Vulnerabilites related to oracle - hospitality_token_proxy_service
cve-2021-45105
Vulnerability from cvelistv5
Published
2021-12-18 11:55
Modified
2024-08-04 04:39
Severity ?
EPSS score ?
Summary
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in Log4j 2.17.0, 2.12.3, and 2.3.1.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Log4j2 |
Version: log4j-core < 2.17.0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:39:20.295Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://logging.apache.org/log4j/2.x/security.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032", }, { name: "VU#930724", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "https://www.kb.cert.org/vuls/id/930724", }, { name: "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { name: "[oss-security] 20211218 CVE-2021-45105: Apache Log4j2 does not always protect from infinite recursion in lookup evaluation", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/12/19/1", }, { name: "DSA-5024", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2021/dsa-5024", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20211218-0001/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1541/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Apache Log4j2", vendor: "Apache Software Foundation", versions: [ { changes: [ { at: "2.13.0", status: "affected", }, { at: "2.12.3", status: "unaffected", }, { at: "2.4", status: "affected", }, { at: "2.3.1", status: "unaffected", }, { at: "2.0-alpha1", status: "affected", }, ], lessThan: "2.17.0", status: "affected", version: "log4j-core", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Independently discovered by Hideki Okamoto of Akamai Technologies, Guy Lederfein of Trend Micro Research working with Trend Micro’s Zero Day Initiative, and another anonymous vulnerability researcher", }, ], descriptions: [ { lang: "en", value: "Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in Log4j 2.17.0, 2.12.3, and 2.3.1.", }, ], metrics: [ { other: { content: { other: "high", }, type: "unknown", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20 Improper Input Validation", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-674", description: "CWE-674: Uncontrolled Recursion", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-25T16:41:57", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://logging.apache.org/log4j/2.x/security.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032", }, { name: "VU#930724", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "https://www.kb.cert.org/vuls/id/930724", }, { name: "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { name: "[oss-security] 20211218 CVE-2021-45105: Apache Log4j2 does not always protect from infinite recursion in lookup evaluation", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2021/12/19/1", }, { name: "DSA-5024", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2021/dsa-5024", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20211218-0001/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1541/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], source: { defect: [ "LOG4J2-3230", ], discovery: "UNKNOWN", }, title: "Apache Log4j2 does not always protect from infinite recursion in lookup evaluation", workarounds: [ { lang: "en", value: "Implement one of the following mitigation techniques:\n\n* Java 8 (or later) users should upgrade to release 2.17.0.\n\nAlternatively, this can be mitigated in configuration:\n\n* In PatternLayout in the logging configuration, replace Context Lookups like `${ctx:loginId}` or `$${ctx:loginId}` with Thread Context Map patterns (%X, %mdc, or %MDC).\n* Otherwise, in the configuration, remove references to Context Lookups like `${ctx:loginId}` or `$${ctx:loginId}` where they originate \nfrom sources external to the application such as HTTP headers or user input.", }, ], x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@apache.org", ID: "CVE-2021-45105", STATE: "PUBLIC", TITLE: "Apache Log4j2 does not always protect from infinite recursion in lookup evaluation", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Apache Log4j2", version: { version_data: [ { version_affected: "<", version_name: "log4j-core", version_value: "2.17.0", }, { version_affected: ">=", version_name: "log4j-core", version_value: "2.13.0", }, { version_affected: "<", version_name: "log4j-core", version_value: "2.12.3", }, { version_affected: ">=", version_name: "log4j-core", version_value: "2.4", }, { version_affected: "<", version_name: "log4j-core", version_value: "2.3.1", }, { version_affected: ">=", version_name: "log4j-core", version_value: "2.0-alpha1", }, ], }, }, ], }, vendor_name: "Apache Software Foundation", }, ], }, }, credit: [ { lang: "eng", value: "Independently discovered by Hideki Okamoto of Akamai Technologies, Guy Lederfein of Trend Micro Research working with Trend Micro’s Zero Day Initiative, and another anonymous vulnerability researcher", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in Log4j 2.17.0, 2.12.3, and 2.3.1.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: [ { other: "high", }, ], problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20 Improper Input Validation", }, ], }, { description: [ { lang: "eng", value: "CWE-674: Uncontrolled Recursion", }, ], }, ], }, references: { reference_data: [ { name: "https://logging.apache.org/log4j/2.x/security.html", refsource: "MISC", url: "https://logging.apache.org/log4j/2.x/security.html", }, { name: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032", refsource: "CONFIRM", url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032", }, { name: "VU#930724", refsource: "CERT-VN", url: "https://www.kb.cert.org/vuls/id/930724", }, { name: "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { name: "[oss-security] 20211218 CVE-2021-45105: Apache Log4j2 does not always protect from infinite recursion in lookup evaluation", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2021/12/19/1", }, { name: "DSA-5024", refsource: "DEBIAN", url: "https://www.debian.org/security/2021/dsa-5024", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf", }, { name: "https://security.netapp.com/advisory/ntap-20211218-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20211218-0001/", }, { name: "https://www.zerodayinitiative.com/advisories/ZDI-21-1541/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1541/", }, { name: "https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf", refsource: "CONFIRM", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf", }, { name: "https://www.oracle.com/security-alerts/cpujan2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { name: "https://www.oracle.com/security-alerts/cpuapr2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "https://www.oracle.com/security-alerts/cpujul2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], }, source: { defect: [ "LOG4J2-3230", ], discovery: "UNKNOWN", }, work_around: [ { lang: "en", value: "Implement one of the following mitigation techniques:\n\n* Java 8 (or later) users should upgrade to release 2.17.0.\n\nAlternatively, this can be mitigated in configuration:\n\n* In PatternLayout in the logging configuration, replace Context Lookups like `${ctx:loginId}` or `$${ctx:loginId}` with Thread Context Map patterns (%X, %mdc, or %MDC).\n* Otherwise, in the configuration, remove references to Context Lookups like `${ctx:loginId}` or `$${ctx:loginId}` where they originate \nfrom sources external to the application such as HTTP headers or user input.", }, ], }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2021-45105", datePublished: "2021-12-18T11:55:08", dateReserved: "2021-12-16T00:00:00", dateUpdated: "2024-08-04T04:39:20.295Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-37714
Vulnerability from cvelistv5
Published
2021-08-18 15:10
Modified
2024-08-04 01:23
Severity ?
EPSS score ?
Summary
jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck (loop indefinitely until cancelled), to complete more slowly than usual, or to throw an unexpected exception. This effect may support a denial of service attack. The issue is patched in version 1.14.2. There are a few available workarounds. Users may rate limit input parsing, limit the size of inputs based on system resources, and/or implement thread watchdogs to cap and timeout parse runtimes.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T01:23:01.524Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://jsoup.org/news/release-1.14.1", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://jsoup.org/news/release-1.14.2", }, { name: "[james-notifications] 20210820 [GitHub] [james-project] chibenwa opened a new pull request #609: [UPGRADE] JSOUP 1.14.1 -> 1.14.2 to address CVE-2021-37714", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r685c5235235ad0c26e86d0ee987fb802c9675de6081dbf0516464e0b%40%3Cnotifications.james.apache.org%3E", }, { name: "[james-notifications] 20210823 [GitHub] [james-project] chibenwa merged pull request #609: [UPGRADE] JSOUP 1.14.1 -> 1.14.2 to address CVE-2021-37714", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rc3354080fc67fb50b45b3c2d12dc4ca2a3c1c78dad3d3ba012c038aa%40%3Cnotifications.james.apache.org%3E", }, { name: "[james-notifications] 20210823 [james-project] branch master updated: [UPGRADE] JSOUP 1.14.1 -> 1.14.2 to address CVE-2021-37714", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r97404676a5cf591988faedb887d64e278f522adcaa823d89ca69defe%40%3Cnotifications.james.apache.org%3E", }, { name: "[maven-issues] 20210830 [jira] [Created] (WAGON-612) Update jsoup to >= 1.14.2 for fix security issue", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r50e9c9466c592ca9d707a5dea549524d19e3287da08d8392f643960e%40%3Cissues.maven.apache.org%3E", }, { name: "[maven-issues] 20210901 [jira] [Created] (MNG-7227) Fix CVE-2021-37714 present in apache-maven", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r215009dbf7467a9f6506d0c0024cb36cad30071010e62c9352cfaaf0%40%3Cissues.maven.apache.org%3E", }, { name: "[maven-issues] 20210901 [jira] [Updated] (MNG-7227) Fix CVE-2021-37714 present in apache-maven", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r3d71f18adb78e50f626dde689161ca63d3b7491bd9718fcddfaecba7%40%3Cissues.maven.apache.org%3E", }, { name: "[maven-issues] 20210901 [jira] [Commented] (MNG-7227) Fix CVE-2021-37714 present in apache-maven", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r377b93d79817ce649e9e68b3456e6f499747ef1643fa987b342e082e%40%3Cissues.maven.apache.org%3E", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220210-0022/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "jsoup", vendor: "jhy", versions: [ { status: "affected", version: "< 1.14.2", }, ], }, ], descriptions: [ { lang: "en", value: "jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck (loop indefinitely until cancelled), to complete more slowly than usual, or to throw an unexpected exception. This effect may support a denial of service attack. The issue is patched in version 1.14.2. There are a few available workarounds. Users may rate limit input parsing, limit the size of inputs based on system resources, and/or implement thread watchdogs to cap and timeout parse runtimes.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-835", description: "CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-248", description: "CWE-248: Uncaught Exception", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-25T16:31:13", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c", }, { tags: [ "x_refsource_MISC", ], url: "https://jsoup.org/news/release-1.14.1", }, { tags: [ "x_refsource_MISC", ], url: "https://jsoup.org/news/release-1.14.2", }, { name: "[james-notifications] 20210820 [GitHub] [james-project] chibenwa opened a new pull request #609: [UPGRADE] JSOUP 1.14.1 -> 1.14.2 to address CVE-2021-37714", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r685c5235235ad0c26e86d0ee987fb802c9675de6081dbf0516464e0b%40%3Cnotifications.james.apache.org%3E", }, { name: "[james-notifications] 20210823 [GitHub] [james-project] chibenwa merged pull request #609: [UPGRADE] JSOUP 1.14.1 -> 1.14.2 to address CVE-2021-37714", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rc3354080fc67fb50b45b3c2d12dc4ca2a3c1c78dad3d3ba012c038aa%40%3Cnotifications.james.apache.org%3E", }, { name: "[james-notifications] 20210823 [james-project] branch master updated: [UPGRADE] JSOUP 1.14.1 -> 1.14.2 to address CVE-2021-37714", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r97404676a5cf591988faedb887d64e278f522adcaa823d89ca69defe%40%3Cnotifications.james.apache.org%3E", }, { name: "[maven-issues] 20210830 [jira] [Created] (WAGON-612) Update jsoup to >= 1.14.2 for fix security issue", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r50e9c9466c592ca9d707a5dea549524d19e3287da08d8392f643960e%40%3Cissues.maven.apache.org%3E", }, { name: "[maven-issues] 20210901 [jira] [Created] (MNG-7227) Fix CVE-2021-37714 present in apache-maven", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r215009dbf7467a9f6506d0c0024cb36cad30071010e62c9352cfaaf0%40%3Cissues.maven.apache.org%3E", }, { name: "[maven-issues] 20210901 [jira] [Updated] (MNG-7227) Fix CVE-2021-37714 present in apache-maven", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r3d71f18adb78e50f626dde689161ca63d3b7491bd9718fcddfaecba7%40%3Cissues.maven.apache.org%3E", }, { name: "[maven-issues] 20210901 [jira] [Commented] (MNG-7227) Fix CVE-2021-37714 present in apache-maven", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r377b93d79817ce649e9e68b3456e6f499747ef1643fa987b342e082e%40%3Cissues.maven.apache.org%3E", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220210-0022/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], source: { advisory: "GHSA-m72m-mhq2-9p6c", discovery: "UNKNOWN", }, title: "Crafted input may cause the jsoup HTML and XML parser to get stuck, timeout, or throw unchecked exceptions", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2021-37714", STATE: "PUBLIC", TITLE: "Crafted input may cause the jsoup HTML and XML parser to get stuck, timeout, or throw unchecked exceptions", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "jsoup", version: { version_data: [ { version_value: "< 1.14.2", }, ], }, }, ], }, vendor_name: "jhy", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck (loop indefinitely until cancelled), to complete more slowly than usual, or to throw an unexpected exception. This effect may support a denial of service attack. The issue is patched in version 1.14.2. There are a few available workarounds. Users may rate limit input parsing, limit the size of inputs based on system resources, and/or implement thread watchdogs to cap and timeout parse runtimes.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop')", }, ], }, { description: [ { lang: "eng", value: "CWE-248: Uncaught Exception", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c", refsource: "CONFIRM", url: "https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c", }, { name: "https://jsoup.org/news/release-1.14.1", refsource: "MISC", url: "https://jsoup.org/news/release-1.14.1", }, { name: "https://jsoup.org/news/release-1.14.2", refsource: "MISC", url: "https://jsoup.org/news/release-1.14.2", }, { name: "[james-notifications] 20210820 [GitHub] [james-project] chibenwa opened a new pull request #609: [UPGRADE] JSOUP 1.14.1 -> 1.14.2 to address CVE-2021-37714", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r685c5235235ad0c26e86d0ee987fb802c9675de6081dbf0516464e0b@%3Cnotifications.james.apache.org%3E", }, { name: "[james-notifications] 20210823 [GitHub] [james-project] chibenwa merged pull request #609: [UPGRADE] JSOUP 1.14.1 -> 1.14.2 to address CVE-2021-37714", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rc3354080fc67fb50b45b3c2d12dc4ca2a3c1c78dad3d3ba012c038aa@%3Cnotifications.james.apache.org%3E", }, { name: "[james-notifications] 20210823 [james-project] branch master updated: [UPGRADE] JSOUP 1.14.1 -> 1.14.2 to address CVE-2021-37714", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r97404676a5cf591988faedb887d64e278f522adcaa823d89ca69defe@%3Cnotifications.james.apache.org%3E", }, { name: "[maven-issues] 20210830 [jira] [Created] (WAGON-612) Update jsoup to >= 1.14.2 for fix security issue", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r50e9c9466c592ca9d707a5dea549524d19e3287da08d8392f643960e@%3Cissues.maven.apache.org%3E", }, { name: "[maven-issues] 20210901 [jira] [Created] (MNG-7227) Fix CVE-2021-37714 present in apache-maven", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r215009dbf7467a9f6506d0c0024cb36cad30071010e62c9352cfaaf0@%3Cissues.maven.apache.org%3E", }, { name: "[maven-issues] 20210901 [jira] [Updated] (MNG-7227) Fix CVE-2021-37714 present in apache-maven", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r3d71f18adb78e50f626dde689161ca63d3b7491bd9718fcddfaecba7@%3Cissues.maven.apache.org%3E", }, { name: "[maven-issues] 20210901 [jira] [Commented] (MNG-7227) Fix CVE-2021-37714 present in apache-maven", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r377b93d79817ce649e9e68b3456e6f499747ef1643fa987b342e082e@%3Cissues.maven.apache.org%3E", }, { name: "https://www.oracle.com/security-alerts/cpujan2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { name: "https://www.oracle.com/security-alerts/cpuapr2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "https://security.netapp.com/advisory/ntap-20220210-0022/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220210-0022/", }, { name: "https://www.oracle.com/security-alerts/cpujul2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], }, source: { advisory: "GHSA-m72m-mhq2-9p6c", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2021-37714", datePublished: "2021-08-18T15:10:11", dateReserved: "2021-07-29T00:00:00", dateUpdated: "2024-08-04T01:23:01.524Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-13936
Vulnerability from cvelistv5
Published
2021-03-10 08:00
Modified
2025-02-13 16:27
Severity ?
EPSS score ?
Summary
An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache Velocity Engine versions up to 2.2.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Velocity Engine |
Version: Apache Velocity Engine < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T12:32:14.319Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://lists.apache.org/thread.html/r01043f584cbd47959fabe18fff64de940f81a65024bb8dddbda31d9a%40%3Cuser.velocity.apache.org%3E", }, { name: "[velocity-user] 20210310 CVE-2020-13936: Velocity Sandbox Bypass", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r01043f584cbd47959fabe18fff64de940f81a65024bb8dddbda31d9a%40%3Cuser.velocity.apache.org%3E", }, { name: "[velocity-commits] 20210310 [velocity-site] 01/01: CVE announcement", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rb042f3b0090e419cc9f5a3d32cf0baff283ccd6fcb1caea61915d6b6%40%3Ccommits.velocity.apache.org%3E", }, { name: "[oss-security] 20210309 CVE-2020-13936: Velocity Sandbox Bypass", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/03/10/1", }, { name: "[announce] 20210310 CVE-2020-13936: Velocity Sandbox Bypass", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r3ea4c4c908505b20a4c268330dfe7188b90c84dcf777728d02068ae6%40%3Cannounce.apache.org%3E", }, { name: "[druid-commits] 20210316 [GitHub] [druid] clintropolis opened a new pull request #11002: suppress CVE check for security fix", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rd2a89e17e8a9b451ce655f1a34117752ea1d18a22ce580d8baa824fd%40%3Ccommits.druid.apache.org%3E", }, { name: "[debian-lts-announce] 20210317 [SECURITY] [DLA 2595-1] velocity security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00019.html", }, { name: "[ws-dev] 20210318 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/re641197d204765130618086238c73dd2ce5a3f94b33785b587d72726%40%3Cdev.ws.apache.org%3E", }, { name: "[ws-dev] 20210318 [jira] [Created] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rbee7270556f4172322936b5ecc9fabf0c09f00d4fa56c9de1963c340%40%3Cdev.ws.apache.org%3E", }, { name: "[ws-dev] 20210319 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/reab5978b54a9f4c078402161e30a89c42807b198814acadbe6c862c7%40%3Cdev.ws.apache.org%3E", }, { name: "[ws-dev] 20210319 [jira] [Comment Edited] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rd7e865c87f9043c21d9c1fd9d4df866061d9a08cfc322771160d8058%40%3Cdev.ws.apache.org%3E", }, { name: "[ws-dev] 20210322 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/re8e7482fe54d289fc0229e61cc64947b63b12c3c312e9f25bf6f3b8c%40%3Cdev.ws.apache.org%3E", }, { name: "[santuario-dev] 20210323 [GitHub] [santuario-xml-security-java] dependabot[bot] opened a new pull request #33: Bump dependency-check-maven from 6.1.2 to 6.1.3", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r0bc98e9cd080b4a13b905c571b9bed87e1a0878d44dbf21487c6cca4%40%3Cdev.santuario.apache.org%3E", }, { name: "[ws-dev] 20210324 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r39de20c7e9c808b1f96790875d33e58c9c0aabb44fd9227e7b3dc5da%40%3Cdev.ws.apache.org%3E", }, { name: "[ws-dev] 20210325 [jira] [Updated] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r17cb932fab14801b14e5b97a7f05192f4f366ef260c10d4a8dba8ac9%40%3Cdev.ws.apache.org%3E", }, { name: "[ws-dev] 20210325 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r4cd59453b65d4ac290fcb3b71fdf32b4f1f8989025e89558deb5a245%40%3Cdev.ws.apache.org%3E", }, { name: "[turbine-commits] 20210329 svn commit: r1888167 - /turbine/core/trunk/pom.xml", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r7f209b837217d2a0fe5977fb692e7f15d37fa5de8214bcdc4c21d9a7%40%3Ccommits.turbine.apache.org%3E", }, { name: "[ws-dev] 20210331 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r293284c6806c73f51098001ea86a14271c39f72cd76af9e946d9d9ad%40%3Cdev.ws.apache.org%3E", }, { name: "[ws-dev] 20210401 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/rf7d369de88dc88a1347006a3323b3746d849234db40a8edfd5ebc436%40%3Cdev.ws.apache.org%3E", }, { name: "GLSA-202107-52", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202107-52", }, { name: "[activemq-users] 20210830 Security issues", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r9dc2505651788ac668299774d9e7af4dc616be2f56fdc684d1170882%40%3Cusers.activemq.apache.org%3E", }, { name: "[activemq-users] 20210831 RE: Security issues", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r52a5129df402352adc34d052bab9234c8ef63596306506a89fdc7328%40%3Cusers.activemq.apache.org%3E", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Apache Velocity Engine", vendor: "Apache Software Foundation", versions: [ { lessThanOrEqual: "2.2", status: "affected", version: "Apache Velocity Engine", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "This issue was discovered by Alvaro Munoz pwntester@github.com of Github Security Labs and was originally reported as GHSL-2020-048.", }, ], descriptions: [ { lang: "en", value: "An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache Velocity Engine versions up to 2.2.", }, ], problemTypes: [ { descriptions: [ { description: "Velocity Sandbox Bypass", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-08-04T12:34:05.000Z", orgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", shortName: "apache", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://lists.apache.org/thread.html/r01043f584cbd47959fabe18fff64de940f81a65024bb8dddbda31d9a%40%3Cuser.velocity.apache.org%3E", }, { name: "[velocity-user] 20210310 CVE-2020-13936: Velocity Sandbox Bypass", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r01043f584cbd47959fabe18fff64de940f81a65024bb8dddbda31d9a%40%3Cuser.velocity.apache.org%3E", }, { name: "[velocity-commits] 20210310 [velocity-site] 01/01: CVE announcement", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rb042f3b0090e419cc9f5a3d32cf0baff283ccd6fcb1caea61915d6b6%40%3Ccommits.velocity.apache.org%3E", }, { name: "[oss-security] 20210309 CVE-2020-13936: Velocity Sandbox Bypass", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2021/03/10/1", }, { name: "[announce] 20210310 CVE-2020-13936: Velocity Sandbox Bypass", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r3ea4c4c908505b20a4c268330dfe7188b90c84dcf777728d02068ae6%40%3Cannounce.apache.org%3E", }, { name: "[druid-commits] 20210316 [GitHub] [druid] clintropolis opened a new pull request #11002: suppress CVE check for security fix", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rd2a89e17e8a9b451ce655f1a34117752ea1d18a22ce580d8baa824fd%40%3Ccommits.druid.apache.org%3E", }, { name: "[debian-lts-announce] 20210317 [SECURITY] [DLA 2595-1] velocity security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00019.html", }, { name: "[ws-dev] 20210318 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/re641197d204765130618086238c73dd2ce5a3f94b33785b587d72726%40%3Cdev.ws.apache.org%3E", }, { name: "[ws-dev] 20210318 [jira] [Created] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rbee7270556f4172322936b5ecc9fabf0c09f00d4fa56c9de1963c340%40%3Cdev.ws.apache.org%3E", }, { name: "[ws-dev] 20210319 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/reab5978b54a9f4c078402161e30a89c42807b198814acadbe6c862c7%40%3Cdev.ws.apache.org%3E", }, { name: "[ws-dev] 20210319 [jira] [Comment Edited] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rd7e865c87f9043c21d9c1fd9d4df866061d9a08cfc322771160d8058%40%3Cdev.ws.apache.org%3E", }, { name: "[ws-dev] 20210322 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/re8e7482fe54d289fc0229e61cc64947b63b12c3c312e9f25bf6f3b8c%40%3Cdev.ws.apache.org%3E", }, { name: "[santuario-dev] 20210323 [GitHub] [santuario-xml-security-java] dependabot[bot] opened a new pull request #33: Bump dependency-check-maven from 6.1.2 to 6.1.3", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r0bc98e9cd080b4a13b905c571b9bed87e1a0878d44dbf21487c6cca4%40%3Cdev.santuario.apache.org%3E", }, { name: "[ws-dev] 20210324 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r39de20c7e9c808b1f96790875d33e58c9c0aabb44fd9227e7b3dc5da%40%3Cdev.ws.apache.org%3E", }, { name: "[ws-dev] 20210325 [jira] [Updated] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r17cb932fab14801b14e5b97a7f05192f4f366ef260c10d4a8dba8ac9%40%3Cdev.ws.apache.org%3E", }, { name: "[ws-dev] 20210325 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r4cd59453b65d4ac290fcb3b71fdf32b4f1f8989025e89558deb5a245%40%3Cdev.ws.apache.org%3E", }, { name: "[turbine-commits] 20210329 svn commit: r1888167 - /turbine/core/trunk/pom.xml", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r7f209b837217d2a0fe5977fb692e7f15d37fa5de8214bcdc4c21d9a7%40%3Ccommits.turbine.apache.org%3E", }, { name: "[ws-dev] 20210331 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r293284c6806c73f51098001ea86a14271c39f72cd76af9e946d9d9ad%40%3Cdev.ws.apache.org%3E", }, { name: "[ws-dev] 20210401 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/rf7d369de88dc88a1347006a3323b3746d849234db40a8edfd5ebc436%40%3Cdev.ws.apache.org%3E", }, { name: "GLSA-202107-52", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202107-52", }, { name: "[activemq-users] 20210830 Security issues", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r9dc2505651788ac668299774d9e7af4dc616be2f56fdc684d1170882%40%3Cusers.activemq.apache.org%3E", }, { name: "[activemq-users] 20210831 RE: Security issues", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r52a5129df402352adc34d052bab9234c8ef63596306506a89fdc7328%40%3Cusers.activemq.apache.org%3E", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], source: { discovery: "UNKNOWN", }, title: "Velocity Sandbox Bypass", workarounds: [ { lang: "en", value: "Applications using Apache Velocity that allow untrusted users to upload templates should upgrade to version 2.3. This version adds additional default restrictions on what methods/properties can be accessed in a template.", }, ], x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@apache.org", ID: "CVE-2020-13936", STATE: "PUBLIC", TITLE: "Velocity Sandbox Bypass", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Apache Velocity Engine", version: { version_data: [ { version_affected: "<=", version_name: "Apache Velocity Engine", version_value: "2.2", }, ], }, }, ], }, vendor_name: "Apache Software Foundation", }, ], }, }, credit: [ { lang: "eng", value: "This issue was discovered by Alvaro Munoz pwntester@github.com of Github Security Labs and was originally reported as GHSL-2020-048.", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache Velocity Engine versions up to 2.2.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Velocity Sandbox Bypass", }, ], }, ], }, references: { reference_data: [ { name: "https://lists.apache.org/thread.html/r01043f584cbd47959fabe18fff64de940f81a65024bb8dddbda31d9a%40%3Cuser.velocity.apache.org%3E", refsource: "MISC", url: "https://lists.apache.org/thread.html/r01043f584cbd47959fabe18fff64de940f81a65024bb8dddbda31d9a%40%3Cuser.velocity.apache.org%3E", }, { name: "[velocity-user] 20210310 CVE-2020-13936: Velocity Sandbox Bypass", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r01043f584cbd47959fabe18fff64de940f81a65024bb8dddbda31d9a@%3Cuser.velocity.apache.org%3E", }, { name: "[velocity-commits] 20210310 [velocity-site] 01/01: CVE announcement", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rb042f3b0090e419cc9f5a3d32cf0baff283ccd6fcb1caea61915d6b6@%3Ccommits.velocity.apache.org%3E", }, { name: "[oss-security] 20210309 CVE-2020-13936: Velocity Sandbox Bypass", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2021/03/10/1", }, { name: "[announce] 20210310 CVE-2020-13936: Velocity Sandbox Bypass", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r3ea4c4c908505b20a4c268330dfe7188b90c84dcf777728d02068ae6@%3Cannounce.apache.org%3E", }, { name: "[druid-commits] 20210316 [GitHub] [druid] clintropolis opened a new pull request #11002: suppress CVE check for security fix", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rd2a89e17e8a9b451ce655f1a34117752ea1d18a22ce580d8baa824fd@%3Ccommits.druid.apache.org%3E", }, { name: "[debian-lts-announce] 20210317 [SECURITY] [DLA 2595-1] velocity security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00019.html", }, { name: "[ws-dev] 20210318 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", refsource: "MLIST", url: "https://lists.apache.org/thread.html/re641197d204765130618086238c73dd2ce5a3f94b33785b587d72726@%3Cdev.ws.apache.org%3E", }, { name: "[ws-dev] 20210318 [jira] [Created] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rbee7270556f4172322936b5ecc9fabf0c09f00d4fa56c9de1963c340@%3Cdev.ws.apache.org%3E", }, { name: "[ws-dev] 20210319 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", refsource: "MLIST", url: "https://lists.apache.org/thread.html/reab5978b54a9f4c078402161e30a89c42807b198814acadbe6c862c7@%3Cdev.ws.apache.org%3E", }, { name: "[ws-dev] 20210319 [jira] [Comment Edited] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rd7e865c87f9043c21d9c1fd9d4df866061d9a08cfc322771160d8058@%3Cdev.ws.apache.org%3E", }, { name: "[ws-dev] 20210322 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", refsource: "MLIST", url: "https://lists.apache.org/thread.html/re8e7482fe54d289fc0229e61cc64947b63b12c3c312e9f25bf6f3b8c@%3Cdev.ws.apache.org%3E", }, { name: "[santuario-dev] 20210323 [GitHub] [santuario-xml-security-java] dependabot[bot] opened a new pull request #33: Bump dependency-check-maven from 6.1.2 to 6.1.3", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r0bc98e9cd080b4a13b905c571b9bed87e1a0878d44dbf21487c6cca4@%3Cdev.santuario.apache.org%3E", }, { name: "[ws-dev] 20210324 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r39de20c7e9c808b1f96790875d33e58c9c0aabb44fd9227e7b3dc5da@%3Cdev.ws.apache.org%3E", }, { name: "[ws-dev] 20210325 [jira] [Updated] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r17cb932fab14801b14e5b97a7f05192f4f366ef260c10d4a8dba8ac9@%3Cdev.ws.apache.org%3E", }, { name: "[ws-dev] 20210325 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r4cd59453b65d4ac290fcb3b71fdf32b4f1f8989025e89558deb5a245@%3Cdev.ws.apache.org%3E", }, { name: "[turbine-commits] 20210329 svn commit: r1888167 - /turbine/core/trunk/pom.xml", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r7f209b837217d2a0fe5977fb692e7f15d37fa5de8214bcdc4c21d9a7@%3Ccommits.turbine.apache.org%3E", }, { name: "[ws-dev] 20210331 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r293284c6806c73f51098001ea86a14271c39f72cd76af9e946d9d9ad@%3Cdev.ws.apache.org%3E", }, { name: "[ws-dev] 20210401 [jira] [Commented] (WSS-683) WSS4J depends on Velocity 1.7 which contains a security vulnerability (CVE-2020-13936)", refsource: "MLIST", url: "https://lists.apache.org/thread.html/rf7d369de88dc88a1347006a3323b3746d849234db40a8edfd5ebc436@%3Cdev.ws.apache.org%3E", }, { name: "GLSA-202107-52", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202107-52", }, { name: "[activemq-users] 20210830 Security issues", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r9dc2505651788ac668299774d9e7af4dc616be2f56fdc684d1170882@%3Cusers.activemq.apache.org%3E", }, { name: "[activemq-users] 20210831 RE: Security issues", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r52a5129df402352adc34d052bab9234c8ef63596306506a89fdc7328@%3Cusers.activemq.apache.org%3E", }, { name: "https://www.oracle.com/security-alerts/cpujan2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { name: "https://www.oracle.com/security-alerts/cpuapr2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, ], }, source: { discovery: "UNKNOWN", }, work_around: [ { lang: "en", value: "Applications using Apache Velocity that allow untrusted users to upload templates should upgrade to version 2.3. This version adds additional default restrictions on what methods/properties can be accessed in a template.", }, ], }, }, }, cveMetadata: { assignerOrgId: "f0158376-9dc2-43b6-827c-5f631a4d8d09", assignerShortName: "apache", cveId: "CVE-2020-13936", datePublished: "2021-03-10T08:00:19.000Z", dateReserved: "2020-06-08T00:00:00.000Z", dateUpdated: "2025-02-13T16:27:29.361Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2021-12-18 12:15
Modified
2024-11-21 06:31
Severity ?
Summary
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in Log4j 2.17.0, 2.12.3, and 2.3.1.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*", matchCriteriaId: "42BCB94E-86D2-4B98-B9E6-5789F2272692", versionEndExcluding: "2.3.1", versionStartIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*", matchCriteriaId: "19DA22A8-0B29-4181-B44E-57D28D9DB331", versionEndExcluding: "2.12.3", versionStartIncluding: "2.4", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*", matchCriteriaId: "61E2AC03-D49B-4A15-BDA4-61DAF142CEED", versionEndIncluding: "2.16.0", versionStartIncluding: "2.13.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:cloud_manager:-:*:*:*:*:*:*:*", matchCriteriaId: "197D0D80-6702-4B61-B681-AFDBA7D69067", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sonicwall:email_security:*:*:*:*:*:*:*:*", matchCriteriaId: "421BCD43-8ECC-4B1E-9F3E-C20BB2BC672A", versionEndIncluding: "10.0.12", vulnerable: true, }, { criteria: "cpe:2.3:a:sonicwall:network_security_manager:*:*:*:*:on-premises:*:*:*", matchCriteriaId: "1EA49667-8F94-4091-B9A9-A94318D83C24", versionEndExcluding: "3.0", versionStartIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:sonicwall:network_security_manager:*:*:*:*:saas:*:*:*", matchCriteriaId: "7C1B257C-9442-4C73-91CB-67893A78F0DF", versionEndExcluding: "3.0", versionStartIncluding: "2.0", vulnerable: true, }, { criteria: "cpe:2.3:a:sonicwall:web_application_firewall:*:*:*:*:*:*:*:*", matchCriteriaId: "AD1E667A-9CAA-4382-957A-E4F1A4960E0C", versionEndExcluding: "3.1.0", versionStartIncluding: "3.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:sonicwall:6bk1602-0aa12-0tp0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "B407FBDB-7900-4F69-B745-809277F26050", versionEndExcluding: "2.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:sonicwall:6bk1602-0aa12-0tp0:-:*:*:*:*:*:*:*", matchCriteriaId: "05AF56AD-FBAF-4AB8-B04D-1E28BF10B767", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:sonicwall:6bk1602-0aa22-0tp0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "E3103225-6440-43F4-9493-131878735B2A", versionEndExcluding: "2.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:sonicwall:6bk1602-0aa22-0tp0:-:*:*:*:*:*:*:*", matchCriteriaId: "2B3A0115-86AB-4677-A026-D99B971D9EF5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:sonicwall:6bk1602-0aa32-0tp0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "914A44DE-C4AA-45A0-AC26-5FAAF576130E", versionEndExcluding: "2.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:sonicwall:6bk1602-0aa32-0tp0:-:*:*:*:*:*:*:*", matchCriteriaId: "9D1C62CF-414A-4670-9F19-C11A381DB830", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:sonicwall:6bk1602-0aa42-0tp0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "75359CC5-58A7-4B5A-B9BF-BDE59552EF1C", versionEndExcluding: "2.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:sonicwall:6bk1602-0aa42-0tp0:-:*:*:*:*:*:*:*", matchCriteriaId: "706A3F00-8489-4735-B09B-34528F7C556A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:sonicwall:6bk1602-0aa52-0tp0_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "C23D02B7-C9A7-4ED9-AE71-765F01ACA55C", versionEndExcluding: "2.7.0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:sonicwall:6bk1602-0aa52-0tp0:-:*:*:*:*:*:*:*", matchCriteriaId: "E9DCB171-E4C8-4472-8023-20992ABB9348", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:agile_engineering_data_management:6.2.1.0:*:*:*:*:*:*:*", matchCriteriaId: "80C9DBB8-3D50-4D5D-859A-B022EB7C2E64", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*", matchCriteriaId: "C650FEDB-E903-4C2D-AD40-282AB5F2E3C2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:agile_plm_mcad_connector:3.6:*:*:*:*:*:*:*", matchCriteriaId: "B0C0714E-4255-4095-B26C-70EB193B8F98", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:autovue_for_agile_product_lifecycle_management:21.0.2:*:*:*:*:*:*:*", matchCriteriaId: "97994257-C9A4-4491-B362-E8B25B7187AB", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_deposits_and_lines_of_credit_servicing:2.12.0:*:*:*:*:*:*:*", matchCriteriaId: "1F834ACC-D65B-4CA3-91F1-415CBC6077E2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_enterprise_default_management:2.7.1:*:*:*:*:*:*:*", matchCriteriaId: "473749BD-267E-480F-8E7F-C762702DB66E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_enterprise_default_management:2.12.0:*:*:*:*:*:*:*", matchCriteriaId: "320D36DA-D99F-4149-B582-3F4AB2F41A1B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_loans_servicing:2.12.0:*:*:*:*:*:*:*", matchCriteriaId: "5E502A46-BAF4-4558-BC8F-9F014A2FB26A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_party_management:2.7.0:*:*:*:*:*:*:*", matchCriteriaId: "C542DC5E-6657-4178-9C69-46FD3C187D56", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_payments:14.5:*:*:*:*:*:*:*", matchCriteriaId: "633E5B20-A7A7-4346-A71D-58121B006D00", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*", matchCriteriaId: "132CE62A-FBFC-4001-81EC-35D81F73AF48", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_platform:2.7.1:*:*:*:*:*:*:*", matchCriteriaId: "645AA3D1-C8B5-4CD2-8ACE-31541FA267F0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_platform:2.12.0:*:*:*:*:*:*:*", matchCriteriaId: "BDC6D658-09EA-4C41-869F-1C2EA163F751", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_trade_finance:14.5:*:*:*:*:*:*:*", matchCriteriaId: "64750C01-21AC-4947-B674-6690EAAAC5DB", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_treasury_management:14.5:*:*:*:*:*:*:*", matchCriteriaId: "3C3D0063-9458-4018-9B92-79A219716C10", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:business_intelligence:5.5.0.0.0:*:*:*:enterprise:*:*:*", matchCriteriaId: "D40AD626-B23A-44A3-A6C0-1FFB4D647AE4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_asap:7.3:*:*:*:*:*:*:*", matchCriteriaId: "3141B86F-838D-491A-A8ED-3B7C54EA89C1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4:*:*:*:*:*:*:*", matchCriteriaId: "B465F237-0271-4389-8035-89C07A52350D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.5:*:*:*:*:*:*:*", matchCriteriaId: "123CB9B5-C800-47FD-BD0C-BE44198E97E2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:*:*:*:*:*:*:*", matchCriteriaId: "DAAB7154-4DE8-4806-86D0-C1D33B84417B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:*", matchCriteriaId: "C2A5B24D-BDF2-423C-98EA-A40778C01A05", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.0:*:*:*:*:*:*:*", matchCriteriaId: "6F60E32F-0CA0-4C2D-9848-CB92765A9ACB", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.1:*:*:*:*:*:*:*", matchCriteriaId: "DF616620-88CE-4A77-B904-C1728A2E6F9B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:*:*:*:*:*:*:*", matchCriteriaId: "3AA09838-BF13-46AC-BB97-A69F48B73A8A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*", matchCriteriaId: "B4367D9B-BF81-47AD-A840-AC46317C774D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.7.0:*:*:*:*:*:*:*", matchCriteriaId: "BD4349FE-EEF8-489A-8ABF-5FCD55EC6DE0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.15.0:*:*:*:*:*:*:*", matchCriteriaId: "175B97A7-0B00-4378-AD9F-C01B6D9FD570", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.15.0:*:*:*:*:*:*:*", matchCriteriaId: "C6EAA723-2A23-4151-930B-86ACF9CC1C0C", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_convergence:3.0.2.2.0:*:*:*:*:*:*:*", matchCriteriaId: "7DF939F5-C0E1-40A4-95A2-0CE7A03AB4EE", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_convergence:3.0.3.0:*:*:*:*:*:*:*", matchCriteriaId: "EEC452FA-D1D5-4175-9371-F6055818192E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_convergent_charging_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "0172500D-DE51-44E0-91E8-C8F36617C1F8", versionEndIncluding: "12.0.4.0.0", versionStartIncluding: "12.0.1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "E99E7D49-AE53-4D16-AB24-EBEAAD084289", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*", matchCriteriaId: "F9550113-7423-48D8-A1C7-95D6AEE9B33C", versionEndIncluding: "8.5.1.0", versionStartIncluding: "8.3.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6:*:*:*:*:*:*:*", matchCriteriaId: "7FDD479D-9070-42E2-A8B1-9497BC4C0CF4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_eagle_ftp_table_base_retrieval:4.5:*:*:*:*:*:*:*", matchCriteriaId: "C68536CA-C7E2-4228-A6B8-F0DB6A9D29EC", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "02712DD6-D944-4452-8015-000B9851D257", versionEndExcluding: "9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:*:*:*:*:*:*:*", matchCriteriaId: "987811D5-DA5E-493D-8709-F9231A84E5F9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:*:*:*:*:*:*:*", matchCriteriaId: "46E23F2E-6733-45AF-9BD9-1A600BD278C8", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*", matchCriteriaId: "E812639B-EE28-4C68-9F6F-70C8BF981C86", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:*:*:*:*:*:*:*", matchCriteriaId: "DE7A60DB-A287-4E61-8131-B6314007191B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_messaging_server:8.1:*:*:*:*:*:*:*", matchCriteriaId: "E1214FDF-357A-4BB9-BADE-50FB2BD16D10", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_network_charging_and_control:*:*:*:*:*:*:*:*", matchCriteriaId: "26940103-F37C-4FBD-BDFD-528A497209D6", versionEndIncluding: "12.0.4.0.0", versionStartIncluding: "12.0.1.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "EB9047B1-DA8C-4BFD-BE41-728BD7ECF3E6", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_network_integrity:7.3.6:*:*:*:*:*:*:*", matchCriteriaId: "B21E6EEF-2AB7-4E96-B092-1F49D11B4175", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_performance_intelligence_center:10.4.0.3:*:*:*:*:*:*:*", matchCriteriaId: "00E9A2B1-7562-4E6B-AE25-1B647F24EFDF", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4:*:*:*:*:*:*:*", matchCriteriaId: "D6BDB265-293F-4F27-8CE0-576DF3ECD3BC", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.5:*:*:*:*:*:*:*", matchCriteriaId: "53600579-4542-4D80-A93C-3E45938C749D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_service_broker:6.2:*:*:*:*:*:*:*", matchCriteriaId: "E6235EAE-47DD-4292-9941-6FF8D0A83843", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*", matchCriteriaId: "062E4E7C-55BB-46F3-8B61-5A663B565891", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "274BCA96-2E6A-4B77-B69E-E2093A668D28", versionEndExcluding: "9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "8D4B738B-08CF-44F6-A939-39F5BEAF03B2", versionEndExcluding: "9.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.5:*:*:*:*:*:*:*", matchCriteriaId: "17A91FD9-9F77-42D3-A4D9-48BC7568ADE1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*", matchCriteriaId: "A7637F8B-15F1-42E2-BE18-E1FF7C66587D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*", matchCriteriaId: "E43D793A-7756-4D58-A8ED-72DC4EC9CEA7", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_user_data_repository:12.4:*:*:*:*:*:*:*", matchCriteriaId: "0FAF2403-99A1-4DBC-BAC4-35D883D8E5D4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "A4AA6214-A85D-4BF4-ABBF-0E4F8B7DA817", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "1F05AF4B-A747-4314-95AE-F8495479AB3E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:data_integrator:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "9901F6BA-78D5-45B8-9409-07FF1C6DDD38", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "9FADE563-5AAA-42FF-B43F-35B20A2386C9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:e-business_suite:12.2:*:*:*:*:*:*:*", matchCriteriaId: "4B3C968F-4038-4A8D-A345-8CD3F73A653B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "D26F3E23-F1A9-45E7-9E5F-0C0A24EE3783", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.5.0.0:*:*:*:*:*:*:*", matchCriteriaId: "6E8758C8-87D3-450A-878B-86CE8C9FC140", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.4.1.1:*:*:*:*:*:*:*", matchCriteriaId: "615C7D0D-A9D5-43BA-AF61-373EC1095354", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.5.1.1:*:*:*:*:*:*:*", matchCriteriaId: "6F772DC1-F93E-43A4-81DA-A2A1E204C5D5", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*", matchCriteriaId: "B095CC03-7077-4A58-AB25-CC5380CDCE5A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*", matchCriteriaId: "7EA4D3C5-6A7C-4421-88EF-445A96DBCE0C", versionEndIncluding: "8.1.1", versionStartIncluding: "8.0.7", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.0.8.0.0:*:*:*:*:*:*:*", matchCriteriaId: "F033C6C8-61D9-41ED-94E6-63BE7BA22EFC", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.0.0.0:*:*:*:*:*:*:*", matchCriteriaId: "4B829B72-7DE0-415F-A1AF-51637F134B76", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_model_management_and_governance:8.1.1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "FF8DC5FD-09DE-446F-879B-DB86C0CC95B4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:flexcube_universal_banking:*:*:*:*:*:*:*:*", matchCriteriaId: "B0148D20-089E-4C19-8CA3-07598D8AFBF1", versionEndIncluding: "12.4", versionStartIncluding: "12.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:flexcube_universal_banking:*:*:*:*:*:*:*:*", matchCriteriaId: "54BE0CCE-8216-4CCF-96E1-38EF76124368", versionEndIncluding: "14.3.0", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:flexcube_universal_banking:11.83.3:*:*:*:*:*:*:*", matchCriteriaId: "0017AE8C-DBCA-46B4-A036-DF0E289199D4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:flexcube_universal_banking:14.5:*:*:*:*:*:*:*", matchCriteriaId: "609645BF-B34F-40AC-B9C9-C3FB870F4ED2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:health_sciences_empirica_signal:9.1.0.6:*:*:*:*:*:*:*", matchCriteriaId: "67013CB6-5FA6-438B-A131-5AEDEBC66723", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:health_sciences_empirica_signal:9.2.0.0:*:*:*:*:*:*:*", matchCriteriaId: "8FC5F6E6-3515-439B-9665-3B6151CEF577", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:health_sciences_inform:6.2.1.1:*:*:*:*:*:*:*", matchCriteriaId: "4CB4F0E6-3B36-4736-B2F2-CB2A16309F8D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:health_sciences_inform:6.3.2.1:*:*:*:*:*:*:*", matchCriteriaId: "0E72CF27-6E5F-404E-B5DF-B470C99AF5E8", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:health_sciences_inform:7.0.0.0:*:*:*:*:*:*:*", matchCriteriaId: "51BCEC65-25B7-480C-860C-9D97F78CCE3F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:health_sciences_information_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "16AEA21E-0B11-44A5-8BFB-550521D8E0D5", versionEndIncluding: "3.0.4", versionStartIncluding: "3.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:healthcare_data_repository:8.1.1:*:*:*:*:*:*:*", matchCriteriaId: "BA92E70A-2249-4144-B0B8-35501159ADB3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:healthcare_foundation:*:*:*:*:*:*:*:*", matchCriteriaId: "9F69F8F6-BA2D-4DC6-BAB2-B9155F8B45CD", versionEndIncluding: "7.3.0.4", versionStartIncluding: "7.3.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:healthcare_master_person_index:5.0.1:*:*:*:*:*:*:*", matchCriteriaId: "10774601-93C3-4938-A3E7-3C3D97A6F73C", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:healthcare_translational_research:4.1.0:*:*:*:*:*:*:*", matchCriteriaId: "523391D8-CB84-4EBD-B337-6A99F52E537F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:healthcare_translational_research:4.1.1:*:*:*:*:*:*:*", matchCriteriaId: "B0A3C700-710A-4A0A-A2D4-ABB7AAC9B128", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_suite8:8.13.0:*:*:*:*:*:*:*", matchCriteriaId: "D4833DCA-FC54-4F89-B2DF-8E39C9C49DF6", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_suite8:8.14.0:*:*:*:*:*:*:*", matchCriteriaId: "AD7E9060-BA5B-4682-AC0D-EE5105AD0332", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_token_proxy_service:19.2:*:*:*:*:*:*:*", matchCriteriaId: "E7D45E2D-241B-4839-B255-A81107BF94BF", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hyperion_bi\\+:*:*:*:*:*:*:*:*", matchCriteriaId: "9C083F1E-8BF2-48C7-92FB-BD105905258E", versionEndExcluding: "11.2.8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hyperion_data_relationship_management:*:*:*:*:*:*:*:*", matchCriteriaId: "E8E7FBA9-0FFF-4C86-B151-28C17A142E0B", versionEndExcluding: "11.2.8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hyperion_infrastructure_technology:*:*:*:*:*:*:*:*", matchCriteriaId: "55BBCD48-BCC6-4E19-A4CE-970E524B9FF4", versionEndExcluding: "11.2.8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hyperion_planning:*:*:*:*:*:*:*:*", matchCriteriaId: "C3E11E28-78AA-42BB-927D-D22CBDDD62B9", versionEndExcluding: "11.2.8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hyperion_profitability_and_cost_management:*:*:*:*:*:*:*:*", matchCriteriaId: "30927787-2815-4BEF-A7C2-960F92238303", versionEndExcluding: "11.2.8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hyperion_tax_provision:*:*:*:*:*:*:*:*", matchCriteriaId: "C0ABD2DC-9357-4097-BE62-BB7A4988A01F", versionEndExcluding: "11.2.8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:identity_management_suite:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "1489DDA7-EDBE-404C-B48D-F0B52B741708", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:identity_management_suite:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "535BC19C-21A1-48E3-8CC0-B276BA5D494E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:identity_manager_connector:9.1.0:*:*:*:*:*:*:*", matchCriteriaId: "8508EF23-43DC-431F-B410-FD0BA897C371", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*", matchCriteriaId: "82EA4BA7-C38B-4AF3-8914-9E3D089EBDD4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*", matchCriteriaId: "B9C9BC66-FA5F-4774-9BDA-7AB88E2839C4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:instantis_enterprisetrack:17.3:*:*:*:*:*:*:*", matchCriteriaId: "7F69B9A5-F21B-4904-9F27-95C0F7A628E3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:insurance_data_gateway:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "1B85A426-5714-4CEA-8A97-720F882B2D58", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:*", matchCriteriaId: "604FBBC9-04DC-49D2-AB7A-6124256431AF", versionEndIncluding: "5.6.0.0", versionStartIncluding: "5.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.2.0:*:*:*:*:*:*:*", matchCriteriaId: "428D2B1D-CFFD-49D1-BC05-2D85D22004DE", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:*", matchCriteriaId: "5B8AA91A-1880-43CD-938D-48EF58ACF2CF", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "335AB6A7-3B1F-4FA8-AF08-7D64C16C4B04", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:managed_file_transfer:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "A2E3E923-E2AD-400D-A618-26ADF7F841A2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "9AB58D27-37F2-4A32-B786-3490024290A1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:management_cloud_engine:1.5.0:*:*:*:*:*:*:*", matchCriteriaId: "3F66C747-733F-46A1-9A6B-EEB1A1AEC45D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*", matchCriteriaId: "B0EBAC6D-D0CE-42A1-AEA0-2D50C8035747", versionEndIncluding: "8.0.29", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:payment_interface:19.1:*:*:*:*:*:*:*", matchCriteriaId: "5D01A0EC-3846-4A74-A174-3797078DC699", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:payment_interface:20.3:*:*:*:*:*:*:*", matchCriteriaId: "03E5FCFB-093A-48E9-8A4E-34C993D2764E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", matchCriteriaId: "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*", matchCriteriaId: "C8AF00C6-B97F-414D-A8DF-057E6BFD8597", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "8B1C88FD-C2EC-4C96-AC7E-6F95C8763B48", versionEndIncluding: "17.12.11", versionStartIncluding: "17.12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "A621A5AE-6974-4BA5-B1AC-7130A46F68F5", versionEndIncluding: "18.8.13", versionStartIncluding: "18.8.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "4096281D-2EBA-490D-8180-3C9D05EB890A", versionEndIncluding: "19.12.12", versionStartIncluding: "19.12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", matchCriteriaId: "E6B70E72-B9FC-4E49-8EDD-29C7E14F5792", versionEndIncluding: "20.12.7", versionStartIncluding: "20.12.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:*", matchCriteriaId: "15F45363-236B-4040-8AE4-C6C0E204EDBA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*", matchCriteriaId: "AD0DEC50-F4CD-4ACA-A118-D4F0D4F4C981", versionEndIncluding: "19.12.18.0", versionStartIncluding: "19.12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*", matchCriteriaId: "651104CE-0569-4E6D-ACAB-AD2AC85084DD", versionEndIncluding: "20.12.12.0", versionStartIncluding: "20.12.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:21.12.0.0:*:*:*:*:*:*:*", matchCriteriaId: "45D89239-9142-46BD-846D-76A5A74A67B1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*", matchCriteriaId: "202AD518-2E9B-4062-B063-9858AE1F9CE2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*", matchCriteriaId: "10864586-270E-4ACF-BDCC-ECFCD299305F", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*", matchCriteriaId: "38340E3C-C452-4370-86D4-355B6B4E0A06", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*", matchCriteriaId: "E9C55C69-E22E-4B80-9371-5CD821D79FE2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*", matchCriteriaId: "F0735989-13BD-40B3-B954-AC0529C5B53D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_central_office:14.1:*:*:*:*:*:*:*", matchCriteriaId: "58405263-E84C-4071-BB23-165D49034A00", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_customer_insights:15.0.2:*:*:*:*:*:*:*", matchCriteriaId: "3D1C35DF-D30D-42C8-B56D-C809609AB2A4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_customer_insights:16.0.2:*:*:*:*:*:*:*", matchCriteriaId: "834B4CE7-042E-489F-AE19-0EEA2C37E7A8", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_data_extractor_for_merchandising:15.0.2:*:*:*:*:*:*:*", matchCriteriaId: "82653579-FF7D-4492-9CA2-B3DF6A708831", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_data_extractor_for_merchandising:16.0.2:*:*:*:*:*:*:*", matchCriteriaId: "32D2EB48-F9A2-4D23-81C5-4B30F2D785DF", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_eftlink:16.0.3:*:*:*:*:*:*:*", matchCriteriaId: "F3796186-D3A7-4259-846B-165AD9CEB7F1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_eftlink:17.0.2:*:*:*:*:*:*:*", matchCriteriaId: "CEDA5540-692D-47DA-9F68-83158D9AE628", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_eftlink:18.0.1:*:*:*:*:*:*:*", matchCriteriaId: "C5435583-C454-4AC9-8A35-D2D30EB252EE", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_eftlink:19.0.1:*:*:*:*:*:*:*", matchCriteriaId: "A2140357-503A-4D2A-A099-CFA4DC649E41", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_eftlink:20.0.1:*:*:*:*:*:*:*", matchCriteriaId: "6BAE5686-8E11-4EF1-BC7E-5C565F2440C7", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_eftlink:21.0.0:*:*:*:*:*:*:*", matchCriteriaId: "F4B95628-F108-424A-8C19-40A5F5B7D37B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_financial_integration:*:*:*:*:*:*:*:*", matchCriteriaId: "1E03B340-8C77-4DFA-8536-C57656E237D0", versionEndIncluding: "16.0.3", versionStartIncluding: "16.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_financial_integration:14.1.3.2:*:*:*:*:*:*:*", matchCriteriaId: "798E4FEE-9B2B-436E-A2B3-B8AA1079892A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_financial_integration:15.0.3.1:*:*:*:*:*:*:*", matchCriteriaId: "CB86F6C3-981E-4ECA-A5EB-9A9CD73D70C9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_financial_integration:19.0.0:*:*:*:*:*:*:*", matchCriteriaId: "4B7B0B33-2361-4CF5-8075-F609858A582E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_financial_integration:19.0.1:*:*:*:*:*:*:*", matchCriteriaId: "7435071D-0C95-4686-A978-AFC4C9A0D0FE", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_integration_bus:*:*:*:*:*:*:*:*", matchCriteriaId: "A921C710-1C59-429F-B985-67C0DBFD695E", versionEndIncluding: "16.0.3", versionStartIncluding: "16.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_integration_bus:*:*:*:*:*:*:*:*", matchCriteriaId: "B9E458AF-0EEC-453E-AA9D-6C79211000AC", versionEndIncluding: "19.0.1.0", versionStartIncluding: "19.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_integration_bus:14.1.3:*:*:*:*:*:*:*", matchCriteriaId: "F1AFAE16-B69F-410A-8CE3-1CDD998A8433", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_integration_bus:14.1.3.2:*:*:*:*:*:*:*", matchCriteriaId: "8CFCE558-9972-46A2-8539-C16044F1BAA9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_integration_bus:15.0.3.1:*:*:*:*:*:*:*", matchCriteriaId: "A1194C4E-CF42-4B4D-BA9A-40FDD28F1D58", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_integration_bus:19.0.0:*:*:*:*:*:*:*", matchCriteriaId: "DFDF4CB0-4680-449A-8576-915721D59500", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_integration_bus:19.0.1:*:*:*:*:*:*:*", matchCriteriaId: "BD311C33-A309-44D5-BBFB-539D72C7F8C4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_invoice_matching:15.0.3:*:*:*:*:*:*:*", matchCriteriaId: "A0472632-4104-4397-B619-C4E86A748465", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_invoice_matching:16.0.3:*:*:*:*:*:*:*", matchCriteriaId: "48E25E7C-F7E8-4739-8251-00ACD11C12FE", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_merchandising_system:16.0.3:*:*:*:*:*:*:*", matchCriteriaId: "F8383028-B719-41FD-9B6A-71F8EB4C5F8D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_merchandising_system:19.0.1:*:*:*:*:*:*:*", matchCriteriaId: "AE1BC44A-F0AF-41CD-9CEB-B07AB5ADAB38", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:*", matchCriteriaId: "38E74E68-7F19-4EF3-AC00-3C249EAAA39E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_order_broker:18.0:*:*:*:*:*:*:*", matchCriteriaId: "0783F0D1-8FAC-4BCA-A6F5-C5C60E86D56D", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_order_broker:19.1:*:*:*:*:*:*:*", matchCriteriaId: "C7BD0D41-1BED-4C4F-95C8-8987C98908DA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_order_management_system:19.5:*:*:*:*:*:*:*", matchCriteriaId: "99B5DC78-1C24-4F2B-A254-D833FAF47013", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_point-of-service:14.1:*:*:*:*:*:*:*", matchCriteriaId: "E13DF2AE-F315-4085-9172-6C8B21AF1C9E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_predictive_application_server:14.1.3.46:*:*:*:*:*:*:*", matchCriteriaId: "9002379B-4FDA-44F3-98EB-0C9B6083E429", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3.115:*:*:*:*:*:*:*", matchCriteriaId: "476B038D-7F60-482D-87AD-B58BEA35558E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_predictive_application_server:16.0.3.240:*:*:*:*:*:*:*", matchCriteriaId: "AB86C644-7B79-4F87-A06D-C178E8C2B8B4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_price_management:13.2:*:*:*:*:*:*:*", matchCriteriaId: "C19C5CC9-544A-4E4D-8F0A-579BB5270F07", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_price_management:14.0.4:*:*:*:*:*:*:*", matchCriteriaId: "3E1A9B0C-735A-40B4-901C-663CF5162E96", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_price_management:14.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "0791694C-9B4E-42EA-8F6C-899B43B6D769", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_price_management:15.0.3.0:*:*:*:*:*:*:*", matchCriteriaId: "312992F0-E65A-4E38-A44C-363A7E157CE4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_price_management:16.0.3.0:*:*:*:*:*:*:*", matchCriteriaId: "E1940FD6-39FA-4F92-9625-F215D8051E80", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:*", matchCriteriaId: "BDB925C6-2CBC-4D88-B9EA-F246F4F7A206", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_service_backbone:*:*:*:*:*:*:*:*", matchCriteriaId: "0CE45891-A6A5-4699-90A6-6F49E60A7987", versionEndIncluding: "16.0.3", versionStartIncluding: "16.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_service_backbone:14.1.3:*:*:*:*:*:*:*", matchCriteriaId: "D7FCC976-615C-4DE5-9F50-1B25E9553962", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_service_backbone:14.1.3.2:*:*:*:*:*:*:*", matchCriteriaId: "E702EBED-DB39-4084-84B1-258BC5FE7545", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_service_backbone:15.0.3.1:*:*:*:*:*:*:*", matchCriteriaId: "3F7956BF-D5B6-484B-999C-36B45CD8B75B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_service_backbone:19.0.0:*:*:*:*:*:*:*", matchCriteriaId: "0D14A54A-4B04-41DE-B731-844D8AC3BE23", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_service_backbone:19.0.1:*:*:*:*:*:*:*", matchCriteriaId: "9DA6B655-A445-42E5-B6D9-70AB1C04774A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_service_backbone:19.0.1.0:*:*:*:*:*:*:*", matchCriteriaId: "5D57F5CB-E566-450F-B7D7-DD771F7C746C", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_store_inventory_management:14.0.4.13:*:*:*:*:*:*:*", matchCriteriaId: "88458537-6DE8-4D79-BC71-9D08883AD0C1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_store_inventory_management:14.1.3.5:*:*:*:*:*:*:*", matchCriteriaId: "2E310654-0793-41CC-B049-C754AC31D016", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_store_inventory_management:14.1.3.14:*:*:*:*:*:*:*", matchCriteriaId: "4C5B22C6-97AF-4D1B-84C9-987C6F62C401", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_store_inventory_management:15.0.3.3:*:*:*:*:*:*:*", matchCriteriaId: "FFD9AAE5-9472-49C6-B054-DB76BEB86D35", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_store_inventory_management:15.0.3.8:*:*:*:*:*:*:*", matchCriteriaId: "A104FDBD-0B28-44EE-91A0-A0C8939865A3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_store_inventory_management:16.0.3.7:*:*:*:*:*:*:*", matchCriteriaId: "C2D60A4D-BB4F-4177-AFA8-A8DC8C111FB3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:siebel_ui_framework:*:*:*:*:*:*:*:*", matchCriteriaId: "889916ED-5EB2-49D6-8400-E6DBBD6C287F", versionEndIncluding: "21.12", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:sql_developer:*:*:*:*:*:*:*:*", matchCriteriaId: "1C470BAD-F7E2-4802-B1BE-E71EBB073DA1", versionEndExcluding: "21.4.2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:taleo_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "4E1A18FB-85E6-4C5D-8F8A-12F86EDC6A2D", versionEndExcluding: "22.1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:*", matchCriteriaId: "51309958-121D-4649-AB9A-EBFA3A49F7CB", versionEndIncluding: "4.3.0.6.0", versionStartIncluding: "4.3.0.1.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*", matchCriteriaId: "3F906F04-39E4-4BE4-8A73-9D058AAADB43", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:utilities_framework:4.4.0.2.0:*:*:*:*:*:*:*", matchCriteriaId: "7B393A82-476A-4270-A903-38ED4169E431", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:utilities_framework:4.4.0.3.0:*:*:*:*:*:*:*", matchCriteriaId: "85CAE52B-C2CA-4C6B-A0B7-2B9D6F0499E2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "D6A4F71A-4269-40FC-8F61-1D1301F2B728", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "5A502118-5B2B-47AE-82EC-1999BD841103", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "D551CAB1-4312-44AA-BDA8-A030817E153A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "174A6D2E-E42E-4C92-A194-C6A820CD7EF4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "F14A818F-AA16-4438-A3E4-E64C9287AC66", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "04BCDC24-4A21-473C-8733-0D9CFB38A752", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in Log4j 2.17.0, 2.12.3, and 2.3.1.", }, { lang: "es", value: "Apache Log4j2 versiones 2.0-alpha1 hasta 2.16.0 (excluyendo las versiones 2.12.3 y 2.3.1) no protegían de la recursión no controlada de las búsquedas autorreferenciales. Esto permite a un atacante con control sobre los datos de Thread Context Map causar una denegación de servicio cuando es interpretada una cadena diseñada. Este problema se ha corregido en Log4j versiones 2.17.0, 2.12.3 y 2.3.1", }, ], id: "CVE-2021-45105", lastModified: "2024-11-21T06:31:58.170", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-18T12:15:07.433", references: [ { source: "security@apache.org", tags: [ "Mailing List", "Mitigation", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/19/1", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf", }, { source: "security@apache.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://logging.apache.org/log4j/2.x/security.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211218-0001/", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5024", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/930724", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1541/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Mitigation", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/12/19/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://logging.apache.org/log4j/2.x/security.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20211218-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2021/dsa-5024", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/930724", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-21-1541/", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, { lang: "en", value: "CWE-674", }, ], source: "security@apache.org", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, { lang: "en", value: "CWE-674", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-03-10 08:15
Modified
2024-11-21 05:02
Severity ?
Summary
An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache Velocity Engine versions up to 2.2.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:velocity_engine:*:*:*:*:*:*:*:*", matchCriteriaId: "DE517B12-7101-4325-9037-A0839126C725", versionEndExcluding: "2.3", vulnerable: true, }, { criteria: "cpe:2.3:a:apache:wss4j:2.3.1:*:*:*:*:*:*:*", matchCriteriaId: "9F17078E-4D83-49E7-99CE-5174C073DD68", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:banking_deposits_and_lines_of_credit_servicing:2.12.0:*:*:*:*:*:*:*", matchCriteriaId: "1F834ACC-D65B-4CA3-91F1-415CBC6077E2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_enterprise_default_management:*:*:*:*:*:*:*:*", matchCriteriaId: "0445461D-21F4-4744-91E3-A92C673E947D", versionEndIncluding: "2.4.1", versionStartIncluding: "2.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_enterprise_default_management:2.6.2:*:*:*:*:*:*:*", matchCriteriaId: "E60C0966-BF0D-4D18-B09B-5D0BB96DBFF3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_enterprise_default_management:2.7.1:*:*:*:*:*:*:*", matchCriteriaId: "473749BD-267E-480F-8E7F-C762702DB66E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_enterprise_default_management:2.10.0:*:*:*:*:*:*:*", matchCriteriaId: "74C7E2F1-17FC-4322-A5C3-F7EB612BA4F5", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_enterprise_default_management:2.12.0:*:*:*:*:*:*:*", matchCriteriaId: "320D36DA-D99F-4149-B582-3F4AB2F41A1B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_loans_servicing:2.12.0:*:*:*:*:*:*:*", matchCriteriaId: "5E502A46-BAF4-4558-BC8F-9F014A2FB26A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_party_management:2.7.0:*:*:*:*:*:*:*", matchCriteriaId: "C542DC5E-6657-4178-9C69-46FD3C187D56", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:*", matchCriteriaId: "6D0F559E-0790-461B-ACED-5B00F4D40893", versionEndIncluding: "2.4.1", versionStartIncluding: "2.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*", matchCriteriaId: "132CE62A-FBFC-4001-81EC-35D81F73AF48", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_platform:2.7.1:*:*:*:*:*:*:*", matchCriteriaId: "645AA3D1-C8B5-4CD2-8ACE-31541FA267F0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*", matchCriteriaId: "4479F76A-4B67-41CC-98C7-C76B81050F8E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:communications_network_integrity:7.3.6:*:*:*:*:*:*:*", matchCriteriaId: "B21E6EEF-2AB7-4E96-B092-1F49D11B4175", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_token_proxy_service:19.2:*:*:*:*:*:*:*", matchCriteriaId: "E7D45E2D-241B-4839-B255-A81107BF94BF", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_integration_bus:19.0.1:*:*:*:*:*:*:*", matchCriteriaId: "BD311C33-A309-44D5-BBFB-539D72C7F8C4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:*", matchCriteriaId: "38E74E68-7F19-4EF3-AC00-3C249EAAA39E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_service_backbone:19.0.1:*:*:*:*:*:*:*", matchCriteriaId: "9DA6B655-A445-42E5-B6D9-70AB1C04774A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_xstore_office_cloud_service:16.0.6:*:*:*:*:*:*:*", matchCriteriaId: "2DEDDCE7-7763-4F8B-AB25-EC3D8899303A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_xstore_office_cloud_service:17.0.4:*:*:*:*:*:*:*", matchCriteriaId: "45F95965-9958-4F05-819D-C59FAE2E1D4E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_xstore_office_cloud_service:18.0.3:*:*:*:*:*:*:*", matchCriteriaId: "E7E4D2EE-7439-4958-9503-9A3974DC86D0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_xstore_office_cloud_service:19.0.2:*:*:*:*:*:*:*", matchCriteriaId: "D8F03331-16D3-440F-9577-D2A7835F7638", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_xstore_office_cloud_service:20.0.1:*:*:*:*:*:*:*", matchCriteriaId: "1E6216CE-BB56-4996-B6C1-D461EEFD496E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.1.1:*:*:*:*:*:*:*", matchCriteriaId: "A3ED272C-A545-4F8C-86C0-2736B3F2DCAF", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.2.2:*:*:*:*:*:*:*", matchCriteriaId: "C5B4C338-11E1-4235-9D5A-960B2711AC39", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.3.1:*:*:*:*:*:*:*", matchCriteriaId: "8C93F84E-9680-44EF-8656-D27440B51698", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache Velocity Engine versions up to 2.2.", }, { lang: "es", value: "Un atacante que es capaz de modificar las plantillas de Velocity puede ejecutar código Java arbitrario o ejecutar comandos de sistema arbitrarios con los mismos privilegios que la cuenta que ejecuta el contenedor Servlet. Esto se aplica a las aplicaciones que permiten a usuarios no confiables cargar y modificar plantillas de velocidad que ejecutan versiones de Apache Velocity Engine versiones hasta la 2.2", }, ], id: "CVE-2020-13936", lastModified: "2024-11-21T05:02:11.127", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-03-10T08:15:14.103", references: [ { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/03/10/1", }, { source: "security@apache.org", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread.html/r01043f584cbd47959fabe18fff64de940f81a65024bb8dddbda31d9a%40%3Cuser.velocity.apache.org%3E", }, { source: "security@apache.org", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread.html/r01043f584cbd47959fabe18fff64de940f81a65024bb8dddbda31d9a%40%3Cuser.velocity.apache.org%3E", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/r0bc98e9cd080b4a13b905c571b9bed87e1a0878d44dbf21487c6cca4%40%3Cdev.santuario.apache.org%3E", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/r17cb932fab14801b14e5b97a7f05192f4f366ef260c10d4a8dba8ac9%40%3Cdev.ws.apache.org%3E", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/r293284c6806c73f51098001ea86a14271c39f72cd76af9e946d9d9ad%40%3Cdev.ws.apache.org%3E", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/r39de20c7e9c808b1f96790875d33e58c9c0aabb44fd9227e7b3dc5da%40%3Cdev.ws.apache.org%3E", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/r3ea4c4c908505b20a4c268330dfe7188b90c84dcf777728d02068ae6%40%3Cannounce.apache.org%3E", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/r4cd59453b65d4ac290fcb3b71fdf32b4f1f8989025e89558deb5a245%40%3Cdev.ws.apache.org%3E", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/r52a5129df402352adc34d052bab9234c8ef63596306506a89fdc7328%40%3Cusers.activemq.apache.org%3E", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/r7f209b837217d2a0fe5977fb692e7f15d37fa5de8214bcdc4c21d9a7%40%3Ccommits.turbine.apache.org%3E", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/r9dc2505651788ac668299774d9e7af4dc616be2f56fdc684d1170882%40%3Cusers.activemq.apache.org%3E", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/rb042f3b0090e419cc9f5a3d32cf0baff283ccd6fcb1caea61915d6b6%40%3Ccommits.velocity.apache.org%3E", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/rbee7270556f4172322936b5ecc9fabf0c09f00d4fa56c9de1963c340%40%3Cdev.ws.apache.org%3E", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/rd2a89e17e8a9b451ce655f1a34117752ea1d18a22ce580d8baa824fd%40%3Ccommits.druid.apache.org%3E", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/rd7e865c87f9043c21d9c1fd9d4df866061d9a08cfc322771160d8058%40%3Cdev.ws.apache.org%3E", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/re641197d204765130618086238c73dd2ce5a3f94b33785b587d72726%40%3Cdev.ws.apache.org%3E", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/re8e7482fe54d289fc0229e61cc64947b63b12c3c312e9f25bf6f3b8c%40%3Cdev.ws.apache.org%3E", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/reab5978b54a9f4c078402161e30a89c42807b198814acadbe6c862c7%40%3Cdev.ws.apache.org%3E", }, { source: "security@apache.org", url: "https://lists.apache.org/thread.html/rf7d369de88dc88a1347006a3323b3746d849234db40a8edfd5ebc436%40%3Cdev.ws.apache.org%3E", }, { source: "security@apache.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00019.html", }, { source: "security@apache.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202107-52", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "security@apache.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/03/10/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread.html/r01043f584cbd47959fabe18fff64de940f81a65024bb8dddbda31d9a%40%3Cuser.velocity.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Vendor Advisory", ], url: "https://lists.apache.org/thread.html/r01043f584cbd47959fabe18fff64de940f81a65024bb8dddbda31d9a%40%3Cuser.velocity.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r0bc98e9cd080b4a13b905c571b9bed87e1a0878d44dbf21487c6cca4%40%3Cdev.santuario.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r17cb932fab14801b14e5b97a7f05192f4f366ef260c10d4a8dba8ac9%40%3Cdev.ws.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r293284c6806c73f51098001ea86a14271c39f72cd76af9e946d9d9ad%40%3Cdev.ws.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r39de20c7e9c808b1f96790875d33e58c9c0aabb44fd9227e7b3dc5da%40%3Cdev.ws.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r3ea4c4c908505b20a4c268330dfe7188b90c84dcf777728d02068ae6%40%3Cannounce.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r4cd59453b65d4ac290fcb3b71fdf32b4f1f8989025e89558deb5a245%40%3Cdev.ws.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r52a5129df402352adc34d052bab9234c8ef63596306506a89fdc7328%40%3Cusers.activemq.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r7f209b837217d2a0fe5977fb692e7f15d37fa5de8214bcdc4c21d9a7%40%3Ccommits.turbine.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r9dc2505651788ac668299774d9e7af4dc616be2f56fdc684d1170882%40%3Cusers.activemq.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rb042f3b0090e419cc9f5a3d32cf0baff283ccd6fcb1caea61915d6b6%40%3Ccommits.velocity.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rbee7270556f4172322936b5ecc9fabf0c09f00d4fa56c9de1963c340%40%3Cdev.ws.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rd2a89e17e8a9b451ce655f1a34117752ea1d18a22ce580d8baa824fd%40%3Ccommits.druid.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rd7e865c87f9043c21d9c1fd9d4df866061d9a08cfc322771160d8058%40%3Cdev.ws.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/re641197d204765130618086238c73dd2ce5a3f94b33785b587d72726%40%3Cdev.ws.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/re8e7482fe54d289fc0229e61cc64947b63b12c3c312e9f25bf6f3b8c%40%3Cdev.ws.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/reab5978b54a9f4c078402161e30a89c42807b198814acadbe6c862c7%40%3Cdev.ws.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rf7d369de88dc88a1347006a3323b3746d849234db40a8edfd5ebc436%40%3Cdev.ws.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/03/msg00019.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202107-52", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, ], sourceIdentifier: "security@apache.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-08-18 15:15
Modified
2024-11-21 06:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck (loop indefinitely until cancelled), to complete more slowly than usual, or to throw an unexpected exception. This effect may support a denial of service attack. The issue is patched in version 1.14.2. There are a few available workarounds. Users may rate limit input parsing, limit the size of inputs based on system resources, and/or implement thread watchdogs to cap and timeout parse runtimes.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jsoup:jsoup:*:*:*:*:*:*:*:*", matchCriteriaId: "CB2FF61F-FB78-426C-9FD0-72A1AB17A92D", versionEndExcluding: "1.14.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*", matchCriteriaId: "EF712520-1CFD-473A-B3F5-3CDDFE9C2C9A", versionEndIncluding: "2.2.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:banking_trade_finance:14.5:*:*:*:*:*:*:*", matchCriteriaId: "64750C01-21AC-4947-B674-6690EAAAC5DB", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:banking_treasury_management:14.5:*:*:*:*:*:*:*", matchCriteriaId: "3C3D0063-9458-4018-9B92-79A219716C10", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "E869C417-C0E6-4FC3-B406-45598A1D1906", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "DFEFE2C0-7B98-44F9-B3AD-D6EC607E90DA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:flexcube_universal_banking:*:*:*:*:*:*:*:*", matchCriteriaId: "54BE0CCE-8216-4CCF-96E1-38EF76124368", versionEndIncluding: "14.3.0", versionStartIncluding: "14.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:flexcube_universal_banking:14.5:*:*:*:*:*:*:*", matchCriteriaId: "609645BF-B34F-40AC-B9C9-C3FB870F4ED2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:hospitality_token_proxy_service:19.2:*:*:*:*:*:*:*", matchCriteriaId: "E7D45E2D-241B-4839-B255-A81107BF94BF", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", matchCriteriaId: "D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*", matchCriteriaId: "C8AF00C6-B97F-414D-A8DF-057E6BFD8597", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*", matchCriteriaId: "38340E3C-C452-4370-86D4-355B6B4E0A06", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*", matchCriteriaId: "E9C55C69-E22E-4B80-9371-5CD821D79FE2", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:*:*:*:*:*:*:*:*", matchCriteriaId: "E0B772D5-F0BB-4CD4-99D1-B84562D01586", versionEndIncluding: "19.0", versionStartIncluding: "17.0", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "D6A4F71A-4269-40FC-8F61-1D1301F2B728", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "5A502118-5B2B-47AE-82EC-1999BD841103", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:communications_messaging_server:8.1:*:*:*:*:*:*:*", matchCriteriaId: "7569C0BD-16C1-441E-BAEB-840C94BE73EF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:management_services_for_element_software_and_netapp_hci:-:*:*:*:*:*:*:*", matchCriteriaId: "FDAC85F0-93AF-4BE3-AE1A-8ADAF1CDF9AB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.2.0:*:*:*:*:*:*:*", matchCriteriaId: "55F091C7-0869-4FD6-AC73-DA697D990304", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.0:*:*:*:*:*:*:*", matchCriteriaId: "4D134C60-F9E2-46C2-8466-DB90AD98439E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "BCCFDDAC-CF84-4259-BA65-98DC5482A0A3", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:middleware_common_libraries_and_tools:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "9AB179A8-DFB7-4DCF-8DE3-096F376989F1", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:stream_analytics:*:*:*:*:*:*:*:*", matchCriteriaId: "847E8F6A-6115-4CCB-B16B-5DA8427958C4", versionEndExcluding: "19.1.0.0.6.4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:stream_analytics:19c:*:*:*:*:*:*:*", matchCriteriaId: "8E7B7A7D-BA3D-4ADA-B87C-F222B0722AF2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck (loop indefinitely until cancelled), to complete more slowly than usual, or to throw an unexpected exception. This effect may support a denial of service attack. The issue is patched in version 1.14.2. There are a few available workarounds. Users may rate limit input parsing, limit the size of inputs based on system resources, and/or implement thread watchdogs to cap and timeout parse runtimes.", }, { lang: "es", value: "jsoup es una biblioteca Java para trabajar con HTML. Aquellos usando versiones de jsoup anteriores a 1.14.2 para analizar HTML o XML no confiables pueden ser vulnerables a ataques DOS. Si el analizador es ejecutado con una entrada suministrada por el usuario, un atacante puede suministrar contenido que cause que el analizador se atasque (un bucle indefinido hasta que se cancele), para completarse más lentamente de lo habitual o que lance una excepción inesperada. Este efecto puede permitir un ataque de denegación de servicio. El problema está parcheado en versión 1.14.2. Se presentan algunas soluciones disponibles. Los usuarios pueden limitar el análisis de las entradas, limitar el tamaño de las entradas en función de los recursos del sistema, y/o implementar controles de hilos para limitar el tiempo de ejecución del análisis.", }, ], id: "CVE-2021-37714", lastModified: "2024-11-21T06:15:46.567", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-08-18T15:15:08.023", references: [ { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c", }, { source: "security-advisories@github.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://jsoup.org/news/release-1.14.1", }, { source: "security-advisories@github.com", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://jsoup.org/news/release-1.14.2", }, { source: "security-advisories@github.com", url: "https://lists.apache.org/thread.html/r215009dbf7467a9f6506d0c0024cb36cad30071010e62c9352cfaaf0%40%3Cissues.maven.apache.org%3E", }, { source: "security-advisories@github.com", url: "https://lists.apache.org/thread.html/r377b93d79817ce649e9e68b3456e6f499747ef1643fa987b342e082e%40%3Cissues.maven.apache.org%3E", }, { source: "security-advisories@github.com", url: "https://lists.apache.org/thread.html/r3d71f18adb78e50f626dde689161ca63d3b7491bd9718fcddfaecba7%40%3Cissues.maven.apache.org%3E", }, { source: "security-advisories@github.com", url: "https://lists.apache.org/thread.html/r50e9c9466c592ca9d707a5dea549524d19e3287da08d8392f643960e%40%3Cissues.maven.apache.org%3E", }, { source: "security-advisories@github.com", url: "https://lists.apache.org/thread.html/r685c5235235ad0c26e86d0ee987fb802c9675de6081dbf0516464e0b%40%3Cnotifications.james.apache.org%3E", }, { source: "security-advisories@github.com", url: "https://lists.apache.org/thread.html/r97404676a5cf591988faedb887d64e278f522adcaa823d89ca69defe%40%3Cnotifications.james.apache.org%3E", }, { source: "security-advisories@github.com", url: "https://lists.apache.org/thread.html/rc3354080fc67fb50b45b3c2d12dc4ca2a3c1c78dad3d3ba012c038aa%40%3Cnotifications.james.apache.org%3E", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220210-0022/", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://jsoup.org/news/release-1.14.1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://jsoup.org/news/release-1.14.2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r215009dbf7467a9f6506d0c0024cb36cad30071010e62c9352cfaaf0%40%3Cissues.maven.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r377b93d79817ce649e9e68b3456e6f499747ef1643fa987b342e082e%40%3Cissues.maven.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r3d71f18adb78e50f626dde689161ca63d3b7491bd9718fcddfaecba7%40%3Cissues.maven.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r50e9c9466c592ca9d707a5dea549524d19e3287da08d8392f643960e%40%3Cissues.maven.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r685c5235235ad0c26e86d0ee987fb802c9675de6081dbf0516464e0b%40%3Cnotifications.james.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r97404676a5cf591988faedb887d64e278f522adcaa823d89ca69defe%40%3Cnotifications.james.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rc3354080fc67fb50b45b3c2d12dc4ca2a3c1c78dad3d3ba012c038aa%40%3Cnotifications.james.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220210-0022/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpujul2022.html", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-248", }, { lang: "en", value: "CWE-835", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-835", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }