Description
Vulnerable Library - kork-bom-7.126.0.pom
Path to dependency file: /front50-oracle/front50-oracle.gradle
Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework/spring-expression/5.2.12.RELEASE/8c31df01a9ee2b9fa3c3a2e75551dbc5e1447fec/spring-expression-5.2.12.RELEASE.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework/spring-expression/5.2.12.RELEASE/8c31df01a9ee2b9fa3c3a2e75551dbc5e1447fec/spring-expression-5.2.12.RELEASE.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework/spring-expression/5.2.12.RELEASE/8c31df01a9ee2b9fa3c3a2e75551dbc5e1447fec/spring-expression-5.2.12.RELEASE.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework/spring-expression/5.2.12.RELEASE/8c31df01a9ee2b9fa3c3a2e75551dbc5e1447fec/spring-expression-5.2.12.RELEASE.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework/spring-expression/5.2.12.RELEASE/8c31df01a9ee2b9fa3c3a2e75551dbc5e1447fec/spring-expression-5.2.12.RELEASE.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework/spring-expression/5.2.12.RELEASE/8c31df01a9ee2b9fa3c3a2e75551dbc5e1447fec/spring-expression-5.2.12.RELEASE.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework/spring-expression/5.2.12.RELEASE/8c31df01a9ee2b9fa3c3a2e75551dbc5e1447fec/spring-expression-5.2.12.RELEASE.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework/spring-expression/5.2.12.RELEASE/8c31df01a9ee2b9fa3c3a2e75551dbc5e1447fec/spring-expression-5.2.12.RELEASE.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework/spring-expression/5.2.12.RELEASE/8c31df01a9ee2b9fa3c3a2e75551dbc5e1447fec/spring-expression-5.2.12.RELEASE.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework/spring-expression/5.2.12.RELEASE/8c31df01a9ee2b9fa3c3a2e75551dbc5e1447fec/spring-expression-5.2.12.RELEASE.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework/spring-expression/5.2.12.RELEASE/8c31df01a9ee2b9fa3c3a2e75551dbc5e1447fec/spring-expression-5.2.12.RELEASE.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework/spring-expression/5.2.12.RELEASE/8c31df01a9ee2b9fa3c3a2e75551dbc5e1447fec/spring-expression-5.2.12.RELEASE.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework/spring-expression/5.2.12.RELEASE/8c31df01a9ee2b9fa3c3a2e75551dbc5e1447fec/spring-expression-5.2.12.RELEASE.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework/spring-expression/5.2.12.RELEASE/8c31df01a9ee2b9fa3c3a2e75551dbc5e1447fec/spring-expression-5.2.12.RELEASE.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework/spring-expression/5.2.12.RELEASE/8c31df01a9ee2b9fa3c3a2e75551dbc5e1447fec/spring-expression-5.2.12.RELEASE.jar
Found in HEAD commit: 030c85bbbd79c49a42f0cc49719b8c41bd782262
Vulnerabilities
| CVE | Severity |  CVSS |
Exploit Maturity | EPSS | Dependency | Type | Fixed in (kork-bom version) | Remediation Possible** | Reachability |
|---|---|---|---|---|---|---|---|---|---|
| CVE-2025-24813 |  Critical |
9.8 | Functional | 89.600006% | tomcat-embed-core-9.0.48.jar | Transitive | N/A* | ❌ | |
| CVE-2024-56337 | Critical |
9.8 | Not Defined | 4.6% | tomcat-embed-core-9.0.48.jar | Transitive | N/A* | ❌ | |
| CVE-2024-52316 | Critical |
9.8 | Not Defined | 1.3000001% | tomcat-embed-core-9.0.48.jar | Transitive | N/A* | ❌ | |
| CVE-2024-50379 | Critical |
9.8 | Not Defined | 84.799995% | tomcat-embed-core-9.0.48.jar | Transitive | N/A* | ❌ | |
| CVE-2023-20873 | Critical |
9.8 | Not Defined | 0.3% | spring-boot-actuator-autoconfigure-2.2.13.RELEASE.jar | Transitive | N/A* | ❌ | |
| CVE-2022-0839 | Critical |
9.8 | Not Defined | 0.1% | liquibase-core-3.8.9.jar | Transitive | N/A* | ❌ | |
| CVE-2019-17495 | Critical |
9.8 | Not Defined | 17.5% | springfox-swagger-ui-2.9.2.jar | Transitive | N/A* | ❌ | |
| CVE-2021-22573 |  High |
8.7 | Not Defined | 0.0% | google-oauth-client-1.31.0.jar | Transitive | N/A* | ❌ | |
| CVE-2024-38286 | High |
8.6 | Not Defined | 0.5% | tomcat-embed-core-9.0.48.jar | Transitive | N/A* | ❌ | |
| CVE-2022-1471 | High |
8.3 | Not Defined | 93.8% | detected in multiple dependencies | Transitive | N/A* | ❌ | |
| CVE-2022-41966 | High |
8.2 | Not Defined | 4.9% | xstream-1.4.18.jar | Transitive | N/A* | ❌ | |
| CVE-2024-25710 | High |
8.1 | Not Defined | 0.1% | commons-compress-1.21.jar | Transitive | N/A* | ❌ | |
| WS-2021-0419 | High |
7.7 | Not Defined | gson-2.8.6.jar | Transitive | N/A* | ❌ | ||
| CVE-2022-25647 | High |
7.7 | Not Defined | 1.6% | gson-2.8.6.jar | Transitive | N/A* | ❌ | |
| WS-2022-0468 | High |
7.5 | Not Defined | jackson-core-2.12.3.jar | Transitive | N/A* | ❌ | ||
| WS-2014-0065 | High |
7.5 | Not Defined | jna-platform-4.5.2.jar | Transitive | N/A* | ❌ | ||
| CVE-2024-7254 | High |
7.5 | Not Defined | 0.1% | protobuf-java-3.11.4.jar | Transitive | N/A* | ❌ | |
| CVE-2024-47072 | High |
7.5 | Not Defined | 0.3% | xstream-1.4.18.jar | Transitive | N/A* | ❌ | |
| CVE-2024-38819 | High |
7.5 | Not Defined | 62.0% | spring-webmvc-5.2.12.RELEASE.jar | Transitive | N/A* | ❌ | |
| CVE-2024-38816 | High |
7.5 | Not Defined | 87.6% | spring-webmvc-5.2.12.RELEASE.jar | Transitive | N/A* | ❌ | |
| CVE-2024-34750 | High |
7.5 | Not Defined | 21.199999% | tomcat-embed-core-9.0.48.jar | Transitive | N/A* | ❌ | |
| CVE-2024-30172 | High |
7.5 | Not Defined | 0.1% | bcprov-jdk15on-1.64.jar | Transitive | N/A* | ❌ | |
| CVE-2024-29857 | High |
7.5 | Not Defined | 0.1% | bcprov-jdk15on-1.64.jar | Transitive | N/A* | ❌ | |
| CVE-2024-24549 | High |
7.5 | Not Defined | 81.0% | tomcat-embed-core-9.0.48.jar | Transitive | N/A* | ❌ | |
| CVE-2024-21634 | High |
7.5 | Not Defined | 0.4% | ion-java-1.0.2.jar | Transitive | N/A* | ❌ | |
| CVE-2023-52428 | High |
7.5 | Not Defined | 0.3% | detected in multiple dependencies | Transitive | N/A* | ❌ | |
| CVE-2023-46589 | High |
7.5 | Not Defined | 15.2% | tomcat-embed-core-9.0.48.jar | Transitive | N/A* | ❌ | |
| CVE-2023-44487 | High |
7.5 | High | 94.5% | tomcat-embed-core-9.0.48.jar | Transitive | N/A* | ❌ | |
| CVE-2023-40828 | High |
7.5 | Not Defined | 1.7% | pf4j-3.2.0.jar | Transitive | N/A* | ❌ | |
| CVE-2023-40827 | High |
7.5 | Not Defined | 1.3000001% | pf4j-3.2.0.jar | Transitive | N/A* | ❌ | |
| CVE-2023-40826 | High |
7.5 | Not Defined | 0.6% | pf4j-3.2.0.jar | Transitive | N/A* | ❌ | |
| CVE-2023-24998 | High |
7.5 | Not Defined | 69.9% | tomcat-embed-core-9.0.48.jar | Transitive | N/A* | ❌ | |
| CVE-2023-1370 | High |
7.5 | Not Defined | 0.0% | json-smart-2.4.1.jar | Transitive | N/A* | ❌ | |
| CVE-2022-45693 | High |
7.5 | Not Defined | 0.1% | jettison-1.4.0.jar | Transitive | N/A* | ❌ | |
| CVE-2022-45685 | High |
7.5 | Not Defined | 0.1% | jettison-1.4.0.jar | Transitive | N/A* | ❌ | |
| CVE-2022-45143 | High |
7.5 | Not Defined | 0.8% | tomcat-embed-core-9.0.48.jar | Transitive | N/A* | ❌ | |
| CVE-2022-42252 | High |
7.5 | Not Defined | 0.2% | tomcat-embed-core-9.0.48.jar | Transitive | N/A* | ❌ | |
| CVE-2022-3509 | High |
7.5 | Not Defined | 0.1% | protobuf-java-3.11.4.jar | Transitive | N/A* | ❌ | |
| CVE-2022-25857 | High |
7.5 | Not Defined | 0.3% | detected in multiple dependencies | Transitive | N/A* | ❌ | |
| CVE-2021-43859 | High |
7.5 | Not Defined | 5.2000003% | xstream-1.4.18.jar | Transitive | N/A* | ❌ | |
| CVE-2021-37714 | High |
7.5 | Not Defined | 0.4% | jsoup-1.10.3.jar | Transitive | N/A* | ❌ | |
| CVE-2021-31684 | High |
7.5 | Not Defined | 0.1% | json-smart-2.4.1.jar | Transitive | N/A* | ❌ | |
| CVE-2021-22569 | High |
7.5 | Not Defined | 0.5% | protobuf-java-3.11.4.jar | Transitive | N/A* | ❌ | |
| CVE-2020-11979 | High |
7.5 | Not Defined | 0.6% | ant-1.9.15.jar | Transitive | N/A* | ❌ | |
| CVE-2017-18640 | High |
7.5 | Not Defined | 2.2% | snakeyaml-1.25.jar | Transitive | N/A* | ❌ | |
| CVE-2023-6481 | High |
7.1 | Not Defined | 0.2% | logback-core-1.2.3.jar | Transitive | N/A* | ❌ | |
| CVE-2023-6378 | High |
7.1 | Not Defined | 0.3% | logback-classic-1.2.3.jar | Transitive | N/A* | ❌ | |
| CVE-2022-23181 | High |
7.0 | Not Defined | 0.1% | tomcat-embed-core-9.0.48.jar | Transitive | N/A* | ❌ | |
| CVE-2024-12798 |  Medium |
6.6 | Not Defined | 0.1% | detected in multiple dependencies | Transitive | N/A* | ❌ | |
| CVE-2021-42550 | Medium |
6.6 | Not Defined | 2.0% | detected in multiple dependencies | Transitive | N/A* | ❌ | |
| CVE-2024-52317 | Medium |
6.5 | Not Defined | 0.9% | tomcat-embed-core-9.0.48.jar | Transitive | N/A* | ❌ | |
| CVE-2023-20863 | Medium |
6.5 | Not Defined | 0.6% | spring-expression-5.2.12.RELEASE.jar | Transitive | N/A* | ❌ | |
| CVE-2023-20861 | Medium |
6.5 | Not Defined | 0.2% | spring-expression-5.2.12.RELEASE.jar | Transitive | N/A* | ❌ | |
| CVE-2022-40151 | Medium |
6.5 | Not Defined | 0.2% | xstream-1.4.18.jar | Transitive | N/A* | ❌ | |
| CVE-2022-40150 | Medium |
6.5 | Not Defined | 0.0% | jettison-1.4.0.jar | Transitive | N/A* | ❌ | |
| CVE-2022-40149 | Medium |
6.5 | Not Defined | 0.4% | jettison-1.4.0.jar | Transitive | N/A* | ❌ | |
| CVE-2022-38752 | Medium |
6.5 | Not Defined | 0.2% | detected in multiple dependencies | Transitive | N/A* | ❌ | |
| CVE-2022-38751 | Medium |
6.5 | Not Defined | 0.2% | detected in multiple dependencies | Transitive | N/A* | ❌ | |
| CVE-2022-38750 | Medium |
6.5 | Not Defined | 0.1% | detected in multiple dependencies | Transitive | N/A* | ❌ | |
| CVE-2022-38749 | Medium |
6.5 | Not Defined | 0.5% | detected in multiple dependencies | Transitive | N/A* | ❌ | |
| CVE-2022-22950 | Medium |
6.5 | Not Defined | 4.5% | spring-expression-5.2.12.RELEASE.jar | Transitive | N/A* | ❌ | |
| CVE-2021-37533 | Medium |
6.5 | Not Defined | 0.2% | commons-net-3.3.jar | Transitive | N/A* | ❌ | |
| CVE-2020-12668 | Medium |
6.5 | Not Defined | 0.3% | jinjava-2.5.2.jar | Transitive | N/A* | ❌ | |
| CVE-2024-23672 | Medium |
6.3 | Not Defined | 0.9% | tomcat-embed-websocket-9.0.48.jar | Transitive | N/A* | ❌ | |
| CVE-2021-28168 | Medium |
6.2 | Not Defined | 0.2% | jersey-common-2.29.1.jar | Transitive | N/A* | ❌ | |
| CVE-2023-41080 | Medium |
6.1 | Not Defined | 70.6% | tomcat-embed-core-9.0.48.jar | Transitive | N/A* | ❌ | |
| CVE-2023-1932 | Medium |
6.1 | Not Defined | 0.1% | hibernate-validator-6.0.22.Final.jar | Transitive | N/A* | ❌ | |
| CVE-2022-36033 | Medium |
6.1 | Not Defined | 0.8% | jsoup-1.10.3.jar | Transitive | N/A* | ❌ | |
| WS-2021-0616 | Medium |
5.9 | Not Defined | jackson-core-2.12.3.jar | Transitive | N/A* | ❌ | ||
| CVE-2024-30171 | Medium |
5.9 | Not Defined | 0.1% | bcprov-jdk15on-1.64.jar | Transitive | N/A* | ❌ | |
| CVE-2023-3635 | Medium |
5.9 | Not Defined | 0.2% | okio-1.17.2.jar | Transitive | N/A* | ❌ | |
| CVE-2023-1436 | Medium |
5.9 | Not Defined | 0.0% | jettison-1.4.0.jar | Transitive | N/A* | ❌ | |
| CVE-2021-27568 | Medium |
5.9 | Not Defined | 0.9% | json-smart-2.4.1.jar | Transitive | N/A* | ❌ | |
| CVE-2020-15522 | Medium |
5.9 | Not Defined | 0.3% | bcprov-jdk15on-1.64.jar | Transitive | N/A* | ❌ | |
| CVE-2023-3894 | Medium |
5.8 | Not Defined | 0.3% | jackson-dataformat-properties-2.12.3.jar | Transitive | N/A* | ❌ | |
| CVE-2022-41854 | Medium |
5.8 | Not Defined | 0.1% | detected in multiple dependencies | Transitive | N/A* | ❌ | |
| CVE-2024-31573 | Medium |
5.6 | Not Defined | xmlunit-core-2.6.4.jar | Transitive | N/A* | ❌ | ||
| CVE-2024-26308 | Medium |
5.5 | Not Defined | 0.5% | commons-compress-1.21.jar | Transitive | N/A* | ❌ | |
| CVE-2023-33202 | Medium |
5.5 | Not Defined | 0.1% | bcprov-jdk15on-1.64.jar | Transitive | N/A* | ❌ | |
| CVE-2022-4065 | Medium |
5.5 | Not Defined | 0.3% | testng-7.4.0.jar | Transitive | N/A* | ❌ | |
| CVE-2021-36374 | Medium |
5.5 | Not Defined | 0.1% | ant-1.9.15.jar | Transitive | N/A* | ❌ | |
| CVE-2021-36373 | Medium |
5.5 | Not Defined | 0.1% | ant-1.9.15.jar | Transitive | N/A* | ❌ | |
| CVE-2024-38828 | Medium |
5.3 | Not Defined | 0.1% | spring-webmvc-5.2.12.RELEASE.jar | Transitive | N/A* | ❌ | |
| CVE-2023-51074 | Medium |
5.3 | Not Defined | 0.3% | json-path-2.4.0.jar | Transitive | N/A* | ❌ | |
| CVE-2023-45648 | Medium |
5.3 | Not Defined | 4.6% | tomcat-embed-core-9.0.48.jar | Transitive | N/A* | ❌ | |
| CVE-2023-42795 | Medium |
5.3 | Not Defined | 3.6% | tomcat-embed-core-9.0.48.jar | Transitive | N/A* | ❌ | |
| CVE-2023-34055 | Medium |
5.3 | Not Defined | 2.6000001% | spring-boot-actuator-2.2.13.RELEASE.jar | Transitive | N/A* | ❌ | |
| CVE-2023-33201 | Medium |
5.3 | Not Defined | 0.2% | bcprov-jdk15on-1.64.jar | Transitive | N/A* | ❌ | |
| CVE-2022-24329 | Medium |
5.3 | Not Defined | 0.0% | detected in multiple dependencies | Transitive | N/A* | ❌ | |
| CVE-2022-22970 | Medium |
5.3 | Not Defined | 0.3% | spring-core-5.2.12.RELEASE.jar | Transitive | N/A* | ❌ | |
| CVE-2020-29582 | Medium |
5.3 | Not Defined | 0.0% | kotlin-stdlib-1.4.0.jar | Transitive | N/A* | ❌ | |
| CVE-2023-0833 | Medium |
4.7 | Not Defined | 0.0% | okhttp-3.14.9.jar | Transitive | N/A* | ❌ | |
| CVE-2024-12801 | Medium |
4.4 | Not Defined | 0.0% | logback-core-1.2.3.jar | Transitive | N/A* | ❌ | |
| CVE-2024-47554 | Medium |
4.3 | Not Defined | 0.2% | commons-io-2.7.jar | Transitive | N/A* | ❌ | |
| CVE-2024-38808 | Medium |
4.3 | Not Defined | 0.3% | spring-expression-5.2.12.RELEASE.jar | Transitive | N/A* | ❌ | |
| CVE-2023-28708 | Medium |
4.3 | Not Defined | 0.8% | tomcat-embed-core-9.0.48.jar | Transitive | N/A* | ❌ | |
| CVE-2022-3171 | Medium |
4.3 | Not Defined | 0.1% | protobuf-java-3.11.4.jar | Transitive | N/A* | ❌ | |
| CVE-2021-22096 | Medium |
4.3 | Not Defined | 0.2% | detected in multiple dependencies | Transitive | N/A* | ❌ | |
| CVE-2021-22060 | Medium |
4.3 | Not Defined | 0.2% | spring-core-5.2.12.RELEASE.jar | Transitive | N/A* | ❌ | |
| CVE-2018-25031 | Medium |
4.3 | Not Defined | 83.1% | springfox-swagger-ui-2.9.2.jar | Transitive | N/A* | ❌ | |
| CVE-2021-43980 |  Low |
3.7 | Not Defined | 0.1% | tomcat-embed-core-9.0.48.jar | Transitive | N/A* | ❌ |
*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
Partial details (7 vulnerabilities) are displayed below due to a content size limitation in GitHub. To view information on the remaining vulnerabilities, navigate to the Mend Application.
CVE-2025-24813
Vulnerable Library - tomcat-embed-core-9.0.48.jar
Core Tomcat implementation
Library home page: https://tomcat.apache.org/
Path to dependency file: /front50-api-tck/front50-api-tck.gradle
Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar
Dependency Hierarchy:
- kork-bom-7.126.0.pom (Root Library)
- ❌ tomcat-embed-core-9.0.48.jar (Vulnerable Library)
Found in HEAD commit: 030c85bbbd79c49a42f0cc49719b8c41bd782262
Found in base branch: master
Vulnerability Details
Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, from 9.0.0.M1 through 9.0.98.
If all of the following were true, a malicious user was able to view security sensitive files and/or inject content into those files:
- writes enabled for the default servlet (disabled by default)
- support for partial PUT (enabled by default)
- a target URL for security sensitive uploads that was a sub-directory of a target URL for public uploads
- attacker knowledge of the names of security sensitive files being uploaded
- the security sensitive files also being uploaded via partial PUT
If all of the following were true, a malicious user was able to perform remote code execution: - writes enabled for the default servlet (disabled by default)
- support for partial PUT (enabled by default)
- application was using Tomcat's file based session persistence with the default storage location
- application included a library that may be leveraged in a deserialization attack
Users are recommended to upgrade to version 11.0.3, 10.1.35 or 9.0.99, which fixes the issue.
Publish Date: 2025-03-10
URL: CVE-2025-24813
Threat Assessment
Exploit Maturity: Functional
EPSS: 89.600006%
CVSS 3 Score Details (9.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2025-24813
Release Date: 2025-03-10
Fix Resolution: org.apache.tomcat.embed:tomcat-embed-core:11.0.3
CVE-2024-56337
Vulnerable Library - tomcat-embed-core-9.0.48.jar
Core Tomcat implementation
Library home page: https://tomcat.apache.org/
Path to dependency file: /front50-api-tck/front50-api-tck.gradle
Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar
Dependency Hierarchy:
- kork-bom-7.126.0.pom (Root Library)
- ❌ tomcat-embed-core-9.0.48.jar (Vulnerable Library)
Found in HEAD commit: 030c85bbbd79c49a42f0cc49719b8c41bd782262
Found in base branch: master
Vulnerability Details
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97.
The mitigation for CVE-2024-50379 was incomplete.
Users running Tomcat on a case insensitive file system with the default servlet write enabled (readonly initialisation
parameter set to the non-default value of false) may need additional configuration to fully mitigate CVE-2024-50379 depending on which version of Java they are using with Tomcat:
- running on Java 8 or Java 11: the system property sun.io.useCanonCaches must be explicitly set to false (it defaults to true)
- running on Java 17: the system property sun.io.useCanonCaches, if set, must be set to false (it defaults to false)
- running on Java 21 onwards: no further configuration is required (the system property and the problematic cache have been removed)
Tomcat 11.0.3, 10.1.35 and 9.0.99 onwards will include checks that sun.io.useCanonCaches is set appropriately before allowing the default servlet to be write enabled on a case insensitive file system. Tomcat will also set sun.io.useCanonCaches to false by default where it can.
Publish Date: 2024-12-20
URL: CVE-2024-56337
Threat Assessment
Exploit Maturity: Not Defined
EPSS: 4.6%
CVSS 3 Score Details (9.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
Suggested Fix
Type: Upgrade version
Origin: https://tomcat.apache.org/security-11.html
Release Date: 2024-12-20
Fix Resolution: org.apache.tomcat:tomcat-catalina:9.0.99,10.1.35,11.0.3, org.apache.tomcat.embed:tomcat-embed-core:9.0.99,10.1.35,11.0.3
CVE-2024-52316
Vulnerable Library - tomcat-embed-core-9.0.48.jar
Core Tomcat implementation
Library home page: https://tomcat.apache.org/
Path to dependency file: /front50-api-tck/front50-api-tck.gradle
Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar
Dependency Hierarchy:
- kork-bom-7.126.0.pom (Root Library)
- ❌ tomcat-embed-core-9.0.48.jar (Vulnerable Library)
Found in HEAD commit: 030c85bbbd79c49a42f0cc49719b8c41bd782262
Found in base branch: master
Vulnerability Details
Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication (formerly JASPIC) ServerAuthContext component which may throw an exception during the authentication process without explicitly setting an HTTP status to indicate failure, the authentication may not fail, allowing the user to bypass the authentication process. There are no known Jakarta Authentication components that behave in this way.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M26, from 10.1.0-M1 through 10.1.30, from 9.0.0-M1 through 9.0.95.
Users are recommended to upgrade to version 11.0.0, 10.1.31 or 9.0.96, which fix the issue.
Publish Date: 2024-11-18
URL: CVE-2024-52316
Threat Assessment
Exploit Maturity: Not Defined
EPSS: 1.3000001%
CVSS 3 Score Details (9.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
Suggested Fix
Type: Upgrade version
Origin: https://tomcat.apache.org/security-11.html
Release Date: 2024-11-18
Fix Resolution: org.apache.tomcat:tomcat-catalina:9.0.96,10.1.31,11.0.0, org.apache.tomcat.embed:tomcat-embed-core:9.0.96,10.1.31,11.0.0
CVE-2024-50379
Vulnerable Library - tomcat-embed-core-9.0.48.jar
Core Tomcat implementation
Library home page: https://tomcat.apache.org/
Path to dependency file: /front50-api-tck/front50-api-tck.gradle
Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/9.0.48/f112cd2380d8215e22ac40aff128a1b6daa2f0ac/tomcat-embed-core-9.0.48.jar
Dependency Hierarchy:
- kork-bom-7.126.0.pom (Root Library)
- ❌ tomcat-embed-core-9.0.48.jar (Vulnerable Library)
Found in HEAD commit: 030c85bbbd79c49a42f0cc49719b8c41bd782262
Found in base branch: master
Vulnerability Details
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration).
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97.
Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue.
Mend Note: The fix for CVE-2024-50379 was found to be incomplete - users should refer to the follow-up CVE-2024-56337 which fully addresses the issue.
Publish Date: 2024-12-17
URL: CVE-2024-50379
Threat Assessment
Exploit Maturity: Not Defined
EPSS: 84.799995%
CVSS 3 Score Details (9.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
Suggested Fix
Type: Upgrade version
Origin: https://tomcat.apache.org/security-11.html
Release Date: 2024-12-17
Fix Resolution: org.apache.tomcat:tomcat-catalina:9.0.98,10.1.34,11.0.2, org.apache.tomcat.embed:tomcat-embed-core:9.0.98,10.1.34,11.0.2
CVE-2023-20873
Vulnerable Library - spring-boot-actuator-autoconfigure-2.2.13.RELEASE.jar
Spring Boot Actuator AutoConfigure
Library home page: https://spring.io
Path to dependency file: /front50-web/front50-web.gradle
Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework.boot/spring-boot-actuator-autoconfigure/2.2.13.RELEASE/ec20081eca88f5c9fcd5f834ed88770dc907112f/spring-boot-actuator-autoconfigure-2.2.13.RELEASE.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework.boot/spring-boot-actuator-autoconfigure/2.2.13.RELEASE/ec20081eca88f5c9fcd5f834ed88770dc907112f/spring-boot-actuator-autoconfigure-2.2.13.RELEASE.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework.boot/spring-boot-actuator-autoconfigure/2.2.13.RELEASE/ec20081eca88f5c9fcd5f834ed88770dc907112f/spring-boot-actuator-autoconfigure-2.2.13.RELEASE.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework.boot/spring-boot-actuator-autoconfigure/2.2.13.RELEASE/ec20081eca88f5c9fcd5f834ed88770dc907112f/spring-boot-actuator-autoconfigure-2.2.13.RELEASE.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework.boot/spring-boot-actuator-autoconfigure/2.2.13.RELEASE/ec20081eca88f5c9fcd5f834ed88770dc907112f/spring-boot-actuator-autoconfigure-2.2.13.RELEASE.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework.boot/spring-boot-actuator-autoconfigure/2.2.13.RELEASE/ec20081eca88f5c9fcd5f834ed88770dc907112f/spring-boot-actuator-autoconfigure-2.2.13.RELEASE.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework.boot/spring-boot-actuator-autoconfigure/2.2.13.RELEASE/ec20081eca88f5c9fcd5f834ed88770dc907112f/spring-boot-actuator-autoconfigure-2.2.13.RELEASE.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework.boot/spring-boot-actuator-autoconfigure/2.2.13.RELEASE/ec20081eca88f5c9fcd5f834ed88770dc907112f/spring-boot-actuator-autoconfigure-2.2.13.RELEASE.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework.boot/spring-boot-actuator-autoconfigure/2.2.13.RELEASE/ec20081eca88f5c9fcd5f834ed88770dc907112f/spring-boot-actuator-autoconfigure-2.2.13.RELEASE.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework.boot/spring-boot-actuator-autoconfigure/2.2.13.RELEASE/ec20081eca88f5c9fcd5f834ed88770dc907112f/spring-boot-actuator-autoconfigure-2.2.13.RELEASE.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework.boot/spring-boot-actuator-autoconfigure/2.2.13.RELEASE/ec20081eca88f5c9fcd5f834ed88770dc907112f/spring-boot-actuator-autoconfigure-2.2.13.RELEASE.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework.boot/spring-boot-actuator-autoconfigure/2.2.13.RELEASE/ec20081eca88f5c9fcd5f834ed88770dc907112f/spring-boot-actuator-autoconfigure-2.2.13.RELEASE.jar
Dependency Hierarchy:
- kork-bom-7.126.0.pom (Root Library)
- ❌ spring-boot-actuator-autoconfigure-2.2.13.RELEASE.jar (Vulnerable Library)
Found in HEAD commit: 030c85bbbd79c49a42f0cc49719b8c41bd782262
Found in base branch: master
Vulnerability Details
In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6+. 2.7.x users should upgrade to 2.7.11+. Users of older, unsupported versions should upgrade to 3.0.6+ or 2.7.11+.
Publish Date: 2023-04-20
URL: CVE-2023-20873
Threat Assessment
Exploit Maturity: Not Defined
EPSS: 0.3%
CVSS 3 Score Details (9.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
Suggested Fix
Type: Upgrade version
Origin: https://spring.io/security/cve-2023-20873
Release Date: 2023-04-20
Fix Resolution: org.springframework.boot:spring-boot-actuator-autoconfigure:2.7.11,3.0.6
CVE-2022-0839
Vulnerable Library - liquibase-core-3.8.9.jar
Liquibase is a tool for managing and executing database changes.
Library home page: http://www.liquibase.org/liquibase-root/liquibase-dist
Path to dependency file: /front50-sql/front50-sql.gradle
Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.liquibase/liquibase-core/3.8.9/ba38ad9bc271fb4f5c03547f99ab22caecf70431/liquibase-core-3.8.9.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.liquibase/liquibase-core/3.8.9/ba38ad9bc271fb4f5c03547f99ab22caecf70431/liquibase-core-3.8.9.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.liquibase/liquibase-core/3.8.9/ba38ad9bc271fb4f5c03547f99ab22caecf70431/liquibase-core-3.8.9.jar
Dependency Hierarchy:
- kork-bom-7.126.0.pom (Root Library)
- ❌ liquibase-core-3.8.9.jar (Vulnerable Library)
Found in HEAD commit: 030c85bbbd79c49a42f0cc49719b8c41bd782262
Found in base branch: master
Vulnerability Details
Improper Restriction of XML External Entity Reference in GitHub repository liquibase/liquibase prior to 4.8.0.
Publish Date: 2022-03-04
URL: CVE-2022-0839
Threat Assessment
Exploit Maturity: Not Defined
EPSS: 0.1%
CVSS 3 Score Details (9.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0839
Release Date: 2022-03-04
Fix Resolution: org.liquibase:liquibase-core:4.8.0
CVE-2019-17495
Vulnerable Library - springfox-swagger-ui-2.9.2.jar
JSON API documentation for spring based applications
Library home page: https://github.com/springfox/springfox
Path to dependency file: /front50-api-tck/front50-api-tck.gradle
Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/io.springfox/springfox-swagger-ui/2.9.2/d542382a88ff3ea8d4032c28b2b0325797fada7d/springfox-swagger-ui-2.9.2.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/io.springfox/springfox-swagger-ui/2.9.2/d542382a88ff3ea8d4032c28b2b0325797fada7d/springfox-swagger-ui-2.9.2.jar
Dependency Hierarchy:
- kork-bom-7.126.0.pom (Root Library)
- ❌ springfox-swagger-ui-2.9.2.jar (Vulnerable Library)
Found in HEAD commit: 030c85bbbd79c49a42f0cc49719b8c41bd782262
Found in base branch: master
Vulnerability Details
A Cascading Style Sheets (CSS) injection vulnerability in Swagger UI before 3.23.11 allows attackers to use the Relative Path Overwrite (RPO) technique to perform CSS-based input field value exfiltration, such as exfiltration of a CSRF token value. In other words, this product intentionally allows the embedding of untrusted JSON data from remote servers, but it was not previously known that <style>@import within the JSON data was a functional attack method.
Publish Date: 2019-10-10
URL: CVE-2019-17495
Threat Assessment
Exploit Maturity: Not Defined
EPSS: 17.5%
CVSS 3 Score Details (9.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
Suggested Fix
Type: Upgrade version
Release Date: 2019-10-10
Fix Resolution: swagger-ui - 3.23.11, io.springfox:springfox-swagger-ui:2.10.0