Find, fix and prevent vulnerabilities in your code.
high severity
- Vulnerable module: org.apache.commons:commons-lang3
- Introduced through: org.apache.commons:commons-lang3@3.0
Detailed paths
-
Introduced through: yesdog/ProtocolSupportBungee@yesdog/ProtocolSupportBungee#d1d93583add177ede2ef625f9643f0266b25c753 › org.apache.commons:commons-lang3@3.0Remediation: Upgrade to org.apache.commons:commons-lang3@3.18.0.
Overview
Affected versions of this package are vulnerable to Uncontrolled Recursion via the ClassUtils.getClass function. An attacker can cause the application to terminate unexpectedly by providing excessively long input values.
Remediation
Upgrade org.apache.commons:commons-lang3 to version 3.18.0 or higher.
References
high severity
- Vulnerable module: com.nimbusds:nimbus-jose-jwt
- Introduced through: com.nimbusds:nimbus-jose-jwt@5.2
Detailed paths
-
Introduced through: yesdog/ProtocolSupportBungee@yesdog/ProtocolSupportBungee#d1d93583add177ede2ef625f9643f0266b25c753 › com.nimbusds:nimbus-jose-jwt@5.2Remediation: Upgrade to com.nimbusds:nimbus-jose-jwt@9.37.2.
Overview
com.nimbusds:nimbus-jose-jwt is a library for JSON Web Tokens (JWT)
Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to a large JWE p2c header value (AKA iteration count) for the PasswordBasedDecrypter (PBKDF2) class. An attacker can cause resource consumption by specifying an excessively large iteration count.
Remediation
Upgrade com.nimbusds:nimbus-jose-jwt to version 9.37.2 or higher.
References
high severity
- Vulnerable module: net.minidev:json-smart
- Introduced through: com.nimbusds:nimbus-jose-jwt@5.2
Detailed paths
-
Introduced through: yesdog/ProtocolSupportBungee@yesdog/ProtocolSupportBungee#d1d93583add177ede2ef625f9643f0266b25c753 › com.nimbusds:nimbus-jose-jwt@5.2 › net.minidev:json-smart@2.3Remediation: Upgrade to com.nimbusds:nimbus-jose-jwt@9.0.
Overview
net.minidev:json-smart is a Java JSON parser.
Affected versions of this package are vulnerable to Denial of Service (DoS) due to a StackOverflowError when parsing a deeply nested JSON array or object.
NOTE: Although this vulnerability was fixed in version 2.4.9 the maintainer recommends upgrading to 2.4.10, due to a remaining bug.
PoC
StringBuilder s = new StringBuilder();
for (int i = 0; i < 10000 ; i++) {
s.append("{\"a\":");
}
s.append("1");
for (int i = 0; i < 10000 ; i++) {
s.append("}");
}
JSONParser p = new JSONParser(JSONParser.MODE_JSON_SIMPLE);
p.parse(s.toString());
Details
Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.
Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.
One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.
When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.
Two common types of DoS vulnerabilities:
High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.
Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm
wspackage
Remediation
Upgrade net.minidev:json-smart to version 2.4.9 or higher.
References
medium severity
- Vulnerable module: com.nimbusds:nimbus-jose-jwt
- Introduced through: com.nimbusds:nimbus-jose-jwt@5.2
Detailed paths
-
Introduced through: yesdog/ProtocolSupportBungee@yesdog/ProtocolSupportBungee#d1d93583add177ede2ef625f9643f0266b25c753 › com.nimbusds:nimbus-jose-jwt@5.2Remediation: Upgrade to com.nimbusds:nimbus-jose-jwt@9.37.4.
Overview
com.nimbusds:nimbus-jose-jwt is a library for JSON Web Tokens (JWT)
Affected versions of this package are vulnerable to Uncontrolled Recursion due to the improper handling JWT claim sets containing deeply nested JSON objects. An attacker can cause application downtime or resource exhaustion by submitting a specially crafted JWT with excessive nesting.
Note:
This issue only affects nimbus-jose-jwt, not Gson because the Connect2id product could have checked the JSON object nesting depth, regardless of what limits (if any) were imposed by Gson.
PoC
import com.nimbusds.jwt.JWTClaimsSet;
import java.text.ParseException;
import java.util.HashMap;
import java.util.Map;
public class Test {
// This builds a claimset with a deeply nested map, which could theoretically be supplied by a client.
// If the JWT is serialized into JSON (for example, in logging or debugging), it can cause a StackOverflowError.
public static void main(String[] args) throws ParseException {
Map<String, Object> nestedMap = new HashMap<>();
Map<String, Object> currentLevel = nestedMap;
for (int i = 0; i < 5000; i++) {
Map<String, Object> nextLevel = new HashMap<>();
currentLevel.put("", nextLevel);
currentLevel = nextLevel;
}
JWTClaimsSet claimSet = JWTClaimsSet.parse(nestedMap);
// This will cause a StackOverflowError due to excessive recursion in GSON's serialization
claimSet.toString();
}
}
Remediation
Upgrade com.nimbusds:nimbus-jose-jwt to version 9.37.4, 10.0.2 or higher.
References
medium severity
- Vulnerable module: com.nimbusds:nimbus-jose-jwt
- Introduced through: com.nimbusds:nimbus-jose-jwt@5.2
Detailed paths
-
Introduced through: yesdog/ProtocolSupportBungee@yesdog/ProtocolSupportBungee#d1d93583add177ede2ef625f9643f0266b25c753 › com.nimbusds:nimbus-jose-jwt@5.2Remediation: Upgrade to com.nimbusds:nimbus-jose-jwt@7.8.1.
Overview
com.nimbusds:nimbus-jose-jwt is a library for JSON Web Tokens (JWT)
Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions. Can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass.
Remediation
Upgrade com.nimbusds:nimbus-jose-jwt to version 7.8.1 or higher.
References
medium severity
- Vulnerable module: net.minidev:json-smart
- Introduced through: com.nimbusds:nimbus-jose-jwt@5.2
Detailed paths
-
Introduced through: yesdog/ProtocolSupportBungee@yesdog/ProtocolSupportBungee#d1d93583add177ede2ef625f9643f0266b25c753 › com.nimbusds:nimbus-jose-jwt@5.2 › net.minidev:json-smart@2.3Remediation: Upgrade to com.nimbusds:nimbus-jose-jwt@8.21.1.
Overview
net.minidev:json-smart is a Java JSON parser.
Affected versions of this package are vulnerable to Denial of Service (DoS). An exception is thrown from a function, but it is not caught, as demonstrated by NumberFormatException. When it is not caught, it may cause programs using the library to crash or expose sensitive information.
Details
Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.
Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.
One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.
When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.
Two common types of DoS vulnerabilities:
High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.
Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm
wspackage
Remediation
Upgrade net.minidev:json-smart to version 1.3.2, 2.3.1, 2.4.1 or higher.
References
medium severity
- Vulnerable module: net.minidev:json-smart
- Introduced through: com.nimbusds:nimbus-jose-jwt@5.2
Detailed paths
-
Introduced through: yesdog/ProtocolSupportBungee@yesdog/ProtocolSupportBungee#d1d93583add177ede2ef625f9643f0266b25c753 › com.nimbusds:nimbus-jose-jwt@5.2 › net.minidev:json-smart@2.3Remediation: Upgrade to com.nimbusds:nimbus-jose-jwt@8.21.1.
Overview
net.minidev:json-smart is a Java JSON parser.
Affected versions of this package are vulnerable to Denial of Service (DoS) via the indexOf function of JSONParserByteArray which causes a denial of service (DOS) via a crafted web request.
Details
Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.
Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.
One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.
When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.
Two common types of DoS vulnerabilities:
High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.
Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm
wspackage
Remediation
Upgrade net.minidev:json-smart to version 1.3.3, 2.4.5 or higher.