ "https://usn.ubuntu.com/usn/usn-4760-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27212",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-02-22T15:38:05+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-140788",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4744-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27212"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libhogweed4:3.4-1",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848/sha256__171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848.tar.gz",
+ "deb://ubuntu:bionic:libhogweed4:3.4-1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-04-11T14:40:26+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-171785",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305",
+ "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html",
+ "https://usn.ubuntu.com/usn/usn-4906-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28196",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libkrb5support0:1.16-2ubuntu0.1",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "deb://ubuntu:bionic:libkrb5support0:1.16-2ubuntu0.1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2020-11-12T05:00:54+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128250",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4635-1",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00011.html",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28196"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29511",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.13.10",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "generic://sha256:0f25a21cf64e58078057adc78f38705163c1d564a959ff30a891c31917011a54/gosu",
+ "go://github.com/golang/go:1.13.10"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:16+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134983",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-elements.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28366",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.13.10",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "generic://sha256:0f25a21cf64e58078057adc78f38705163c1d564a959ff30a891c31917011a54/gosu",
+ "go://github.com/golang/go:1.13.10"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.12",
+ "1.15.5"
+ ],
+ "published": "2020-11-20T00:55:03+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128619",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM",
+ "https://github.com/golang/go/issues/42559",
+ "https://lists.apache.org/thread.html/rd02e75766cd333a0df417588460f5e4477060633000bfe94955851fd@%3Cissues.trafficcontrol.apache.org%3E"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-27350",
+ "cvss_v2_score": 4.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.7,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 4.6,
+ "cvss3_max_score": 5.7,
+ "summary": "APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. This issue affects: apt 1.2.32ubuntu0 versions prior to 1.2.32ubuntu0.2; 1.6.12ubuntu0 versions prior to 1.6.12ubuntu0.2; 2.0.2ubuntu0 versions prior to 2.0.2ubuntu0.2; 2.1.10ubuntu0 versions prior to 2.1.10ubuntu0.1;",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libapt-pkg5.0:1.6.12ubuntu0.1",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848/sha256__171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848.tar.gz",
+ "deb://ubuntu:bionic:libapt-pkg5.0:1.6.12ubuntu0.1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2020-12-25T15:40:11+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-137273",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. This issue affects: apt 1.2.32ubuntu0 versions prior to 1.2.32ubuntu0.2; 1.6.12ubuntu0 versions prior to 1.6.12ubuntu0.2; 2.0.2ubuntu0 versions prior to 2.0.2ubuntu0.2; 2.1.10ubuntu0 versions prior to 2.1.10ubuntu0.1;",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4667-2",
+ "https://usn.ubuntu.com/usn/usn-4667-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27350"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8285",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libcurl4:7.58.0-2ubuntu3.10",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "deb://ubuntu:bionic:libcurl4:7.58.0-2ubuntu3.10"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2020-12-25T15:53:17+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-137326",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4665-2",
+ "https://usn.ubuntu.com/usn/usn-4665-1",
+ "https://curl.se/docs/CVE-2020-8285.html",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-36221",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-02-07T21:39:03+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139572",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4724-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36221"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-36229",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-02-07T21:40:42+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139576",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4724-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36229"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-20217",
+ "cvss_v2_score": 3.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:S/C:N/I:N/A:P",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 3.5,
+ "cvss3_max_score": 5.3,
+ "summary": "A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libkrb5-3:1.16-2ubuntu0.1",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "deb://ubuntu:bionic:libkrb5-3:1.16-2ubuntu0.1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2019-03-03T19:09:48+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-76141",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "It was discovered that Kerberos incorrectly handled certain S4U2Self requests. An attacker could possibly use this issue to cause a denial of service.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29510",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:6aec7280f8c504d22bc91ebd8ab90c2f3ce2382786aeb505a010967b8d1d4073/bsondump",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134984",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29510",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:42de18fd91da55d78f6990850cce9d90e3aa76f56798e34bfd055b3248bf194f/mongoexport",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134984",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29510",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:9a7ef0b65a2290bbfad7aa0b1715a687337eb66a10945629e84839ef623e8cbe/mongoimport",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134984",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29510",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:b23d5de76064f7969468e87a618ac87a442283a079e81ddbf7e8a9f64083ab57/mongostat",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134984",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29510",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:aff160a75a624d76fa9d8624dbc0ecfb0632db77384e376acb49355aab008234/mongodump",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134984",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29510",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:039012ae96b3c7be75e99c6c05d0543c7635e02d660630e76b967e4607501182/mongofiles",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134984",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29510",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:be381c77c5e74899ad45dc41cec9c40510f35cd1c03618f6b766083f39e40d06/mongotop",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134984",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29510",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5.6,
+ "summary": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.12.17",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "generic://sha256:2e9fafe058442a512ba193d9e5ad0bf0356b76db99cf877caac6f5376d6e7f0e/mongorestore",
+ "go://github.com/golang/go:1.12.17"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.15.6"
+ ],
+ "published": "2020-12-16T21:25:17+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-134984",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.",
+ "references": [
+ "https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-27350",
+ "cvss_v2_score": 4.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5.7,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 4.6,
+ "cvss3_max_score": 5.7,
+ "summary": "APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. This issue affects: apt 1.2.32ubuntu0 versions prior to 1.2.32ubuntu0.2; 1.6.12ubuntu0 versions prior to 1.6.12ubuntu0.2; 2.0.2ubuntu0 versions prior to 2.0.2ubuntu0.2; 2.1.10ubuntu0 versions prior to 2.1.10ubuntu0.1;",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:apt:1.6.12ubuntu0.1",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848/sha256__171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848.tar.gz",
+ "deb://ubuntu:bionic:apt:1.6.12ubuntu0.1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "≥ 1.6.12ubuntu0.2"
+ ],
+ "published": "2020-12-25T15:40:11+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-137273",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. This issue affects: apt 1.2.32ubuntu0 versions prior to 1.2.32ubuntu0.2; 1.6.12ubuntu0 versions prior to 1.6.12ubuntu0.2; 2.0.2ubuntu0 versions prior to 2.0.2ubuntu0.2; 2.1.10ubuntu0 versions prior to 2.1.10ubuntu0.1;",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4667-2",
+ "https://usn.ubuntu.com/usn/usn-4667-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27350"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28196",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:krb5-locales:1.16-2ubuntu0.1",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "deb://ubuntu:bionic:krb5-locales:1.16-2ubuntu0.1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2020-11-12T05:00:54+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-128250",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4635-1",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00011.html",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28196"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8286",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libcurl4:7.58.0-2ubuntu3.10",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "deb://ubuntu:bionic:libcurl4:7.58.0-2ubuntu3.10"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2020-12-25T15:40:42+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-137275",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4665-1",
+ "https://curl.se/docs/CVE-2020-8286.html",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-22876",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 5.3,
+ "summary": "curl 7.1.1 to and including 7.75.0 is vulnerable to an \"Exposure of Private Personal Information to an Unauthorized Actor\" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libcurl4:7.58.0-2ubuntu3.10",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03/sha256__c7daea26376d3196b89343320721e500e9391aef836c98a11e405734c38efc03.tar.gz",
+ "deb://ubuntu:bionic:libcurl4:7.58.0-2ubuntu3.10"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-04-06T14:51:35+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-168886",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "curl 7.1.1 to and including 7.75.0 is vulnerable to an \"Exposure of Private Personal Information to an Unauthorized Actor\" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876",
+ "https://curl.se/docs/CVE-2021-22876.html",
+ "https://usn.ubuntu.com/usn/usn-4898-1",
+ "https://usn.ubuntu.com/usn/usn-4903-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-24553",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 6.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 6.1,
+ "summary": "Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.13.10",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "generic://sha256:0f25a21cf64e58078057adc78f38705163c1d564a959ff30a891c31917011a54/gosu",
+ "go://github.com/golang/go:1.13.10"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.14.8",
+ "1.15.1"
+ ],
+ "published": "2020-09-04T01:19:11+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-122286",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.",
+ "references": [
+ "http://seclists.org/fulldisclosure/2020/Sep/5",
+ "http://packetstormsecurity.com/files/159049/Go-CGI-FastCGI-Transport-Cross-Site-Scripting.html",
+ "https://groups.google.com/forum/#!topic/golang-announce/8wqlSbkLdPs"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-36226",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch-\u003ebv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-common:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-02-07T21:40:36+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139575",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch-\u003ebv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4724-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36226"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-36228",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "deb://ubuntu:bionic:libldap-2.4-2:2.4.45+dfsg-1ubuntu1.6"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-02-07T22:23:15+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-139706",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service.",
+ "references": [
+ "https://usn.ubuntu.com/usn/usn-4724-1",
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36228"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27918",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "severity": "Medium",
+ "vulnerable_component": "go://github.com/golang/go:1.13.10",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e/sha256__e2f7d90822f30433ad424e479785033fa4c7f497b8326715453a1b68d554ae8e.tar.gz",
+ "generic://sha256:0f25a21cf64e58078057adc78f38705163c1d564a959ff30a891c31917011a54/gosu",
+ "go://github.com/golang/go:1.13.10"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [
+ "1.16.1",
+ "1.15.9"
+ ],
+ "published": "2021-03-15T00:32:21+11:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-145876",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader (for xml.NewTokenDecoder) returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/MfiLYjG-RAw"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://ubuntu:bionic:libnettle6:3.4-1",
+ "impacted_artifact": "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "impact_path": [
+ "docker://library/mongo:sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405",
+ "generic://sha256:171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848/sha256__171857c49d0f5e2ebf623e6cb36a8bcad585ed0c2aa99c87a055df034c1e5848.tar.gz",
+ "deb://ubuntu:bionic:libnettle6:3.4-1"
+ ],
+ "path": "dockerhub-remote/library/mongo/sha256__31f6433f7cfcd2180483e40728cbf97142df1e85de36d80d75c93e5e7fe10405/",
+ "fixed_versions": [],
+ "published": "2021-04-11T14:40:26+10:00",
+ "artifact_scan_time": "2021-03-09T13:14:11+11:00",
+ "issue_id": "XRAY-171785",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "references": [
+ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20305",
+ "https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html",
+ "https://usn.ubuntu.com/usn/usn-4906-1"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3326",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libc6:2.28-10",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed/sha256__45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed.tar.gz",
+ "deb://debian:buster:libc6:2.28-10"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2021-01-28T15:04:20+11:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-138958",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8284",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 3.7,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 3.7,
+ "summary": "A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libcurl4:7.64.0-4+deb10u1",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:243acf75a5048a5ad77366c112315ae0cf1327896d63e7abfabdf8b4b87a3ed1/sha256__243acf75a5048a5ad77366c112315ae0cf1327896d63e7abfabdf8b4b87a3ed1.tar.gz",
+ "deb://debian:buster:libcurl4:7.64.0-4+deb10u1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2020-12-10T15:25:31+11:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-129755",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-3843",
+ "cvss_v2_score": 4.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.6,
+ "cvss3_max_score": 7.8,
+ "summary": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libsystemd0:241-7~deb10u6",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed/sha256__45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed.tar.gz",
+ "deb://debian:buster:libsystemd0:241-7~deb10u6"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2019-04-28T16:29:46+10:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-80974",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libhogweed4:3.4.1-1",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed/sha256__45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed.tar.gz",
+ "deb://debian:buster:libhogweed4:3.4.1-1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2021-04-02T15:18:19+11:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-160716",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-12290",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the inclusion of certain punycoded Unicode characters (that would be discarded when converted first to a Unicode label and then back to an ASCII label), arbitrary domains can be impersonated.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libidn2-0:2.0.5-1+deb10u1",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed/sha256__45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed.tar.gz",
+ "deb://debian:buster:libidn2-0:2.0.5-1+deb10u1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2019-10-24T23:02:30+11:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-90431",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the inclusion of certain punycoded Unicode characters (that would be discarded when converted first to a Unicode label and then back to an ASCII label), arbitrary domains can be impersonated.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2016-9318",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.5,
+ "summary": "libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity (XXE) attacks via a crafted document.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libxml2:2.9.4+dfsg1-7+deb10u1",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:243acf75a5048a5ad77366c112315ae0cf1327896d63e7abfabdf8b4b87a3ed1/sha256__243acf75a5048a5ad77366c112315ae0cf1327896d63e7abfabdf8b4b87a3ed1.tar.gz",
+ "deb://debian:buster:libxml2:2.9.4+dfsg1-7+deb10u1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2016-11-28T00:16:23+11:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-33260",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and other products, does not offer a flag directly indicating that the current document may be read but other files may not be opened, which makes it easier for remote attackers to conduct XML External Entity (XXE) attacks via a crafted document.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8177",
+ "cvss_v2_score": 4.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.6,
+ "cvss3_max_score": 7.1,
+ "summary": "curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libcurl4:7.64.0-4+deb10u1",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:243acf75a5048a5ad77366c112315ae0cf1327896d63e7abfabdf8b4b87a3ed1/sha256__243acf75a5048a5ad77366c112315ae0cf1327896d63e7abfabdf8b4b87a3ed1.tar.gz",
+ "deb://debian:buster:libcurl4:7.64.0-4+deb10u1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2020-06-25T14:21:41+10:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-102651",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-22876",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 5.3,
+ "summary": "curl 7.1.1 to and including 7.75.0 is vulnerable to an \"Exposure of Private Personal Information to an Unauthorized Actor\" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libcurl4:7.64.0-4+deb10u1",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:243acf75a5048a5ad77366c112315ae0cf1327896d63e7abfabdf8b4b87a3ed1/sha256__243acf75a5048a5ad77366c112315ae0cf1327896d63e7abfabdf8b4b87a3ed1.tar.gz",
+ "deb://debian:buster:libcurl4:7.64.0-4+deb10u1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2021-04-01T15:44:27+11:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-160506",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "curl 7.1.1 to and including 7.75.0 is vulnerable to an \"Exposure of Private Personal Information to an Unauthorized Actor\" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libnettle6:3.4.1-1",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed/sha256__45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed.tar.gz",
+ "deb://debian:buster:libnettle6:3.4.1-1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2021-04-02T15:18:19+11:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-160716",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-12886",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:gcc-8-base:8.3.0-6",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed/sha256__45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed.tar.gz",
+ "deb://debian:buster:gcc-8-base:8.3.0-6"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2019-05-29T06:36:26+10:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-83007",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27212",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libldap-2.4-2:2.4.47+dfsg-3+deb10u5",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:bdb2d204d86de2b6c210ae59b81d89aae68e27f65d83918851fd00bde3978778/sha256__bdb2d204d86de2b6c210ae59b81d89aae68e27f65d83918851fd00bde3978778.tar.gz",
+ "deb://debian:buster:libldap-2.4-2:2.4.47+dfsg-3+deb10u5"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2021-02-15T15:14:19+11:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-140465",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-12904",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.)",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libgcrypt20:1.8.4-5",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed/sha256__45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed.tar.gz",
+ "deb://debian:buster:libgcrypt20:1.8.4-5"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2019-06-20T21:40:09+10:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-84195",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.)",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8231",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libcurl4:7.64.0-4+deb10u1",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:243acf75a5048a5ad77366c112315ae0cf1327896d63e7abfabdf8b4b87a3ed1/sha256__243acf75a5048a5ad77366c112315ae0cf1327896d63e7abfabdf8b4b87a3ed1.tar.gz",
+ "deb://debian:buster:libcurl4:7.64.0-4+deb10u1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2020-08-22T14:20:36+10:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-119320",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-27212",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libldap-common:2.4.47+dfsg-3+deb10u5",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:bdb2d204d86de2b6c210ae59b81d89aae68e27f65d83918851fd00bde3978778/sha256__bdb2d204d86de2b6c210ae59b81d89aae68e27f65d83918851fd00bde3978778.tar.gz",
+ "deb://debian:buster:libldap-common:2.4.47+dfsg-3+deb10u5"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2021-02-15T15:14:19+11:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-140465",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-12886",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libstdc++6:8.3.0-6",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed/sha256__45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed.tar.gz",
+ "deb://debian:buster:libstdc++6:8.3.0-6"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2019-05-29T06:36:26+10:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-83007",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-14155",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.3,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 5.3,
+ "summary": "libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libpcre3:2:8.39-12",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed/sha256__45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed.tar.gz",
+ "deb://debian:buster:libpcre3:2:8.39-12"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2020-06-16T14:15:49+10:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-100757",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3326",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libc-bin:2.28-10",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed/sha256__45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed.tar.gz",
+ "deb://debian:buster:libc-bin:2.28-10"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2021-01-28T15:04:20+11:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-138958",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8286",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libcurl4:7.64.0-4+deb10u1",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:243acf75a5048a5ad77366c112315ae0cf1327896d63e7abfabdf8b4b87a3ed1/sha256__243acf75a5048a5ad77366c112315ae0cf1327896d63e7abfabdf8b4b87a3ed1.tar.gz",
+ "deb://debian:buster:libcurl4:7.64.0-4+deb10u1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2020-12-10T15:24:45+11:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-129754",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-23841",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libssl1.1:1.1.1d-0+deb10u4",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:bdb2d204d86de2b6c210ae59b81d89aae68e27f65d83918851fd00bde3978778/sha256__bdb2d204d86de2b6c210ae59b81d89aae68e27f65d83918851fd00bde3978778.tar.gz",
+ "deb://debian:buster:libssl1.1:1.1.1d-0+deb10u4"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2021-02-17T15:18:00+11:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-140600",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-23840",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libssl1.1:1.1.1d-0+deb10u4",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:bdb2d204d86de2b6c210ae59b81d89aae68e27f65d83918851fd00bde3978778/sha256__bdb2d204d86de2b6c210ae59b81d89aae68e27f65d83918851fd00bde3978778.tar.gz",
+ "deb://debian:buster:libssl1.1:1.1.1d-0+deb10u4"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2021-02-17T15:02:04+11:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-140589",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x).",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-16932",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libxml2:2.9.4+dfsg1-7+deb10u1",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:243acf75a5048a5ad77366c112315ae0cf1327896d63e7abfabdf8b4b87a3ed1/sha256__243acf75a5048a5ad77366c112315ae0cf1327896d63e7abfabdf8b4b87a3ed1.tar.gz",
+ "deb://debian:buster:libxml2:2.9.4+dfsg1-7+deb10u1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2017-11-25T18:41:47+11:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-60006",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-1751",
+ "cvss_v2_score": 5.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:C",
+ "cvss_v3_score": 7,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.9,
+ "cvss3_max_score": 7,
+ "summary": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libc-bin:2.28-10",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed/sha256__45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed.tar.gz",
+ "deb://debian:buster:libc-bin:2.28-10"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2020-03-08T15:28:08+11:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-95139",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-8285",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libcurl4:7.64.0-4+deb10u1",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:243acf75a5048a5ad77366c112315ae0cf1327896d63e7abfabdf8b4b87a3ed1/sha256__243acf75a5048a5ad77366c112315ae0cf1327896d63e7abfabdf8b4b87a3ed1.tar.gz",
+ "deb://debian:buster:libcurl4:7.64.0-4+deb10u1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2020-12-10T15:07:16+11:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-129741",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-3843",
+ "cvss_v2_score": 4.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.6,
+ "cvss3_max_score": 7.8,
+ "summary": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libudev1:241-7~deb10u6",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed/sha256__45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed.tar.gz",
+ "deb://debian:buster:libudev1:241-7~deb10u6"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2019-04-28T16:29:46+10:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-80974",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-3844",
+ "cvss_v2_score": 4.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.6,
+ "cvss3_max_score": 7.8,
+ "summary": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libsystemd0:241-7~deb10u6",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed/sha256__45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed.tar.gz",
+ "deb://debian:buster:libsystemd0:241-7~deb10u6"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2019-04-28T16:25:09+10:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-80972",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-1751",
+ "cvss_v2_score": 5.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:C",
+ "cvss_v3_score": 7,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.9,
+ "cvss3_max_score": 7,
+ "summary": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libc6:2.28-10",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed/sha256__45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed.tar.gz",
+ "deb://debian:buster:libc6:2.28-10"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2020-03-08T15:28:08+11:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-95139",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-12886",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libgcc1:1:8.3.0-6",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed/sha256__45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed.tar.gz",
+ "deb://debian:buster:libgcc1:1:8.3.0-6"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2019-05-29T06:36:26+10:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-83007",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-3844",
+ "cvss_v2_score": 4.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.6,
+ "cvss3_max_score": 7.8,
+ "summary": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libudev1:241-7~deb10u6",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed/sha256__45b42c59be334ecda0daaa139b2f7d310e45c564c5f12263b1b8e68ec9e810ed.tar.gz",
+ "deb://debian:buster:libudev1:241-7~deb10u6"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2019-04-28T16:25:09+10:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-80972",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-13115",
+ "cvss_v2_score": 5.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.8,
+ "cvss3_max_score": 8.1,
+ "summary": "In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to an _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libssh2-1:1.8.0-2.1",
+ "impacted_artifact": "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "impact_path": [
+ "docker://library/httpd:sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4",
+ "generic://sha256:243acf75a5048a5ad77366c112315ae0cf1327896d63e7abfabdf8b4b87a3ed1/sha256__243acf75a5048a5ad77366c112315ae0cf1327896d63e7abfabdf8b4b87a3ed1.tar.gz",
+ "deb://debian:buster:libssh2-1:1.8.0-2.1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__16eae91e82b4de8fd701b5a4fbfe56059f4d970878a7c42d7fc98c458ef41aa4/",
+ "fixed_versions": [],
+ "published": "2019-07-18T05:38:25+10:00",
+ "artifact_scan_time": "2021-03-11T00:20:02+11:00",
+ "issue_id": "XRAY-84935",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to an _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-2201",
+ "cvss_v2_score": 9.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 9.3,
+ "cvss3_max_score": 7.8,
+ "summary": "CVE-2019-2201 libjpeg-turbo: several integer overflows and subsequent segfaults when attempting to compress/decompress gigapixel images (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:libjpeg-turbo:0:1.5.3-10.el8",
+ "impacted_artifact": "rpm://8:libjpeg-turbo:0:1.5.3-10.el8",
+ "impact_path": [
+ "rpm://8:libjpeg-turbo:0:1.5.3-10.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/l/libjpeg-turbo-1.5.3-10.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:13+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:38+11:00",
+ "issue_id": "XRAY-133467",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CVE-2019-2201 libjpeg-turbo: several integer overflows and subsequent segfaults when attempting to compress/decompress gigapixel images (moderate)",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2019-2201"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-13790",
+ "cvss_v2_score": 5.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.8,
+ "cvss3_max_score": 8.1,
+ "summary": "CVE-2020-13790 libjpeg-turbo: heap-based buffer over-read in get_rgb_row() in rdppm.c (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:libjpeg-turbo:0:1.5.3-10.el8",
+ "impacted_artifact": "rpm://8:libjpeg-turbo:0:1.5.3-10.el8",
+ "impact_path": [
+ "rpm://8:libjpeg-turbo:0:1.5.3-10.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/l/libjpeg-turbo-1.5.3-10.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:20+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:38+11:00",
+ "issue_id": "XRAY-133824",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CVE-2020-13790 libjpeg-turbo: heap-based buffer over-read in get_rgb_row() in rdppm.c (moderate)",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-13790"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "summary": "Apache Maven org.apache.maven.shared.utils.Expand Expand.java extractFile() Function Traversal Remote File Write",
+ "severity": "Medium",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:3.0.20",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:3.0.20",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:3.0.20"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/3.0.20/plexus-utils-3.0.20.jar",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-05-03T00:45:39+10:00",
+ "artifact_scan_time": "2021-03-09T08:43:53+11:00",
+ "issue_id": "XRAY-81282",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Maven contains a flaw in org.apache.maven.shared.utils.Expand that allows traversing outside of a restricted path. The issue is due to the extractFile() function in Expand.java not properly sanitizing user input, specifically path traversal style attacks (e.g. '../'). With a specially crafted request, a remote attacker can write arbitrary files.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/commit/33a2853df8185b4519b1b8bfae284f03392618ef",
+ "https://github.com/codehaus-plexus/plexus-utils/issues/4",
+ "http://svn.apache.org/viewvc?view=revision\u0026revision=1749800",
+ "https://issues.apache.org/jira/browse/MSHARED-563"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "summary": "Apache Maven org.apache.maven.shared.utils.Expand Expand.java extractFile() Function Traversal Remote File Write",
+ "severity": "Medium",
+ "vulnerable_component": "gav://org.codehaus.plexus:plexus-utils:1.5.6",
+ "impacted_artifact": "gav://org.codehaus.plexus:plexus-utils:1.5.6",
+ "impact_path": [
+ "gav://org.codehaus.plexus:plexus-utils:1.5.6"
+ ],
+ "path": "mavencentral-remote/org/codehaus/plexus/plexus-utils/1.5.6/plexus-utils-1.5.6.jar",
+ "fixed_versions": [
+ "3.0.24"
+ ],
+ "published": "2019-05-03T00:45:39+10:00",
+ "artifact_scan_time": "2021-03-09T08:44:52+11:00",
+ "issue_id": "XRAY-81282",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Maven contains a flaw in org.apache.maven.shared.utils.Expand that allows traversing outside of a restricted path. The issue is due to the extractFile() function in Expand.java not properly sanitizing user input, specifically path traversal style attacks (e.g. '../'). With a specially crafted request, a remote attacker can write arbitrary files.",
+ "references": [
+ "https://github.com/codehaus-plexus/plexus-utils/commit/33a2853df8185b4519b1b8bfae284f03392618ef",
+ "https://github.com/codehaus-plexus/plexus-utils/issues/4",
+ "http://svn.apache.org/viewvc?view=revision\u0026revision=1749800",
+ "https://issues.apache.org/jira/browse/MSHARED-563"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "summary": "Apache Commons IO FileNameUtils.normalize Path Traversal Remote File Disclosure Weakness",
+ "severity": "Medium",
+ "vulnerable_component": "gav://commons-io:commons-io:2.2",
+ "impacted_artifact": "gav://org.apache.maven.shared:maven-shared-utils:0.3",
+ "impact_path": [
+ "gav://org.apache.maven.shared:maven-shared-utils:0.3",
+ "gav://commons-io:commons-io:2.2"
+ ],
+ "path": "mavencentral-remote/org/apache/maven/shared/maven-shared-utils/0.3/maven-shared-utils-0.3.jar",
+ "fixed_versions": [
+ "2.7"
+ ],
+ "published": "2019-03-14T03:28:51+11:00",
+ "artifact_scan_time": "2021-03-09T08:46:52+11:00",
+ "issue_id": "XRAY-78200",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "Apache Commons IO contains a flaw that allows traversing outside of a restricted path. The issue is due to FileNameUtils.normalize not properly sanitizing user input, specifically path traversal style attacks (e.g. '../'). With a specially crafted request, a remote attacker can disclose arbitrary files.",
+ "references": [
+ "https://issues.apache.org/jira/browse/IO-556"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-24331",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "CVE-2020-24331 trousers: tss user still has read and write access to the /etc/tcsd.conf file if tcsd is started as root (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:trousers-lib:0:0.3.14-4.el8",
+ "impacted_artifact": "rpm://8:trousers-lib:0:0.3.14-4.el8",
+ "impact_path": [
+ "rpm://8:trousers-lib:0:0.3.14-4.el8"
+ ],
+ "path": "centos8-baseos-remote/Packages/trousers-lib-0.3.14-4.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:26+11:00",
+ "artifact_scan_time": "2021-04-20T09:29:32+10:00",
+ "issue_id": "XRAY-133966",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CVE-2020-24331 trousers: tss user still has read and write access to the /etc/tcsd.conf file if tcsd is started as root (moderate)",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-24331"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-24332",
+ "cvss_v2_score": 4.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.9,
+ "cvss3_max_score": 5.5,
+ "summary": "CVE-2020-24332 trousers: tss user can be used to create or corrupt existing files, this could lead to DoS (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:trousers-lib:0:0.3.14-4.el8",
+ "impacted_artifact": "rpm://8:trousers-lib:0:0.3.14-4.el8",
+ "impact_path": [
+ "rpm://8:trousers-lib:0:0.3.14-4.el8"
+ ],
+ "path": "centos8-baseos-remote/Packages/trousers-lib-0.3.14-4.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:26+11:00",
+ "artifact_scan_time": "2021-04-20T09:29:32+10:00",
+ "issue_id": "XRAY-133967",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CVE-2020-24332 trousers: tss user can be used to create or corrupt existing files, this could lead to DoS (moderate)",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-24332"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-29652",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.",
+ "severity": "Medium",
+ "vulnerable_component": "go://golang.org/x/crypto:0.0.0-20201002170205-7f63de1d35b0",
+ "impacted_artifact": "docker://fluxcd/notification-controller:sha256__65bc6b79fddd41ef5794fb89647881639befecf5c6745ceb6a3aa6d932cad890",
+ "impact_path": [
+ "docker://fluxcd/notification-controller:sha256__65bc6b79fddd41ef5794fb89647881639befecf5c6745ceb6a3aa6d932cad890",
+ "generic://sha256:24b88d89334511f34288adf56a6e6460ff94c27904873444f07d5bff1ceffb4e/sha256__24b88d89334511f34288adf56a6e6460ff94c27904873444f07d5bff1ceffb4e.tar.gz",
+ "generic://sha256:95372b996520b38450ca909782bbd7f71bf6be1be984c19ace8ec82346c187bb/notification-controller",
+ "go://golang.org/x/crypto:0.0.0-20201002170205-7f63de1d35b0"
+ ],
+ "path": "dockerhub-remote/fluxcd/notification-controller/sha256__65bc6b79fddd41ef5794fb89647881639befecf5c6745ceb6a3aa6d932cad890/",
+ "fixed_versions": [
+ "0.0.0-20201216223049-8b5274cf687f"
+ ],
+ "published": "2020-12-21T03:38:59+11:00",
+ "artifact_scan_time": "2021-05-11T10:00:55+10:00",
+ "issue_id": "XRAY-135107",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.",
+ "references": [
+ "https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1",
+ "https://go-review.googlesource.com/c/crypto/+/278852"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-28852",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "In x/text in Go before v0.3.5, a \"slice bounds out of range\" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)",
+ "severity": "Medium",
+ "vulnerable_component": "go://golang.org/x/text:0.3.4",
+ "impacted_artifact": "docker://fluxcd/notification-controller:sha256__65bc6b79fddd41ef5794fb89647881639befecf5c6745ceb6a3aa6d932cad890",
+ "impact_path": [
+ "docker://fluxcd/notification-controller:sha256__65bc6b79fddd41ef5794fb89647881639befecf5c6745ceb6a3aa6d932cad890",
+ "generic://sha256:24b88d89334511f34288adf56a6e6460ff94c27904873444f07d5bff1ceffb4e/sha256__24b88d89334511f34288adf56a6e6460ff94c27904873444f07d5bff1ceffb4e.tar.gz",
+ "generic://sha256:95372b996520b38450ca909782bbd7f71bf6be1be984c19ace8ec82346c187bb/notification-controller",
+ "go://golang.org/x/text:0.3.4"
+ ],
+ "path": "dockerhub-remote/fluxcd/notification-controller/sha256__65bc6b79fddd41ef5794fb89647881639befecf5c6745ceb6a3aa6d932cad890/",
+ "fixed_versions": [
+ "0.3.5"
+ ],
+ "published": "2021-01-03T23:36:30+11:00",
+ "artifact_scan_time": "2021-05-11T10:00:55+10:00",
+ "issue_id": "XRAY-138125",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "In x/text in Go before v0.3.5, a \"slice bounds out of range\" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)",
+ "references": [
+ "https://github.com/golang/go/issues/42536",
+ "https://security.netapp.com/advisory/ntap-20210212-0004/"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N",
+ "cvss_v3_score": 6.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 6.1,
+ "summary": "Kubernetes /proxy/ pagesize Parameter Reflected XSS",
+ "severity": "Medium",
+ "vulnerable_component": "go://k8s.io/apimachinery:0.20.4",
+ "impacted_artifact": "docker://fluxcd/notification-controller:sha256__65bc6b79fddd41ef5794fb89647881639befecf5c6745ceb6a3aa6d932cad890",
+ "impact_path": [
+ "docker://fluxcd/notification-controller:sha256__65bc6b79fddd41ef5794fb89647881639befecf5c6745ceb6a3aa6d932cad890",
+ "generic://sha256:24b88d89334511f34288adf56a6e6460ff94c27904873444f07d5bff1ceffb4e/sha256__24b88d89334511f34288adf56a6e6460ff94c27904873444f07d5bff1ceffb4e.tar.gz",
+ "generic://sha256:95372b996520b38450ca909782bbd7f71bf6be1be984c19ace8ec82346c187bb/notification-controller",
+ "go://k8s.io/apimachinery:0.20.4"
+ ],
+ "path": "dockerhub-remote/fluxcd/notification-controller/sha256__65bc6b79fddd41ef5794fb89647881639befecf5c6745ceb6a3aa6d932cad890/",
+ "fixed_versions": [
+ "1.16.0-alpha.3"
+ ],
+ "published": "2019-06-05T20:03:10+10:00",
+ "artifact_scan_time": "2021-05-11T10:00:55+10:00",
+ "issue_id": "XRAY-83594",
+ "package_type": "go",
+ "provider": "JFrog",
+ "description": "Kubernetes contains a flaw that allows a reflected cross-site scripting (XSS) attack. This flaw exists because the /proxy/ script does not properly sanitize input to the 'pagesize' GET parameter before returning it to users. This may allow a context-dependent attacker to create a specially crafted request that executes arbitrary script code in a user's browser session within the trust relationship between their browser and the server.",
+ "references": [
+ "https://github.com/kubernetes/kubernetes/issues/78467"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-14344",
+ "cvss_v2_score": 4.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 6.7,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.6,
+ "cvss3_max_score": 6.7,
+ "summary": "CVE-2020-14344 libX11: Heap overflow in the X input method client (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:libX11:0:1.6.8-4.el8",
+ "impacted_artifact": "rpm://8:libX11:0:1.6.8-4.el8",
+ "impact_path": [
+ "rpm://8:libX11:0:1.6.8-4.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/l/libX11-1.6.8-4.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:21+11:00",
+ "artifact_scan_time": "2021-05-20T14:20:12+10:00",
+ "issue_id": "XRAY-133844",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in libX11. An integer overflow leading to a heap-buffer overflow occurs when setuid programs call XIM client functions while running with elevated privileges. The highest threat from this vulnerability are to data confidentiality and integrity as well as system vulnerability.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-14344"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10543",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:P",
+ "cvss_v3_score": 8.2,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 8.2,
+ "summary": "CVE-2020-10543 perl: heap-based buffer overflow in regular expression compiler leads to DoS (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:perl-IO:0:1.38-419.el8",
+ "impacted_artifact": "rpm://8:perl-IO:0:1.38-419.el8",
+ "impact_path": [
+ "rpm://8:perl-IO:0:1.38-419.el8"
+ ],
+ "path": "ubi8-baseos-remote/Packages/p/perl-IO-1.38-419.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:18+11:00",
+ "artifact_scan_time": "2021-05-20T14:21:12+10:00",
+ "issue_id": "XRAY-133713",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "MITIGATION: To mitigate this flaw, developers should not allow untrusted regular expressions to be compiled by the Perl regular expression compiler.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-10543"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-10878",
+ "cvss_v2_score": 7.5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.6,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.5,
+ "cvss3_max_score": 8.6,
+ "summary": "CVE-2020-10878 perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:perl-IO:0:1.38-419.el8",
+ "impacted_artifact": "rpm://8:perl-IO:0:1.38-419.el8",
+ "impact_path": [
+ "rpm://8:perl-IO:0:1.38-419.el8"
+ ],
+ "path": "ubi8-baseos-remote/Packages/p/perl-IO-1.38-419.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:18+11:00",
+ "artifact_scan_time": "2021-05-20T14:21:12+10:00",
+ "issue_id": "XRAY-133725",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "MITIGATION: To mitigate this flaw, developers should not allow untrusted regular expressions to be compiled by the Perl regular expression compiler.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-10878"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3114",
+ "cvss_v2_score": 6.4,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:N",
+ "cvss_v3_score": 6.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
+ }
+ ],
+ "cvss2_max_score": 6.4,
+ "cvss3_max_score": 6.5,
+ "summary": "CVE-2021-3114 golang: crypto/elliptic: incorrect operations on the P-224 curve (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:libgomp:0:8.4.1-1.el8",
+ "impacted_artifact": "rpm://8:libgomp:0:8.4.1-1.el8",
+ "impact_path": [
+ "rpm://8:libgomp:0:8.4.1-1.el8"
+ ],
+ "path": "ubi8-baseos-remote/Packages/l/libgomp-8.4.1-1.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2021-03-08T08:29:49+11:00",
+ "artifact_scan_time": "2021-05-20T14:21:12+10:00",
+ "issue_id": "XRAY-141804",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in golang: crypto/elliptic, in which P-224 keys as generated, can return incorrect inputs, reducing the strength of the cryptography. The greatest threat to the system is for confidentiality and integrity. STATEMENT: OpenShift ServiceMesh (OSSM) 1.1 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities because it is now in the Maintenance Phase of the support.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2021-3114"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-5503",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 4.4,
+ "summary": "CVE-2017-5503 jasper: invalid memory write in dec_clnpass() (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impacted_artifact": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impact_path": [
+ "rpm://8:jasper-libs:0:2.0.14-4.el8"
+ ],
+ "path": "centos8-appstream-remote/Packages/jasper-libs-2.0.14-4.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T16:18:23+11:00",
+ "artifact_scan_time": "2021-05-21T08:32:13+10:00",
+ "issue_id": "XRAY-134699",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CVE-2017-5503 jasper: invalid memory write in dec_clnpass() (moderate)",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2017-5503"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-5505",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 4.4,
+ "summary": "CVE-2017-5505 jasper: Invalid memory read in jas_matrix_asl (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impacted_artifact": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impact_path": [
+ "rpm://8:jasper-libs:0:2.0.14-4.el8"
+ ],
+ "path": "centos8-appstream-remote/Packages/jasper-libs-2.0.14-4.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T16:18:23+11:00",
+ "artifact_scan_time": "2021-05-21T08:32:13+10:00",
+ "issue_id": "XRAY-134700",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CVE-2017-5505 jasper: Invalid memory read in jas_matrix_asl (moderate)",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2017-5505"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3443",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss3_max_score": 5.5,
+ "summary": "CVE-2021-3443 jasper: NULL pointer dereference in jp2_decode() in jp2_dec.c (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impacted_artifact": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impact_path": [
+ "rpm://8:jasper-libs:0:2.0.14-4.el8"
+ ],
+ "path": "centos8-appstream-remote/Packages/jasper-libs-2.0.14-4.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2021-03-23T20:38:25+11:00",
+ "artifact_scan_time": "2021-05-21T08:32:13+10:00",
+ "issue_id": "XRAY-157312",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2021-3443"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3272",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.5,
+ "summary": "CVE-2021-3272 jasper: Heap-based buffer over-read in jp2_decode() in jp2_dec.c (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impacted_artifact": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impact_path": [
+ "rpm://8:jasper-libs:0:2.0.14-4.el8"
+ ],
+ "path": "centos8-appstream-remote/Packages/jasper-libs-2.0.14-4.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2021-01-30T15:46:29+11:00",
+ "artifact_scan_time": "2021-05-21T08:32:13+10:00",
+ "issue_id": "XRAY-139011",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CVE-2021-3272 jasper: Heap-based buffer over-read in jp2_decode() in jp2_dec.c (moderate)",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2021-3272"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-26926",
+ "cvss_v2_score": 5.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:P",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.8,
+ "cvss3_max_score": 5.5,
+ "summary": "CVE-2021-26926 jasper: Out of bounds read in jp2_decode() in jp2_dec.c (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impacted_artifact": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impact_path": [
+ "rpm://8:jasper-libs:0:2.0.14-4.el8"
+ ],
+ "path": "centos8-appstream-remote/Packages/jasper-libs-2.0.14-4.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2021-02-10T15:57:26+11:00",
+ "artifact_scan_time": "2021-05-21T08:32:13+10:00",
+ "issue_id": "XRAY-140289",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CVE-2021-26926 jasper: Out of bounds read in jp2_decode() in jp2_dec.c (moderate)",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2021-26926"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-26927",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.5,
+ "summary": "CVE-2021-26927 jasper: NULL pointer dereference in jp2_decode() in jp2_dec.c (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impacted_artifact": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impact_path": [
+ "rpm://8:jasper-libs:0:2.0.14-4.el8"
+ ],
+ "path": "centos8-appstream-remote/Packages/jasper-libs-2.0.14-4.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2021-03-08T08:53:15+11:00",
+ "artifact_scan_time": "2021-05-21T08:32:13+10:00",
+ "issue_id": "XRAY-141828",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CVE-2021-26927 jasper: NULL pointer dereference in jp2_decode() in jp2_dec.c (moderate)",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2021-26927"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-27828",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 7.8,
+ "summary": "CVE-2020-27828 jasper: Heap-based buffer overflow in cp_create() in jpc_enc.c (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impacted_artifact": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impact_path": [
+ "rpm://8:jasper-libs:0:2.0.14-4.el8"
+ ],
+ "path": "centos8-appstream-remote/Packages/jasper-libs-2.0.14-4.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:29+11:00",
+ "artifact_scan_time": "2021-05-21T08:32:13+10:00",
+ "issue_id": "XRAY-134058",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in the Jasper tool’s jpc encoder. This flaw allows an attacker to craft input provided to Jasper, causing an arbitrary out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. MITIGATION: This flaw can be mitigated for the Jasper tool by not accepting untrusted inputs to be processed by Jasper or constraining rlevels on those inputs from outside of Jasper.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-27828"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3467",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss3_max_score": 5.5,
+ "summary": "CVE-2021-3467 jasper: NULL pointer dereference in jp2_decode() in jp2_dec.c (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impacted_artifact": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impact_path": [
+ "rpm://8:jasper-libs:0:2.0.14-4.el8"
+ ],
+ "path": "centos8-appstream-remote/Packages/jasper-libs-2.0.14-4.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2021-03-25T20:44:24+11:00",
+ "artifact_scan_time": "2021-05-21T08:32:13+10:00",
+ "issue_id": "XRAY-158203",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2021-3467"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2017-5504",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 4.4,
+ "summary": "CVE-2017-5504 jasper: Invalid memory read in jpc_undo_roi (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impacted_artifact": "rpm://8:jasper-libs:0:2.0.14-4.el8",
+ "impact_path": [
+ "rpm://8:jasper-libs:0:2.0.14-4.el8"
+ ],
+ "path": "centos8-appstream-remote/Packages/jasper-libs-2.0.14-4.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:52:48+11:00",
+ "artifact_scan_time": "2021-05-21T08:32:13+10:00",
+ "issue_id": "XRAY-132250",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CVE-2017-5504 jasper: Invalid memory read in jpc_undo_roi (moderate)",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2017-5504"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-16435",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.5,
+ "summary": "CVE-2018-16435 lcms2: Integer overflow in AllocateDataSet() in cmscgats.c leading to heap-based buffer overflow (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:lcms2:0:2.9-2.el8",
+ "impacted_artifact": "rpm://8:lcms2:0:2.9-2.el8",
+ "impact_path": [
+ "rpm://8:lcms2:0:2.9-2.el8"
+ ],
+ "path": "centos8-appstream-remote/Packages/lcms2-2.9-2.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T16:10:17+11:00",
+ "artifact_scan_time": "2021-05-21T08:32:14+10:00",
+ "issue_id": "XRAY-134531",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "STATEMENT: This issue affects the versions of lcms2 as shipped with Red Hat Enterprise Linux 7.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2018-16435"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-15945",
+ "cvss_v2_score": 2.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 2.1,
+ "cvss3_max_score": 5.5,
+ "summary": "CVE-2020-15945 lua: segmentation fault in changedline in ldebug.c (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:lua:0:5.3.4-11.el8",
+ "impacted_artifact": "rpm://8:lua:0:5.3.4-11.el8",
+ "impact_path": [
+ "rpm://8:lua:0:5.3.4-11.el8"
+ ],
+ "path": "centos8-appstream-remote/Packages/lua-5.3.4-11.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T16:18:34+11:00",
+ "artifact_scan_time": "2021-05-21T08:32:14+10:00",
+ "issue_id": "XRAY-134918",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "STATEMENT: Red Hat Ceph Storage 3 and 4 ships vulnerable version of Lua(embedded in Ceph), however Lua is no longer supported in Ceph.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-15945"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12399",
+ "cvss_v2_score": 1.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:H/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 1.2,
+ "cvss3_max_score": 4.4,
+ "summary": "CVE-2020-12399 nss: Timing attack on DSA signature generation (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss-util:0:3.53.1-11.el8_2",
+ "impacted_artifact": "rpm://8:nss-util:0:3.53.1-11.el8_2",
+ "impact_path": [
+ "rpm://8:nss-util:0:3.53.1-11.el8_2"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-util-3.53.1-11.el8_2.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:19+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:39+11:00",
+ "issue_id": "XRAY-133788",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in the DSA signature generation function in nss. During the process of generating a DSA signature, the nonce value 'k' is not padded, exposing the bit length. Combined with other techniques, this can result in the recovery of the DSA private key. The highest threat from this vulnerability is to data confidentiality. STATEMENT: A timing attack was found in the way NSS generated DSA signatures. A man-in-the-middle attacker could use this attack during DSA signature generation to recover the private key. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible.Firefox and Thunderbird on Red Hat Enterprise Linux are built against the system nss library. MITIGATION: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-12399"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12401",
+ "cvss_v2_score": 1.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 1.9,
+ "cvss3_max_score": 4.4,
+ "summary": "CVE-2020-12401 nss: ECDSA timing attack mitigation bypass (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss-util:0:3.53.1-11.el8_2",
+ "impacted_artifact": "rpm://8:nss-util:0:3.53.1-11.el8_2",
+ "impact_path": [
+ "rpm://8:nss-util:0:3.53.1-11.el8_2"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-util-3.53.1-11.el8_2.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:20+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:39+11:00",
+ "issue_id": "XRAY-133790",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in nss. Using the EM side-channel, it is possible to extract the position of zero and non-zero wNAF digits while nss-certutil tool performs scalar multiplication during the ECDSA signature generation, leaking partial information about the ECDSA nonce. Given a small number of ECDSA signatures, this information can be used to steal the private key. The highest threat from this vulnerability is to data confidentiality. STATEMENT: This is a side channel attack which can used to exact pirate keys when ECDSA signatures are being generated. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible. MITIGATION: This is a side channel attack which can used to exact pirate keys when ECDSA signatures are being generated. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-12401"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-25648",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "CVE-2020-25648 nss: TLS 1.3 CCS flood remote DoS Attack (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss-util:0:3.53.1-11.el8_2",
+ "impacted_artifact": "rpm://8:nss-util:0:3.53.1-11.el8_2",
+ "impact_path": [
+ "rpm://8:nss-util:0:3.53.1-11.el8_2"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-util-3.53.1-11.el8_2.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:27+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:39+11:00",
+ "issue_id": "XRAY-133983",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. STATEMENT: This flaw only affects servers that are compiled with the NSS library and when the TLS 1.3 protocol is used.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-25648"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-6829",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2020-12403",
+ "cvss_v3_score": 6.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:H"
+ },
+ {
+ "cve": "CVE-2020-12400",
+ "cvss_v2_score": 1.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:H/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 1.2,
+ "cvss3_max_score": 6.8,
+ "summary": "RHSA-2021:0538: nss security and bug fix update (Moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss-util:0:3.53.1-11.el8_2",
+ "impacted_artifact": "rpm://8:nss-util:0:3.53.1-11.el8_2",
+ "impact_path": [
+ "rpm://8:nss-util:0:3.53.1-11.el8_2"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-util-3.53.1-11.el8_2.x86_64.rpm",
+ "fixed_versions": [
+ "≥ 0:3.53.1-17.el8_3"
+ ],
+ "published": "2021-02-24T05:43:48+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:39+11:00",
+ "issue_id": "XRAY-141151",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.Security Fix(es):* nss: Side channel attack on ECDSA signature generation (CVE-2020-6829)* nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function (CVE-2020-12400)* nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read (CVE-2020-12403)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Bug Fix(es):* Support key wrap/unwrap with RSA-OAEP (BZ#1896431)* 1536bit group from RFC3526 is allowed in FIPS mode when in policy DH-MIN is set to be lower than 1536 (BZ#1896432)* when NSS_SDB_USE_CACHE not set, after curl access https, dentry increase but never released - consider alternative algorithm for benchmarking ACCESS call in sdb_measureAccess [rhel-8] (BZ#1896933)* Policy should allow overriding library defaults (BZ#1898702)* KDF-self-tests-induced changes for nss in RHEL 8.4 (BZ#1898953)* nss: non-blocksize requests to IKEv1 KDF returns bogus output (BZ#1904408)",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-6829",
+ "https://access.redhat.com/security/cve/CVE-2020-12403",
+ "https://access.redhat.com/security/cve/CVE-2020-12400",
+ "https://access.redhat.com/errata/RHSA-2021:0538"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12401",
+ "cvss_v2_score": 1.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 1.9,
+ "cvss3_max_score": 4.4,
+ "summary": "CVE-2020-12401 nss: ECDSA timing attack mitigation bypass (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss-softokn-freebl:0:3.53.1-11.el8_2",
+ "impacted_artifact": "rpm://8:nss-softokn-freebl:0:3.53.1-11.el8_2",
+ "impact_path": [
+ "rpm://8:nss-softokn-freebl:0:3.53.1-11.el8_2"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-softokn-freebl-3.53.1-11.el8_2.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:20+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:40+11:00",
+ "issue_id": "XRAY-133790",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in nss. Using the EM side-channel, it is possible to extract the position of zero and non-zero wNAF digits while nss-certutil tool performs scalar multiplication during the ECDSA signature generation, leaking partial information about the ECDSA nonce. Given a small number of ECDSA signatures, this information can be used to steal the private key. The highest threat from this vulnerability is to data confidentiality. STATEMENT: This is a side channel attack which can used to exact pirate keys when ECDSA signatures are being generated. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible. MITIGATION: This is a side channel attack which can used to exact pirate keys when ECDSA signatures are being generated. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-12401"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-25648",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "CVE-2020-25648 nss: TLS 1.3 CCS flood remote DoS Attack (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss-softokn-freebl:0:3.53.1-11.el8_2",
+ "impacted_artifact": "rpm://8:nss-softokn-freebl:0:3.53.1-11.el8_2",
+ "impact_path": [
+ "rpm://8:nss-softokn-freebl:0:3.53.1-11.el8_2"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-softokn-freebl-3.53.1-11.el8_2.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:27+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:40+11:00",
+ "issue_id": "XRAY-133983",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. STATEMENT: This flaw only affects servers that are compiled with the NSS library and when the TLS 1.3 protocol is used.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-25648"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-6829",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2020-12403",
+ "cvss_v3_score": 6.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:H"
+ },
+ {
+ "cve": "CVE-2020-12400",
+ "cvss_v2_score": 1.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:H/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 1.2,
+ "cvss3_max_score": 6.8,
+ "summary": "RHSA-2021:0538: nss security and bug fix update (Moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss-softokn-freebl:0:3.53.1-11.el8_2",
+ "impacted_artifact": "rpm://8:nss-softokn-freebl:0:3.53.1-11.el8_2",
+ "impact_path": [
+ "rpm://8:nss-softokn-freebl:0:3.53.1-11.el8_2"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-softokn-freebl-3.53.1-11.el8_2.x86_64.rpm",
+ "fixed_versions": [
+ "≥ 0:3.53.1-17.el8_3"
+ ],
+ "published": "2021-02-24T05:43:48+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:40+11:00",
+ "issue_id": "XRAY-141151",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.Security Fix(es):* nss: Side channel attack on ECDSA signature generation (CVE-2020-6829)* nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function (CVE-2020-12400)* nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read (CVE-2020-12403)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Bug Fix(es):* Support key wrap/unwrap with RSA-OAEP (BZ#1896431)* 1536bit group from RFC3526 is allowed in FIPS mode when in policy DH-MIN is set to be lower than 1536 (BZ#1896432)* when NSS_SDB_USE_CACHE not set, after curl access https, dentry increase but never released - consider alternative algorithm for benchmarking ACCESS call in sdb_measureAccess [rhel-8] (BZ#1896933)* Policy should allow overriding library defaults (BZ#1898702)* KDF-self-tests-induced changes for nss in RHEL 8.4 (BZ#1898953)* nss: non-blocksize requests to IKEv1 KDF returns bogus output (BZ#1904408)",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-6829",
+ "https://access.redhat.com/security/cve/CVE-2020-12403",
+ "https://access.redhat.com/security/cve/CVE-2020-12400",
+ "https://access.redhat.com/errata/RHSA-2021:0538"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12399",
+ "cvss_v2_score": 1.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:H/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 1.2,
+ "cvss3_max_score": 4.4,
+ "summary": "CVE-2020-12399 nss: Timing attack on DSA signature generation (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss-softokn-freebl:0:3.53.1-11.el8_2",
+ "impacted_artifact": "rpm://8:nss-softokn-freebl:0:3.53.1-11.el8_2",
+ "impact_path": [
+ "rpm://8:nss-softokn-freebl:0:3.53.1-11.el8_2"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-softokn-freebl-3.53.1-11.el8_2.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:19+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:40+11:00",
+ "issue_id": "XRAY-133788",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in the DSA signature generation function in nss. During the process of generating a DSA signature, the nonce value 'k' is not padded, exposing the bit length. Combined with other techniques, this can result in the recovery of the DSA private key. The highest threat from this vulnerability is to data confidentiality. STATEMENT: A timing attack was found in the way NSS generated DSA signatures. A man-in-the-middle attacker could use this attack during DSA signature generation to recover the private key. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible.Firefox and Thunderbird on Red Hat Enterprise Linux are built against the system nss library. MITIGATION: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-12399"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-25648",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "CVE-2020-25648 nss: TLS 1.3 CCS flood remote DoS Attack (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss:0:3.53.1-11.el8_2",
+ "impacted_artifact": "rpm://8:nss:0:3.53.1-11.el8_2",
+ "impact_path": [
+ "rpm://8:nss:0:3.53.1-11.el8_2"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-3.53.1-11.el8_2.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:27+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:40+11:00",
+ "issue_id": "XRAY-133983",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. STATEMENT: This flaw only affects servers that are compiled with the NSS library and when the TLS 1.3 protocol is used.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-25648"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-6829",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ },
+ {
+ "cve": "CVE-2020-12403",
+ "cvss_v3_score": 6.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:H"
+ },
+ {
+ "cve": "CVE-2020-12400",
+ "cvss_v2_score": 1.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:H/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 1.2,
+ "cvss3_max_score": 6.8,
+ "summary": "RHSA-2021:0538: nss security and bug fix update (Moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss:0:3.53.1-11.el8_2",
+ "impacted_artifact": "rpm://8:nss:0:3.53.1-11.el8_2",
+ "impact_path": [
+ "rpm://8:nss:0:3.53.1-11.el8_2"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-3.53.1-11.el8_2.x86_64.rpm",
+ "fixed_versions": [
+ "≥ 0:3.53.1-17.el8_3"
+ ],
+ "published": "2021-02-24T05:43:48+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:40+11:00",
+ "issue_id": "XRAY-141151",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.Security Fix(es):* nss: Side channel attack on ECDSA signature generation (CVE-2020-6829)* nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function (CVE-2020-12400)* nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read (CVE-2020-12403)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Bug Fix(es):* Support key wrap/unwrap with RSA-OAEP (BZ#1896431)* 1536bit group from RFC3526 is allowed in FIPS mode when in policy DH-MIN is set to be lower than 1536 (BZ#1896432)* when NSS_SDB_USE_CACHE not set, after curl access https, dentry increase but never released - consider alternative algorithm for benchmarking ACCESS call in sdb_measureAccess [rhel-8] (BZ#1896933)* Policy should allow overriding library defaults (BZ#1898702)* KDF-self-tests-induced changes for nss in RHEL 8.4 (BZ#1898953)* nss: non-blocksize requests to IKEv1 KDF returns bogus output (BZ#1904408)",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-6829",
+ "https://access.redhat.com/security/cve/CVE-2020-12403",
+ "https://access.redhat.com/security/cve/CVE-2020-12400",
+ "https://access.redhat.com/errata/RHSA-2021:0538"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12399",
+ "cvss_v2_score": 1.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:H/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 1.2,
+ "cvss3_max_score": 4.4,
+ "summary": "CVE-2020-12399 nss: Timing attack on DSA signature generation (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss:0:3.53.1-11.el8_2",
+ "impacted_artifact": "rpm://8:nss:0:3.53.1-11.el8_2",
+ "impact_path": [
+ "rpm://8:nss:0:3.53.1-11.el8_2"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-3.53.1-11.el8_2.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:19+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:40+11:00",
+ "issue_id": "XRAY-133788",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in the DSA signature generation function in nss. During the process of generating a DSA signature, the nonce value 'k' is not padded, exposing the bit length. Combined with other techniques, this can result in the recovery of the DSA private key. The highest threat from this vulnerability is to data confidentiality. STATEMENT: A timing attack was found in the way NSS generated DSA signatures. A man-in-the-middle attacker could use this attack during DSA signature generation to recover the private key. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible.Firefox and Thunderbird on Red Hat Enterprise Linux are built against the system nss library. MITIGATION: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-12399"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-12401",
+ "cvss_v2_score": 1.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 4.4,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 1.9,
+ "cvss3_max_score": 4.4,
+ "summary": "CVE-2020-12401 nss: ECDSA timing attack mitigation bypass (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:nss:0:3.53.1-11.el8_2",
+ "impacted_artifact": "rpm://8:nss:0:3.53.1-11.el8_2",
+ "impact_path": [
+ "rpm://8:nss:0:3.53.1-11.el8_2"
+ ],
+ "path": "ubi8-appstream-remote/Packages/n/nss-3.53.1-11.el8_2.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:20+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:40+11:00",
+ "issue_id": "XRAY-133790",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in nss. Using the EM side-channel, it is possible to extract the position of zero and non-zero wNAF digits while nss-certutil tool performs scalar multiplication during the ECDSA signature generation, leaking partial information about the ECDSA nonce. Given a small number of ECDSA signatures, this information can be used to steal the private key. The highest threat from this vulnerability is to data confidentiality. STATEMENT: This is a side channel attack which can used to exact pirate keys when ECDSA signatures are being generated. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible. MITIGATION: This is a side channel attack which can used to exact pirate keys when ECDSA signatures are being generated. This attack is only feasible when the attacker is local to the machine or in certain cross-VM scenarios where the signature is being generated. Attacks over the network or via the internet are not feasible.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-12401"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2018-1000021",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 5,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 5,
+ "summary": "CVE-2018-1000021 git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages to potentially execute arbitrary commands (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:git:0:2.27.0-1.el8",
+ "impacted_artifact": "rpm://8:git:0:2.27.0-1.el8",
+ "impact_path": [
+ "rpm://8:git:0:2.27.0-1.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/g/git-2.27.0-1.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:52:56+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:41+11:00",
+ "issue_id": "XRAY-132643",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: It was found that the Git client printed server-sent ANSI escape codes to the terminal without any sanitization, leading to execution of arbitrary escape sequences in the terminal emulator. Exploitation of this flaw by a MitM attacker could potentially result in code execution, arbitrary file writes, or other attacks under highly specific circumstances dependent on the usage of a vulnerable terminal emulator by the user.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2018-1000021"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-21300",
+ "cvss_v2_score": 5.1,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.1,
+ "cvss3_max_score": 7.5,
+ "summary": "CVE-2021-21300 git: remote code execution during clone operation on case-insensitive filesystems (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:git:0:2.27.0-1.el8",
+ "impacted_artifact": "rpm://8:git:0:2.27.0-1.el8",
+ "impact_path": [
+ "rpm://8:git:0:2.27.0-1.el8"
+ ],
+ "path": "ubi8-appstream-remote/Packages/g/git-2.27.0-1.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2021-03-11T02:18:48+11:00",
+ "artifact_scan_time": "2021-01-27T20:39:41+11:00",
+ "issue_id": "XRAY-141988",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "DOCUMENTATION: A flaw was found in git, in which a specially-crafted repository that contains a symbolic link may cause just-checked out script to be executed while cloning. STATEMENT: This vulnerability affects case-insensitive file systems, therefore typical Linux scenarios should be safe. However as per upstream exploitation is even possible on Linux under certain circumstances.Red Hat CodeReady Studio 12 is not affected by this flaw because Jboss Forge Addon uses jgit which is a different (Java) git implementation than git itself. MITIGATION: If symbolic link support is disabled in Git (e.g. via git config --global core.symlinks false), the described attack won't work.Likewise, if no clean/smudge filters such as Git LFS are configured globally (i.e. before cloning), the attack is foiled.As always, it is best to avoid cloning repositories from untrusted sources.",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2021-21300"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2009-2625",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "summary": "XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.",
+ "severity": "Medium",
+ "vulnerable_component": "gav://xerces:xercesImpl:2.9.1",
+ "impacted_artifact": "gav://xerces:xercesImpl:2.9.1",
+ "impact_path": [
+ "gav://xerces:xercesImpl:2.9.1"
+ ],
+ "path": "mavencentral-remote/xerces/xercesImpl/2.9.1/xercesImpl-2.9.1.jar",
+ "fixed_versions": [
+ "2.10.0"
+ ],
+ "published": "2017-07-05T21:31:13+10:00",
+ "artifact_scan_time": "2021-03-09T08:46:52+11:00",
+ "issue_id": "XRAY-55915",
+ "package_type": "maven",
+ "provider": "JFrog",
+ "description": "XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.",
+ "references": [
+ "http://www.vupen.com/english/advisories/2011/0359",
+ "http://www.vupen.com/english/advisories/2009/3316",
+ "http://www.vupen.com/english/advisories/2009/2543",
+ "http://www.ubuntu.com/usn/USN-890-1",
+ "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00001.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2009-11/msg00002.html",
+ "http://sunsolve.sun.com/search/document.do?assetkey=1-66-272209-1",
+ "http://sunsolve.sun.com/search/document.do?assetkey=1-66-263489-1",
+ "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021506.1-1",
+ "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.486026",
+ "http://www.securitytracker.com/id?1022680",
+ "http://rhn.redhat.com/errata/RHSA-2012-1537.html",
+ "http://rhn.redhat.com/errata/RHSA-2012-1232.html",
+ "http://www.redhat.com/support/errata/RHSA-2011-0858.html",
+ "https://rhn.redhat.com/errata/RHSA-2009-1650.html",
+ "https://rhn.redhat.com/errata/RHSA-2009-1649.html",
+ "https://rhn.redhat.com/errata/RHSA-2009-1637.html",
+ "https://rhn.redhat.com/errata/RHSA-2009-1636.html",
+ "http://www.redhat.com/support/errata/RHSA-2009-1615.html",
+ "https://rhn.redhat.com/errata/RHSA-2009-1201.html",
+ "https://rhn.redhat.com/errata/RHSA-2009-1200.html",
+ "https://rhn.redhat.com/errata/RHSA-2009-1199.html",
+ "http://www.openwall.com/lists/oss-security/2009/10/26/3",
+ "http://www.openwall.com/lists/oss-security/2009/10/23/6",
+ "http://www.openwall.com/lists/oss-security/2009/10/22/9",
+ "http://www.openwall.com/lists/oss-security/2009/09/06/1",
+ "http://www.networkworld.com/columnists/2009/080509-xml-flaw.html",
+ "http://www.codenomicon.com/labs/xml/",
+ "http://www.cert.fi/en/reports/2009/vulnerability2009085.html",
+ "http://www.mandriva.com/security/advisories?name=MDVSA-2011:108",
+ "http://www.mandriva.com/security/advisories?name=MDVSA-2009:209",
+ "http://marc.info/?l=bugtraq\u0026m=125787273209737\u0026w=2",
+ "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00325.html",
+ "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg00310.html",
+ "http://www.debian.org/security/2010/dsa-1984",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=512921",
+ "http://www.vmware.com/security/advisories/VMSA-2009-0016.html",
+ "http://www.oracle.com/technetwork/topics/security/cpuoct2009-096303.html",
+ "http://www.oracle.com/technetwork/topics/security/cpujan2010-084891.html",
+ "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=572055\u0026r2=787352\u0026pathrev=787353\u0026diff_format=h",
+ "http://sunsolve.sun.com/search/document.do?assetkey=1-21-125136-16-1",
+ "http://www.us-cert.gov/cas/techalerts/TA10-012A.html",
+ "http://www.us-cert.gov/cas/techalerts/TA09-294A.html",
+ "http://www.securityfocus.com/archive/1/archive/1/507985/100/0/threaded",
+ "http://www.securityfocus.com/bid/35958",
+ "http://lists.apple.com/archives/security-announce/2009/Sep/msg00000.html"
+ ]
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-24332",
+ "cvss_v2_score": 4.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:N/I:N/A:C",
+ "cvss_v3_score": 5.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.9,
+ "cvss3_max_score": 5.5,
+ "summary": "CVE-2020-24332 trousers: tss user can be used to create or corrupt existing files, this could lead to DoS (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:trousers:0:0.3.14-4.el8",
+ "impacted_artifact": "rpm://8:trousers:0:0.3.14-4.el8",
+ "impact_path": [
+ "rpm://8:trousers:0:0.3.14-4.el8"
+ ],
+ "path": "centos8-baseos-remote/Packages/trousers-0.3.14-4.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:26+11:00",
+ "artifact_scan_time": "2021-04-20T09:29:35+10:00",
+ "issue_id": "XRAY-133967",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CVE-2020-24332 trousers: tss user can be used to create or corrupt existing files, this could lead to DoS (moderate)",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-24332"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-24331",
+ "cvss_v2_score": 7.2,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:C/I:C/A:C",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 7.2,
+ "cvss3_max_score": 7.8,
+ "summary": "CVE-2020-24331 trousers: tss user still has read and write access to the /etc/tcsd.conf file if tcsd is started as root (moderate)",
+ "severity": "Medium",
+ "vulnerable_component": "rpm://8:trousers:0:0.3.14-4.el8",
+ "impacted_artifact": "rpm://8:trousers:0:0.3.14-4.el8",
+ "impact_path": [
+ "rpm://8:trousers:0:0.3.14-4.el8"
+ ],
+ "path": "centos8-baseos-remote/Packages/trousers-0.3.14-4.el8.x86_64.rpm",
+ "fixed_versions": [],
+ "published": "2020-12-16T15:53:26+11:00",
+ "artifact_scan_time": "2021-04-20T09:29:35+10:00",
+ "issue_id": "XRAY-133966",
+ "package_type": "rpm",
+ "provider": "JFrog",
+ "description": "CVE-2020-24331 trousers: tss user still has read and write access to the /etc/tcsd.conf file if tcsd is started as root (moderate)",
+ "references": [
+ "https://access.redhat.com/security/cve/CVE-2020-24331"
+ ],
+ "external_advisory_source": "Red Hat Severity",
+ "external_advisory_severity": "Moderate"
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-12904",
+ "cvss_v2_score": 4.3,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N",
+ "cvss_v3_score": 5.9,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"
+ }
+ ],
+ "cvss2_max_score": 4.3,
+ "cvss3_max_score": 5.9,
+ "summary": "In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.)",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libgcrypt20:1.8.4-5",
+ "impacted_artifact": "docker://library/httpd:sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2",
+ "impact_path": [
+ "docker://library/httpd:sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2",
+ "generic://sha256:69692152171afee1fd341febc390747cfca2ff302f2881d8b394e786af605696/sha256__69692152171afee1fd341febc390747cfca2ff302f2881d8b394e786af605696.tar.gz",
+ "deb://debian:buster:libgcrypt20:1.8.4-5"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2/",
+ "fixed_versions": [],
+ "published": "2019-06-20T21:40:09+10:00",
+ "artifact_scan_time": "2021-05-13T10:57:41+10:00",
+ "issue_id": "XRAY-84195",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.)",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3326",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libc6:2.28-10",
+ "impacted_artifact": "docker://library/httpd:sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2",
+ "impact_path": [
+ "docker://library/httpd:sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2",
+ "generic://sha256:69692152171afee1fd341febc390747cfca2ff302f2881d8b394e786af605696/sha256__69692152171afee1fd341febc390747cfca2ff302f2881d8b394e786af605696.tar.gz",
+ "deb://debian:buster:libc6:2.28-10"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2/",
+ "fixed_versions": [],
+ "published": "2021-01-28T15:04:20+11:00",
+ "artifact_scan_time": "2021-05-13T10:57:41+10:00",
+ "issue_id": "XRAY-138958",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-3326",
+ "cvss_v2_score": 5,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:N/A:P",
+ "cvss_v3_score": 7.5,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5,
+ "cvss3_max_score": 7.5,
+ "summary": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libc-bin:2.28-10",
+ "impacted_artifact": "docker://library/httpd:sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2",
+ "impact_path": [
+ "docker://library/httpd:sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2",
+ "generic://sha256:69692152171afee1fd341febc390747cfca2ff302f2881d8b394e786af605696/sha256__69692152171afee1fd341febc390747cfca2ff302f2881d8b394e786af605696.tar.gz",
+ "deb://debian:buster:libc-bin:2.28-10"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2/",
+ "fixed_versions": [],
+ "published": "2021-01-28T15:04:20+11:00",
+ "artifact_scan_time": "2021-05-13T10:57:41+10:00",
+ "issue_id": "XRAY-138958",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-3843",
+ "cvss_v2_score": 4.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.6,
+ "cvss3_max_score": 7.8,
+ "summary": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libudev1:241-7~deb10u7",
+ "impacted_artifact": "docker://library/httpd:sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2",
+ "impact_path": [
+ "docker://library/httpd:sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2",
+ "generic://sha256:69692152171afee1fd341febc390747cfca2ff302f2881d8b394e786af605696/sha256__69692152171afee1fd341febc390747cfca2ff302f2881d8b394e786af605696.tar.gz",
+ "deb://debian:buster:libudev1:241-7~deb10u7"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2/",
+ "fixed_versions": [],
+ "published": "2019-04-28T16:29:46+10:00",
+ "artifact_scan_time": "2021-05-13T10:57:41+10:00",
+ "issue_id": "XRAY-80974",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-13115",
+ "cvss_v2_score": 5.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.8,
+ "cvss3_max_score": 8.1,
+ "summary": "In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to an _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libssh2-1:1.8.0-2.1",
+ "impacted_artifact": "docker://library/httpd:sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2",
+ "impact_path": [
+ "docker://library/httpd:sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2",
+ "generic://sha256:ab492cf0b2a4f47ba02a478521476bf00c2740f444fc658148b7dc919ed64a7f/sha256__ab492cf0b2a4f47ba02a478521476bf00c2740f444fc658148b7dc919ed64a7f.tar.gz",
+ "deb://debian:buster:libssh2-1:1.8.0-2.1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2/",
+ "fixed_versions": [],
+ "published": "2019-07-18T05:38:25+10:00",
+ "artifact_scan_time": "2021-05-13T10:57:41+10:00",
+ "issue_id": "XRAY-84935",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to an _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2020-1751",
+ "cvss_v2_score": 5.9,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:P/A:C",
+ "cvss_v3_score": 7,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 5.9,
+ "cvss3_max_score": 7,
+ "summary": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libc-bin:2.28-10",
+ "impacted_artifact": "docker://library/httpd:sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2",
+ "impact_path": [
+ "docker://library/httpd:sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2",
+ "generic://sha256:69692152171afee1fd341febc390747cfca2ff302f2881d8b394e786af605696/sha256__69692152171afee1fd341febc390747cfca2ff302f2881d8b394e786af605696.tar.gz",
+ "deb://debian:buster:libc-bin:2.28-10"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2/",
+ "fixed_versions": [],
+ "published": "2020-03-08T15:28:08+11:00",
+ "artifact_scan_time": "2021-05-13T10:57:41+10:00",
+ "issue_id": "XRAY-95139",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential code execution. The highest threat from this vulnerability is to system availability.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2019-3844",
+ "cvss_v2_score": 4.6,
+ "cvss_v2_vector": "CVSS:2.0/AV:L/AC:L/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 7.8,
+ "cvss_v3_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 4.6,
+ "cvss3_max_score": 7.8,
+ "summary": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libudev1:241-7~deb10u7",
+ "impacted_artifact": "docker://library/httpd:sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2",
+ "impact_path": [
+ "docker://library/httpd:sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2",
+ "generic://sha256:69692152171afee1fd341febc390747cfca2ff302f2881d8b394e786af605696/sha256__69692152171afee1fd341febc390747cfca2ff302f2881d8b394e786af605696.tar.gz",
+ "deb://debian:buster:libudev1:241-7~deb10u7"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2/",
+ "fixed_versions": [],
+ "published": "2019-04-28T16:25:09+10:00",
+ "artifact_scan_time": "2021-05-13T10:57:41+10:00",
+ "issue_id": "XRAY-80972",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.",
+ "references": []
+ }
+,{
+ "cves": [
+ {
+ "cve": "CVE-2021-20305",
+ "cvss_v2_score": 6.8,
+ "cvss_v2_vector": "CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
+ "cvss_v3_score": 8.1,
+ "cvss_v3_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
+ }
+ ],
+ "cvss2_max_score": 6.8,
+ "cvss3_max_score": 8.1,
+ "summary": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "severity": "Medium",
+ "vulnerable_component": "deb://debian:buster:libnettle6:3.4.1-1",
+ "impacted_artifact": "docker://library/httpd:sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2",
+ "impact_path": [
+ "docker://library/httpd:sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2",
+ "generic://sha256:69692152171afee1fd341febc390747cfca2ff302f2881d8b394e786af605696/sha256__69692152171afee1fd341febc390747cfca2ff302f2881d8b394e786af605696.tar.gz",
+ "deb://debian:buster:libnettle6:3.4.1-1"
+ ],
+ "path": "dockerhub-remote/library/httpd/sha256__0dbde9c00d906fe47f0f8eee60008d4015d105af53a6f7378594dbdf868c16b2/",
+ "fixed_versions": [],
+ "published": "2021-04-02T15:18:19+11:00",
+ "artifact_scan_time": "2021-05-13T10:57:41+10:00",
+ "issue_id": "XRAY-160716",
+ "package_type": "debian",
+ "provider": "JFrog",
+ "description": "A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA \u0026 ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability.",
+ "references": []
+ }
+]}
\ No newline at end of file