A malicious host header in an incoming HTTP request could cause NiFi to load resources from an external server. The fix to sanitize host headers and compare to a controlled whitelist was applied on the Apache NiFi 1.5.0 release. Users running a prior 1…
[org.jvnet.hudson.plugins:ccm] Jenkins CCM Plugin vulnerable to Improper Restriction of XML External Entity Reference
Jenkins CCM Plugin 3.1 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or …
[org.apache.geode:geode-core] Apache Geode configuration request authorization vulnerability
When an Apache Geode cluster before v1.4.0 is operating in secure mode, the Geode configuration service does not properly authorize configuration requests. This allows an unprivileged user who gains access to the Geode locator to extract configuration …
[org.apache.geode:geode-core] Apache Geode unsafe deserialization of application objects
In Apache Geode before v1.4.0, the Geode server stores application objects in serialized form. Certain cluster operations and API invocations cause these objects to be deserialized. A user with DATA:WRITE access to the cluster may be able to cause remo…
[org.apache.ode:ode] Apache ODE Path Traversal vulnerability
The ODE process deployment web service was sensible to deployment messages with forged names. Using a path for the name was allowing directory traversal, resulting in the potential writing of files under unwanted locations, the overwriting of existing …
[org.apache.struts:struts2-core] Special top object can be used to access Struts’ internals
ValueStack defines special top object which represents root of execution context. It can be used to manipulate Struts’ internals or can be used to affect container’s settings. Applying better regex which includes pattern to exclude request parameters t…
[org.apache.shiro:shiro-web] Improper Access Control in Apache Shiro
Apache Shiro before 1.3.2 allows attackers to bypass intended servlet filters and gain access by leveraging use of a non-root servlet context path.
References
https://nvd.nist.gov/vuln/detail/CVE-2016-6802
https://github.com/apache/shiro/commit/b15ab9…
[org.jboss.resteasy:resteasy-bom] JBoss RESTEasy vulnerable to Improper Input Validation
JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could allow an attacker to execute arbitrary code with RESTEasy application permissions.
Refere…
[org.apache.cayenne:cayenne-parent] XML External Entity Reference in Apache Cayenne
This affects Apache Cayenne 4.1.M1, 3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1, 3.1, 3.1.1, 3.1.2. CayenneModeler is a desktop GUI tool shipped with Apache Cayenne and intended for editing Cayenne ORM models stored as XML files. If an attacker t…
[org.apache.struts:struts2-core] Arbitrary code execution in Apache Struts 2
Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted action name that is not properly handled during wildcard matching, a different vulnerability than CVE-2013-2135.
References
https://nvd…