CVE Security Report - SICS Operational Reporting SolrNode
The report contains data retrieved from the National Vulnerability Database: https://nvd.nist.gov, NPM Public Advisories: https://www.npmjs.com/advisories, and the RetireJS community.
| Name | Description | CWE | CVSS v2.0 Severity | CVSS v3.0 Severity | Dependency |
|---|---|---|---|---|---|
| CVE-2020-7676 | angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping '<option>' elements in '<select>' ones changes parsing behavior, leading to possibly unsanitizing code. | CWE-79 | LOW | MEDIUM | angular-cookies.min.js |
| CVE-2020-7676 | angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping '<option>' elements in '<select>' ones changes parsing behavior, leading to possibly unsanitizing code. | CWE-79 | LOW | MEDIUM | angular-resource.min.js |
| CVE-2020-7676 | angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping '<option>' elements in '<select>' ones changes parsing behavior, leading to possibly unsanitizing code. | CWE-79 | LOW | MEDIUM | angular-route.min.js |
| CVE-2020-7676 | angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping '<option>' elements in '<select>' ones changes parsing behavior, leading to possibly unsanitizing code. | CWE-79 | LOW | MEDIUM | angular-sanitize.min.js |
| CVE-2020-7676 | angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping '<option>' elements in '<select>' ones changes parsing behavior, leading to possibly unsanitizing code. | CWE-79 | LOW | MEDIUM | angular.min.js |
| CVE-2020-13955 | HttpUtils#getURLConnection method disables explicitly hostname verification for HTTPS connections making clients vulnerable to man-in-the-middle attacks. Calcite uses internally this method to connect with Druid and Splunk so information leakage may happen when using the respective Calcite adapters. The method itself is in a utility class so people may use it to create vulnerable HTTPS connections for other applications. From Apache Calcite 1.26 onwards, the hostname verification will be performed using the default JVM truststore. | CWE-306 | MEDIUM | MEDIUM | avatica-core-1.13.0.jar |
| CVE-2020-13955 | HttpUtils#getURLConnection method disables explicitly hostname verification for HTTPS connections making clients vulnerable to man-in-the-middle attacks. Calcite uses internally this method to connect with Druid and Splunk so information leakage may happen when using the respective Calcite adapters. The method itself is in a utility class so people may use it to create vulnerable HTTPS connections for other applications. From Apache Calcite 1.26 onwards, the hostname verification will be performed using the default JVM truststore. | CWE-306 | MEDIUM | MEDIUM | calcite-core-1.18.0.jar |
| CVE-2020-8908 | A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured. | CWE-732 | LOW | LOW | guava-25.1-jre.jar |
| CVE-2020-9492 | In Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.0, WebHDFS client might send SPNEGO authorization header to remote URL without proper verification. | CWE-269 | MEDIUM | HIGH | hadoop-auth-3.2.0.jar |
| CVE-2020-35490 | FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource. | HIGH | htrace-core4-4.1.0-incubating.jar (shaded: com.fasterxml.jackson.core:jackson-databind:2.4.0) | ||
| CVE-2020-35491 | FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource. | HIGH | htrace-core4-4.1.0-incubating.jar (shaded: com.fasterxml.jackson.core:jackson-databind:2.4.0) | ||
| CVE-2020-27223 | In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values. | CWE-400 | MEDIUM | MEDIUM | http2-client-9.4.36.v20210114.jar |
| CVE-2020-27223 | In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values. | CWE-400 | MEDIUM | MEDIUM | http2-server-9.4.36.v20210114.jar |
| CVE-2020-13956 | Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution. | NVD-CWE-noinfo | MEDIUM | MEDIUM | httpclient-4.5.12.jar |
| CVE-2020-27223 | In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values. | CWE-400 | MEDIUM | MEDIUM | jetty-jmx-9.4.36.v20210114.jar |
| CVE-2020-27223 | In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values. | CWE-400 | MEDIUM | MEDIUM | jetty-server-9.4.36.v20210114.jar |
| CVE-2021-21290 | Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty before version 4.1.59.Final there is a vulnerability on Unix-like systems involving an insecure temp file. When netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. On unix-like systems, the temporary directory is shared between all user. As such, writing to this directory using APIs that do not explicitly set the file/directory permissions can lead to information disclosure. Of note, this does not impact modern MacOS Operating Systems. The method 'File.createTempFile' on unix-like systems creates a random file, but, by default will create this file with the permissions '-rw-r--r--'. Thus, if sensitive information is written to this file, other local users can read this information. This is the case in netty's 'AbstractDiskHttpData' is vulnerable. This has been fixed in version 4.1.59.Final. As a workaround, one may specify your own 'java.io.tmpdir' when you start the JVM or use 'DefaultHttpDataFactory.setBaseDir(...)' to set the directory to something that is only readable by the current user. | CWE-378 | LOW | MEDIUM | netty-transport-4.1.50.Final.jar |
This report was generated 23.03.2021, 06:09:58 UTC, using dependency-check version: 6.0.3.