Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-36033 (GCVE-0-2022-36033)
Vulnerability from cvelistv5 – Published: 2022-08-29 00:00 – Updated: 2025-04-22 17:41
VLAI?
EPSS
Title
jsoup may not sanitize Cross-Site Scripting (XSS) attempts if SafeList.preserveRelativeLinks is enabled
Summary
jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly sanitize HTML including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML including `javascript:` URLs that have been crafted with control characters will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is then possible. This issue is patched in jsoup 1.15.3. Users should upgrade to this version. Additionally, as the unsanitized input may have been persisted, old content should be cleaned again using the updated version. To remediate this issue without immediately upgrading: - disable `SafeList.preserveRelativeLinks`, which will rewrite input URLs as absolute URLs - ensure an appropriate [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) is defined. (This should be used regardless of upgrading, as a defence-in-depth best practice.)
Severity ?
6.1 (Medium)
CWE
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:51:59.964Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/jhy/jsoup/releases/tag/jsoup-1.15.3"
},
{
"tags": [
"x_transferred"
],
"url": "https://jsoup.org/news/release-1.15.3"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20221104-0006/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-36033",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-22T15:44:56.200275Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-22T17:41:13.666Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "jsoup",
"vendor": "jhy",
"versions": [
{
"status": "affected",
"version": "\u003c 1.15.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly sanitize HTML including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML including `javascript:` URLs that have been crafted with control characters will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is then possible. This issue is patched in jsoup 1.15.3. Users should upgrade to this version. Additionally, as the unsanitized input may have been persisted, old content should be cleaned again using the updated version. To remediate this issue without immediately upgrading: - disable `SafeList.preserveRelativeLinks`, which will rewrite input URLs as absolute URLs - ensure an appropriate [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) is defined. (This should be used regardless of upgrading, as a defence-in-depth best practice.)"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-87",
"description": "CWE-87: Improper Neutralization of Alternate XSS Syntax",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-04T00:00:00.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"url": "https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369"
},
{
"url": "https://github.com/jhy/jsoup/releases/tag/jsoup-1.15.3"
},
{
"url": "https://jsoup.org/news/release-1.15.3"
},
{
"url": "https://security.netapp.com/advisory/ntap-20221104-0006/"
}
],
"source": {
"advisory": "GHSA-gp7f-rwcx-9369",
"discovery": "UNKNOWN"
},
"title": "jsoup may not sanitize Cross-Site Scripting (XSS) attempts if SafeList.preserveRelativeLinks is enabled"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-36033",
"datePublished": "2022-08-29T00:00:00.000Z",
"dateReserved": "2022-07-15T00:00:00.000Z",
"dateUpdated": "2025-04-22T17:41:13.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/jhy/jsoup/releases/tag/jsoup-1.15.3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://jsoup.org/news/release-1.15.3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20221104-0006/\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T09:51:59.964Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-36033\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-22T15:44:56.200275Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-22T15:44:58.305Z\"}}], \"cna\": {\"title\": \"jsoup may not sanitize Cross-Site Scripting (XSS) attempts if SafeList.preserveRelativeLinks is enabled\", \"source\": {\"advisory\": \"GHSA-gp7f-rwcx-9369\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 6.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"jhy\", \"product\": \"jsoup\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 1.15.3\"}]}], \"references\": [{\"url\": \"https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369\"}, {\"url\": \"https://github.com/jhy/jsoup/releases/tag/jsoup-1.15.3\"}, {\"url\": \"https://jsoup.org/news/release-1.15.3\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20221104-0006/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly sanitize HTML including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML including `javascript:` URLs that have been crafted with control characters will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is then possible. This issue is patched in jsoup 1.15.3. Users should upgrade to this version. Additionally, as the unsanitized input may have been persisted, old content should be cleaned again using the updated version. To remediate this issue without immediately upgrading: - disable `SafeList.preserveRelativeLinks`, which will rewrite input URLs as absolute URLs - ensure an appropriate [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) is defined. (This should be used regardless of upgrading, as a defence-in-depth best practice.)\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-87\", \"description\": \"CWE-87: Improper Neutralization of Alternate XSS Syntax\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2022-11-04T00:00:00.000Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2022-36033\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-22T17:41:13.666Z\", \"dateReserved\": \"2022-07-15T00:00:00.000Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2022-08-29T00:00:00.000Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2023-AVI-0325
Vulnerability from certfr_avis - Published: 2023-04-19 - Updated: 2023-04-20
De multiples vulnérabilités ont été découvertes dans les produits Oracle. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Oracle | Java SE | Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20 | ||
| Oracle | Database Server | Oracle Database Server 19c, 21c | ||
| Oracle | N/A | Oracle GraalVM Enterprise Edition: 20.3.8, 20.3.9, 21.3.4, 21.3.5, 22.3.0, 22.3.1 | ||
| Oracle | PeopleSoft | Oracle PeopleSoft versions 8.58, 8.59, 8.60, 9.2 | ||
| Oracle | Virtualization | Oracle Virtualization versions 6.1.x antérieures à 6.1.44 | ||
| Oracle | MySQL | Oracle MySQL versions 8.0.33 et antérieures | ||
| Oracle | Systems | Oracle Systems versions 10, 11 | ||
| Oracle | Virtualization | Oracle Virtualization versions 7.0.x antérieures à 7.0.8 | ||
| Oracle | MySQL | Oracle MySQL versions 5.7.41 et antérieures | ||
| Oracle | Weblogic | Oracle WebLogic Server versions 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Database Server 19c, 21c",
"product": {
"name": "Database Server",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle GraalVM Enterprise Edition: 20.3.8, 20.3.9, 21.3.4, 21.3.5, 22.3.0, 22.3.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle PeopleSoft versions 8.58, 8.59, 8.60, 9.2",
"product": {
"name": "PeopleSoft",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Virtualization versions 6.1.x ant\u00e9rieures \u00e0 6.1.44",
"product": {
"name": "Virtualization",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle MySQL versions 8.0.33 et ant\u00e9rieures",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Systems versions 10, 11",
"product": {
"name": "Systems",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Virtualization versions 7.0.x ant\u00e9rieures \u00e0 7.0.8",
"product": {
"name": "Virtualization",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle MySQL versions 5.7.41 et ant\u00e9rieures",
"product": {
"name": "MySQL",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle WebLogic Server versions 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0",
"product": {
"name": "Weblogic",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21916"
},
{
"name": "CVE-2023-21985",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21985"
},
{
"name": "CVE-2023-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21979"
},
{
"name": "CVE-2023-21986",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21986"
},
{
"name": "CVE-2020-14343",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14343"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2023-21940",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21940"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2023-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21962"
},
{
"name": "CVE-2022-31160",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31160"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2023-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21917"
},
{
"name": "CVE-2023-21984",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21984"
},
{
"name": "CVE-2023-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21956"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21945"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2023-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21966"
},
{
"name": "CVE-2023-21947",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21947"
},
{
"name": "CVE-2023-22002",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22002"
},
{
"name": "CVE-2023-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21981"
},
{
"name": "CVE-2023-21987",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21987"
},
{
"name": "CVE-2023-21977",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21977"
},
{
"name": "CVE-2023-21971",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21971"
},
{
"name": "CVE-2023-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21999"
},
{
"name": "CVE-2023-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21928"
},
{
"name": "CVE-2023-21972",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21972"
},
{
"name": "CVE-2023-21960",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21960"
},
{
"name": "CVE-2021-37533",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37533"
},
{
"name": "CVE-2023-21990",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21990"
},
{
"name": "CVE-2023-22000",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22000"
},
{
"name": "CVE-2023-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21913"
},
{
"name": "CVE-2023-23918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23918"
},
{
"name": "CVE-2021-36090",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36090"
},
{
"name": "CVE-2023-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21963"
},
{
"name": "CVE-2023-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21980"
},
{
"name": "CVE-2020-6950",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6950"
},
{
"name": "CVE-2023-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21996"
},
{
"name": "CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"name": "CVE-2023-21953",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21953"
},
{
"name": "CVE-2023-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21934"
},
{
"name": "CVE-2023-22003",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22003"
},
{
"name": "CVE-2023-21998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21998"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2023-21946",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21946"
},
{
"name": "CVE-2023-21933",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21933"
},
{
"name": "CVE-2023-21931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21931"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2022-45143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45143"
},
{
"name": "CVE-2023-21896",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21896"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2023-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21964"
},
{
"name": "CVE-2021-22569",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22569"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2022-43548",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43548"
},
{
"name": "CVE-2023-21920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21920"
},
{
"name": "CVE-2022-45685",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45685"
},
{
"name": "CVE-2023-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21918"
},
{
"name": "CVE-2023-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21992"
},
{
"name": "CVE-2023-21911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21911"
},
{
"name": "CVE-2023-21976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21976"
},
{
"name": "CVE-2021-31684",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31684"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2023-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21991"
},
{
"name": "CVE-2023-21989",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21989"
},
{
"name": "CVE-2023-21982",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21982"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"name": "CVE-2023-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21935"
},
{
"name": "CVE-2020-25638",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25638"
},
{
"name": "CVE-2023-21955",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21955"
},
{
"name": "CVE-2023-21988",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21988"
},
{
"name": "CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"name": "CVE-2022-45047",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45047"
},
{
"name": "CVE-2022-36033",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36033"
},
{
"name": "CVE-2023-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21912"
},
{
"name": "CVE-2023-21929",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21929"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2023-22001",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22001"
},
{
"name": "CVE-2022-41881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41881"
},
{
"name": "CVE-2023-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21948"
},
{
"name": "CVE-2023-21919",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21919"
}
],
"initial_release_date": "2023-04-19T00:00:00",
"last_revision_date": "2023-04-20T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0325",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-04-19T00:00:00.000000"
},
{
"description": "Correction coquilles.",
"revision_date": "2023-04-20T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nOracle. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Oracle",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2023 du 18 avril 2023",
"url": "https://www.oracle.com/security-alerts/cpuapr2023.html"
}
]
}
CERTFR-2023-AVI-0276
Vulnerability from certfr_avis - Published: 2023-03-31 - Updated: 2023-03-31
De multiples vulnérabilités ont été découvertes dans IBM. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une élévation de privilèges, une atteinte à l'intégrité des données, un contournement de la politique de sécurité, une injection de code indirecte à distance (XSS), une exécution de code arbitraire à distance, un déni de service à distance et un problème de sécurité non spécifié par l'éditeur.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | WebSphere | IBM WebSphere Hybrid Edition 5.1 sans le correctif de sécurité APAR PH52925 | ||
| IBM | WebSphere | IBM WebSphere Automation versions antérieures à 1.5.2 | ||
| IBM | WebSphere | IBM WebSphere Application Server 9.0 sans le correctif de sécurité APAR PH52925 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions antérieures à 7.5.0 UP5 | ||
| IBM | Db2 | IBM Db2 Web Queryfor i versions 2.3.0 et 2.4.0 sans le correctif de sécurité 5733WQX | ||
| IBM | Spectrum | IBM Spectrum Protect Plus Server versions antérieures à 10.1.12.4 | ||
| IBM | N/A | IBM HTTP Server for i sans le correctif de sécurité 5770DG1 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions antérieures à 7.5.0 UP4 IF01 | ||
| IBM | QRadar User Behavior Analytics | QRadar User Behavior Analytics versions 1.0.0 à 4.1.10 antérieures à 4.1.11 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions antérieures à 7.4.3 FP9 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM WebSphere Hybrid Edition 5.1 sans le correctif de s\u00e9curit\u00e9 APAR PH52925",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Automation versions ant\u00e9rieures \u00e0 1.5.2",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Application Server 9.0 sans le correctif de s\u00e9curit\u00e9 APAR PH52925",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions ant\u00e9rieures \u00e0 7.5.0 UP5",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 Web Queryfor i versions 2.3.0 et 2.4.0 sans le correctif de s\u00e9curit\u00e9 5733WQX",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect Plus Server versions ant\u00e9rieures \u00e0 10.1.12.4",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM HTTP Server for i sans le correctif de s\u00e9curit\u00e9 5770DG1",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions ant\u00e9rieures \u00e0 7.5.0 UP4 IF01",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar User Behavior Analytics versions 1.0.0 \u00e0 4.1.10 ant\u00e9rieures \u00e0 4.1.11",
"product": {
"name": "QRadar User Behavior Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions ant\u00e9rieures \u00e0 7.4.3 FP9",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-28733",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28733"
},
{
"name": "CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2020-24025",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24025"
},
{
"name": "CVE-2021-21409",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21409"
},
{
"name": "CVE-2023-26283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26283"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-23825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23825"
},
{
"name": "CVE-2021-39227",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39227"
},
{
"name": "CVE-2021-23364",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23364"
},
{
"name": "CVE-2022-22971",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22971"
},
{
"name": "CVE-2021-37701",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37701"
},
{
"name": "CVE-2021-25220",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25220"
},
{
"name": "CVE-2022-2964",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2964"
},
{
"name": "CVE-2021-3677",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3677"
},
{
"name": "CVE-2018-19797",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19797"
},
{
"name": "CVE-2021-32804",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32804"
},
{
"name": "CVE-2018-19827",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19827"
},
{
"name": "CVE-2018-15494",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15494"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2018-11694",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11694"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2022-37603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37603"
},
{
"name": "CVE-2018-8036",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8036"
},
{
"name": "CVE-2022-25647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25647"
},
{
"name": "CVE-2022-29900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29900"
},
{
"name": "CVE-2022-29901",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29901"
},
{
"name": "CVE-2022-36364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36364"
},
{
"name": "CVE-2022-4883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4883"
},
{
"name": "CVE-2022-41966",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41966"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2020-13936",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13936"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2022-40153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40153"
},
{
"name": "CVE-2022-42252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42252"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2022-40149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40149"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2020-7764",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7764"
},
{
"name": "CVE-2022-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41946"
},
{
"name": "CVE-2022-25927",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25927"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2021-37713",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37713"
},
{
"name": "CVE-2021-42581",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42581"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"name": "CVE-2021-37712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37712"
},
{
"name": "CVE-2022-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21724"
},
{
"name": "CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"name": "CVE-2022-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40150"
},
{
"name": "CVE-2022-24999",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24999"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2019-10785",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10785"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2022-24823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24823"
},
{
"name": "CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2022-37601",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37601"
},
{
"name": "CVE-2022-40152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40152"
},
{
"name": "CVE-2021-3807",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3807"
},
{
"name": "CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"name": "CVE-2021-21295",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21295"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2021-23382",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23382"
},
{
"name": "CVE-2019-6286",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6286"
},
{
"name": "CVE-2022-2795",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2795"
},
{
"name": "CVE-2020-5259",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5259"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2021-26401",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26401"
},
{
"name": "CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"name": "CVE-2021-23450",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23450"
},
{
"name": "CVE-2018-19839",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19839"
},
{
"name": "CVE-2021-43797",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43797"
},
{
"name": "CVE-2021-32803",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32803"
},
{
"name": "CVE-2022-4254",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4254"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2023-22809",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22809"
},
{
"name": "CVE-2018-20821",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20821"
},
{
"name": "CVE-2022-45143",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45143"
},
{
"name": "CVE-2022-26373",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26373"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2019-6283",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6283"
},
{
"name": "CVE-2019-6284",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6284"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2022-25901",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25901"
},
{
"name": "CVE-2020-15366",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15366"
},
{
"name": "CVE-2022-22970",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22970"
},
{
"name": "CVE-2022-1552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1552"
},
{
"name": "CVE-2022-3676",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3676"
},
{
"name": "CVE-2022-42890",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42890"
},
{
"name": "CVE-2022-23437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23437"
},
{
"name": "CVE-2022-34917",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34917"
},
{
"name": "CVE-2021-23343",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23343"
},
{
"name": "CVE-2022-2588",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2588"
},
{
"name": "CVE-2022-43928",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43928"
},
{
"name": "CVE-2021-42740",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42740"
},
{
"name": "CVE-2021-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3918"
},
{
"name": "CVE-2018-20190",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20190"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2021-21290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21290"
},
{
"name": "CVE-2022-40156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40156"
},
{
"name": "CVE-2022-2625",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2625"
},
{
"name": "CVE-2022-40155",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40155"
},
{
"name": "CVE-2022-23816",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23816"
},
{
"name": "CVE-2022-31197",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31197"
},
{
"name": "CVE-2018-19838",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19838"
},
{
"name": "CVE-2022-37599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37599"
},
{
"name": "CVE-2021-23368",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23368"
},
{
"name": "CVE-2018-11698",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11698"
},
{
"name": "CVE-2021-29060",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29060"
},
{
"name": "CVE-2022-36033",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36033"
},
{
"name": "CVE-2021-3765",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3765"
},
{
"name": "CVE-2022-25758",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25758"
},
{
"name": "CVE-2021-23362",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23362"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2022-37598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37598"
},
{
"name": "CVE-2022-24839",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24839"
},
{
"name": "CVE-2022-40154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40154"
},
{
"name": "CVE-2022-41704",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41704"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
}
],
"initial_release_date": "2023-03-31T00:00:00",
"last_revision_date": "2023-03-31T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967365 du 20 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967365"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967333 du 30 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967333"
}
],
"reference": "CERTFR-2023-AVI-0276",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-03-31T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eIBM\u003c/span\u003e. Elles permettent \u00e0 un attaquant de provoquer\nune atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une \u00e9l\u00e9vation de\nprivil\u00e8ges, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es, un contournement de\nla politique de s\u00e9curit\u00e9, une injection de code indirecte \u00e0 distance\n(XSS), une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967016 du 29 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967016"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967283 du 15 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967283"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967333 du 20 mars 2023",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967285 du 28 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967285"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6966998 du 29 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6966998"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967315 du 30 mars 2023",
"url": "https://www.ibm.com/support/pages/node/6967315"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6967365 du 30 mars 2023",
"url": null
}
]
}
CERTFR-2024-AVI-0324
Vulnerability from certfr_avis - Published: 2024-04-18 - Updated: 2024-04-18
De multiples vulnérabilités ont été découvertes dans Oracle Systems. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Oracle | N/A | Oracle Solaris Cluster version 4 sans les derniers correctifs de sécurité | ||
| Oracle | N/A | Oracle StorageTek Tape Analytics (STA) version 2.5 sans les derniers correctifs de sécurité | ||
| Oracle | N/A | Oracle Solaris version 11 sans les derniers correctifs de sécurité | ||
| Oracle | N/A | Oracle ZFS Storage Appliance Kit version 8.8 sans les derniers correctifs de sécurité |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle Solaris Cluster version 4 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle StorageTek Tape Analytics (STA) version 2.5 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Solaris version 11 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle ZFS Storage Appliance Kit version 8.8 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"name": "CVE-2022-45688",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45688"
},
{
"name": "CVE-2021-36373",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36373"
},
{
"name": "CVE-2022-34381",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34381"
},
{
"name": "CVE-2024-21105",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21105"
},
{
"name": "CVE-2023-1436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1436"
},
{
"name": "CVE-2020-29508",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29508"
},
{
"name": "CVE-2021-36374",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36374"
},
{
"name": "CVE-2021-37533",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37533"
},
{
"name": "CVE-2024-21059",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21059"
},
{
"name": "CVE-2020-35164",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35164"
},
{
"name": "CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"name": "CVE-2023-20863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20863"
},
{
"name": "CVE-2022-42920",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42920"
},
{
"name": "CVE-2022-42890",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42890"
},
{
"name": "CVE-2024-21104",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21104"
},
{
"name": "CVE-2020-35166",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35166"
},
{
"name": "CVE-2020-35163",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35163"
},
{
"name": "CVE-2020-35168",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35168"
},
{
"name": "CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"name": "CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"name": "CVE-2022-36033",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36033"
},
{
"name": "CVE-2024-20999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20999"
},
{
"name": "CVE-2022-24839",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24839"
},
{
"name": "CVE-2022-41704",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41704"
},
{
"name": "CVE-2020-35167",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35167"
}
],
"initial_release_date": "2024-04-18T00:00:00",
"last_revision_date": "2024-04-18T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0324",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-04-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Systems.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Systems",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2024verbose du 16 avril 2024",
"url": "https://www.oracle.com/security-alerts/cpuapr2024verbose.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2024 du 16 avril 2024",
"url": "https://www.oracle.com/security-alerts/cpuapr2024.html"
}
]
}
CERTFR-2023-AVI-0597
Vulnerability from certfr_avis - Published: 2023-07-28 - Updated: 2023-07-28
De multiples vulnérabilités ont été découvertes dans IBM Cognos Analytics. Certaines d'entre elles permettent à un attaquant de provoquer une injection de code indirecte à distance (XSS), une atteinte à la confidentialité des données et une exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Cognos Analytics | IBM Cognos Analytics versions 11.1.x et 11.2.x antérieures à 11.2.4 Fix Pack 2 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Cognos Analytics versions 11.1.x et 11.2.x ant\u00e9rieures \u00e0 11.2.4 Fix Pack 2",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-45688",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45688"
},
{
"name": "CVE-2021-3869",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3869"
},
{
"name": "CVE-2023-29017",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29017"
},
{
"name": "CVE-2023-30547",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30547"
},
{
"name": "CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"name": "CVE-2023-29199",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29199"
},
{
"name": "CVE-2022-0239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0239"
},
{
"name": "CVE-2021-44550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44550"
},
{
"name": "CVE-2021-3878",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3878"
},
{
"name": "CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"name": "CVE-2022-0198",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0198"
},
{
"name": "CVE-2022-25881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25881"
},
{
"name": "CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"name": "CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"name": "CVE-2022-38752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
},
{
"name": "CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"name": "CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"name": "CVE-2022-36033",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36033"
},
{
"name": "CVE-2022-25893",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25893"
},
{
"name": "CVE-2022-36067",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36067"
}
],
"initial_release_date": "2023-07-28T00:00:00",
"last_revision_date": "2023-07-28T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0597",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-07-28T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans\u003cspan\nclass=\"textit\"\u003e IBM Cognos Analytics\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une injection de code indirecte \u00e0\ndistance (XSS), une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\nex\u00e9cution de code arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM Cognos Analytics",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7013893 du 27 juillet 2023",
"url": "https://www.ibm.com/support/pages/node/7013893"
}
]
}
FKIE_CVE-2022-36033
Vulnerability from fkie_nvd - Published: 2022-08-29 17:15 - Updated: 2024-11-21 07:12
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly sanitize HTML including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML including `javascript:` URLs that have been crafted with control characters will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is then possible. This issue is patched in jsoup 1.15.3. Users should upgrade to this version. Additionally, as the unsanitized input may have been persisted, old content should be cleaned again using the updated version. To remediate this issue without immediately upgrading: - disable `SafeList.preserveRelativeLinks`, which will rewrite input URLs as absolute URLs - ensure an appropriate [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) is defined. (This should be used regardless of upgrading, as a defence-in-depth best practice.)
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/jhy/jsoup/releases/tag/jsoup-1.15.3 | Release Notes, Third Party Advisory | |
| security-advisories@github.com | https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369 | Exploit, Third Party Advisory | |
| security-advisories@github.com | https://jsoup.org/news/release-1.15.3 | Release Notes, Vendor Advisory | |
| security-advisories@github.com | https://security.netapp.com/advisory/ntap-20221104-0006/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/jhy/jsoup/releases/tag/jsoup-1.15.3 | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jsoup.org/news/release-1.15.3 | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20221104-0006/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jsoup | jsoup | * | |
| netapp | management_services_for_element_software | - | |
| netapp | management_services_for_netapp_hci | - | |
| netapp | oncommand_workflow_automation | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jsoup:jsoup:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B8341769-FF52-45A1-B692-74C5E963BE4F",
"versionEndExcluding": "1.15.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86B51137-28D9-41F2-AFA2-3CC22B4954D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:management_services_for_netapp_hci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4455CF3A-CC91-4BE4-A7AB-929AC82E34F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly sanitize HTML including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML including `javascript:` URLs that have been crafted with control characters will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is then possible. This issue is patched in jsoup 1.15.3. Users should upgrade to this version. Additionally, as the unsanitized input may have been persisted, old content should be cleaned again using the updated version. To remediate this issue without immediately upgrading: - disable `SafeList.preserveRelativeLinks`, which will rewrite input URLs as absolute URLs - ensure an appropriate [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) is defined. (This should be used regardless of upgrading, as a defence-in-depth best practice.)"
},
{
"lang": "es",
"value": "jsoup es un analizador HTML de Java, construido para la edici\u00f3n, limpieza y raspado de HTML, y para la seguridad de vulnerabilidades de tipo cross-site scripting (XSS). jsoup puede sanear incorrectamente el HTML que incluye expresiones URL \"javascript:\", lo que podr\u00eda permitir ataques de tipo XSS cuando un lector hace clic posteriormente en ese enlace. Si la opci\u00f3n no predeterminada \"SafeList.preserveRelativeLinks\" est\u00e1 habilitada, el HTML que incluya expresiones URL \"javascript:\" que hayan sido dise\u00f1adas con caracteres de control no ser\u00e1 saneado. Si el sitio en el que es publicado este HTML no establece una pol\u00edtica de seguridad de contenidos, es posible un ataque de tipo XSS. Este problema ha sido corregido en jsoup versi\u00f3n 1.15.3. Los usuarios deber\u00edan actualizar a esta versi\u00f3n. Adem\u00e1s, como es posible que la entrada no saneada haya sido mantenido, el contenido antiguo debe limpiarse de nuevo usando la versi\u00f3n actualizada. Para mitigar este problema sin tener que actualizar inmediatamente - deshabilite \"SafeList.preserveRelativeLinks\", que reescribir\u00e1 las URLs de entrada como URLs absolutas - aseg\u00farese de que es definido una [Pol\u00edtica de Seguridad de Contenidos](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) apropiada. (Esto deber\u00eda usarse independientemente de la actualizaci\u00f3n, como mejor pr\u00e1ctica de defensa en profundidad)"
}
],
"id": "CVE-2022-36033",
"lastModified": "2024-11-21T07:12:13.753",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-29T17:15:08.523",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/jhy/jsoup/releases/tag/jsoup-1.15.3"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://jsoup.org/news/release-1.15.3"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20221104-0006/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/jhy/jsoup/releases/tag/jsoup-1.15.3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://jsoup.org/news/release-1.15.3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20221104-0006/"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-87"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-GP7F-RWCX-9369
Vulnerability from github – Published: 2022-09-01 22:14 – Updated: 2022-11-04 20:35
VLAI?
Summary
jsoup may not sanitize code injection XSS attempts if SafeList.preserveRelativeLinks is enabled
Details
jsoup may incorrectly sanitize HTML including javascript: URL expressions, which could allow cross-site scripting (XSS) attacks when a reader subsequently clicks that link. If the non-default SafeList.preserveRelativeLinks option is enabled, HTML including javascript: URLs that have been crafted with control characters will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is then possible.
Impact
Sites that accept input HTML from users and use jsoup to sanitize that HTML, may be vulnerable to cross-site scripting (XSS) attacks, if they have enabled SafeList.preserveRelativeLinks and do not set an appropriate Content Security Policy.
Patches
This issue is patched in jsoup 1.15.3.
Users should upgrade to this version. Additionally, as the unsanitized input may have been persisted, old content should be cleaned again using the updated version.
Workarounds
To remediate this issue without immediately upgrading:
- disable
SafeList.preserveRelativeLinks, which will rewrite input URLs as absolute URLs - ensure an appropriate Content Security Policy is defined. (This should be used regardless of upgrading, as a defence-in-depth best practice.)
Background and root cause
jsoup includes a Cleaner component, which is designed to sanitize input HTML against configurable safe-lists of acceptable tags, attributes, and attribute values.
This includes removing potentially malicious attributes such as <a href="javascript:...">, which may enable XSS attacks. It does this by validating URL attributes against allowed URL protocols (e.g. http, https).
However, an attacker may be able to bypass this check by embedding control characters into the href attribute value. This causes the Java URL class, which is used to resolve relative URLs to absolute URLs before checking the URL's protocol, to treat the URL as a relative URL. It is then resolved into an absolute URL with the configured base URI.
For example, java\tscript:... would resolve to https://example.com/java\tscript:....
By default, when using a safe-list that allows a tags, jsoup will rewrite any relative URLs (e.g. /foo/) to an absolute URL (e.g. https://example.com/foo/). Therefore, this attack attempt would be successfully mitigated. However, if the option SafeList.preserveRelativeLinks is enabled (which does not rewrite relative links to absolute), the input is left as-is.
While Java will treat a path like java\tscript: as a relative path, as it does not match the allowed characters of a URL spec, browsers may normalize out the control characters, and subsequently evaluate it as a javascript: spec inline expression. That disparity then leads to an XSS opportunity.
Sites defining a Content Security Policy that does not allow javascript expressions in link URLs will not be impacted, as the policy will prevent the script's execution.
For more information
If you have any questions or comments about this advisory: * Open an issue in jsoup * Email the author of jsoup at jonathan@hedley.net
Credits
Thanks to Jens Häderer, who reported this issue, and contributed to its resolution.
Severity ?
6.1 (Medium)
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.jsoup:jsoup"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.15.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-36033"
],
"database_specific": {
"cwe_ids": [
"CWE-79"
],
"github_reviewed": true,
"github_reviewed_at": "2022-09-01T22:14:57Z",
"nvd_published_at": "2022-08-29T17:15:00Z",
"severity": "MODERATE"
},
"details": "jsoup may incorrectly sanitize HTML including `javascript:` URL expressions, which could allow cross-site scripting (XSS) attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML including `javascript:` URLs that have been crafted with control characters will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is then possible.\n\n### Impact\nSites that accept input HTML from users and use jsoup to sanitize that HTML, may be vulnerable to cross-site scripting (XSS) attacks, if they have enabled `SafeList.preserveRelativeLinks` and do not set an appropriate Content Security Policy.\n\n### Patches\nThis issue is patched in jsoup 1.15.3.\n\nUsers should upgrade to this version. Additionally, as the unsanitized input may have been persisted, old content should be cleaned again using the updated version.\n\n### Workarounds\nTo remediate this issue without immediately upgrading:\n\n- disable `SafeList.preserveRelativeLinks`, which will rewrite input URLs as absolute URLs\n- ensure an appropriate [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) is defined. (This should be used regardless of upgrading, as a defence-in-depth best practice.)\n\n### Background and root cause\njsoup includes a [Cleaner](https://jsoup.org/apidocs/org/jsoup/safety/Cleaner.html) component, which is designed to [sanitize input HTML](https://jsoup.org/cookbook/cleaning-html/safelist-sanitizer) against configurable safe-lists of acceptable tags, attributes, and attribute values.\n\nThis includes removing potentially malicious attributes such as `\u003ca href=\"javascript:...\"\u003e`, which may enable XSS attacks. It does this by validating URL attributes against allowed URL protocols (e.g. `http`, `https`).\n\nHowever, an attacker may be able to bypass this check by embedding control characters into the href attribute value. This causes the Java URL class, which is used to resolve relative URLs to absolute URLs before checking the URL\u0027s protocol, to treat the URL as a relative URL. It is then resolved into an absolute URL with the configured base URI.\n\nFor example, `java\\tscript:...` would resolve to `https://example.com/java\\tscript:...`.\n\nBy default, when using a safe-list that allows `a` tags, jsoup will rewrite any relative URLs (e.g. `/foo/`) to an absolute URL (e.g. `https://example.com/foo/`). Therefore, this attack attempt would be successfully mitigated. However, if the option [SafeList.preserveRelativeLinks](https://jsoup.org/apidocs/org/jsoup/safety/Safelist.html#preserveRelativeLinks(boolean)) is enabled (which does not rewrite relative links to absolute), the input is left as-is.\n\nWhile Java will treat a path like `java\\tscript:` as a relative path, as it does not match the allowed characters of a URL spec, browsers may normalize out the control characters, and subsequently evaluate it as a `javascript:` spec inline expression. That disparity then leads to an XSS opportunity.\n\nSites defining a Content Security Policy that does not allow javascript expressions in link URLs will not be impacted, as the policy will prevent the script\u0027s execution.\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [jsoup](https://github.com/jhy/jsoup)\n* Email the author of jsoup at [jonathan@hedley.net](mailto:jonathan@hedley.net)\n\n### Credits\nThanks to Jens H\u00e4derer, who reported this issue, and contributed to its resolution.",
"id": "GHSA-gp7f-rwcx-9369",
"modified": "2022-11-04T20:35:22Z",
"published": "2022-09-01T22:14:57Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36033"
},
{
"type": "PACKAGE",
"url": "https://github.com/jhy/jsoup"
},
{
"type": "WEB",
"url": "https://github.com/jhy/jsoup/releases/tag/jsoup-1.15.3"
},
{
"type": "WEB",
"url": "https://jsoup.org/news/release-1.15.3"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20221104-0006"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "jsoup may not sanitize code injection XSS attempts if SafeList.preserveRelativeLinks is enabled"
}
GSD-2022-36033
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly sanitize HTML including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML including `javascript:` URLs that have been crafted with control characters will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is then possible. This issue is patched in jsoup 1.15.3. Users should upgrade to this version. Additionally, as the unsanitized input may have been persisted, old content should be cleaned again using the updated version. To remediate this issue without immediately upgrading: - disable `SafeList.preserveRelativeLinks`, which will rewrite input URLs as absolute URLs - ensure an appropriate [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) is defined. (This should be used regardless of upgrading, as a defence-in-depth best practice.)
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-36033",
"description": "jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly sanitize HTML including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML including `javascript:` URLs that have been crafted with control characters will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is then possible. This issue is patched in jsoup 1.15.3. Users should upgrade to this version. Additionally, as the unsanitized input may have been persisted, old content should be cleaned again using the updated version. To remediate this issue without immediately upgrading: - disable `SafeList.preserveRelativeLinks`, which will rewrite input URLs as absolute URLs - ensure an appropriate [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) is defined. (This should be used regardless of upgrading, as a defence-in-depth best practice.)",
"id": "GSD-2022-36033",
"references": [
"https://www.suse.com/security/cve/CVE-2022-36033.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-36033"
],
"details": "jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly sanitize HTML including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML including `javascript:` URLs that have been crafted with control characters will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is then possible. This issue is patched in jsoup 1.15.3. Users should upgrade to this version. Additionally, as the unsanitized input may have been persisted, old content should be cleaned again using the updated version. To remediate this issue without immediately upgrading: - disable `SafeList.preserveRelativeLinks`, which will rewrite input URLs as absolute URLs - ensure an appropriate [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) is defined. (This should be used regardless of upgrading, as a defence-in-depth best practice.)",
"id": "GSD-2022-36033",
"modified": "2023-12-13T01:19:21.516435Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-36033",
"STATE": "PUBLIC",
"TITLE": "jsoup may not sanitize Cross-Site Scripting (XSS) attempts if SafeList.preserveRelativeLinks is enabled"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "jsoup",
"version": {
"version_data": [
{
"version_value": "\u003c 1.15.3"
}
]
}
}
]
},
"vendor_name": "jhy"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly sanitize HTML including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML including `javascript:` URLs that have been crafted with control characters will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is then possible. This issue is patched in jsoup 1.15.3. Users should upgrade to this version. Additionally, as the unsanitized input may have been persisted, old content should be cleaned again using the updated version. To remediate this issue without immediately upgrading: - disable `SafeList.preserveRelativeLinks`, which will rewrite input URLs as absolute URLs - ensure an appropriate [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) is defined. (This should be used regardless of upgrading, as a defence-in-depth best practice.)"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-87: Improper Neutralization of Alternate XSS Syntax"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369",
"refsource": "CONFIRM",
"url": "https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369"
},
{
"name": "https://github.com/jhy/jsoup/releases/tag/jsoup-1.15.3",
"refsource": "MISC",
"url": "https://github.com/jhy/jsoup/releases/tag/jsoup-1.15.3"
},
{
"name": "https://jsoup.org/news/release-1.15.3",
"refsource": "MISC",
"url": "https://jsoup.org/news/release-1.15.3"
},
{
"name": "https://security.netapp.com/advisory/ntap-20221104-0006/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20221104-0006/"
}
]
},
"source": {
"advisory": "GHSA-gp7f-rwcx-9369",
"discovery": "UNKNOWN"
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "(,1.15.3)",
"affected_versions": "All versions before 1.15.3",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-79",
"CWE-937"
],
"date": "2022-12-08",
"description": "jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly sanitize HTML including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML including `javascript:` URLs that have been crafted with control characters will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is then possible. This issue is patched in jsoup 1.15.3. Users should upgrade to this version. Additionally, as the unsanitized input may have been persisted, old content should be cleaned again using the updated version. To remediate this issue without immediately upgrading: - disable `SafeList.preserveRelativeLinks`, which will rewrite input URLs as absolute URLs - ensure an appropriate [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) is defined. (This should be used regardless of upgrading, as a defence-in-depth best practice.)",
"fixed_versions": [
"1.15.3"
],
"identifier": "CVE-2022-36033",
"identifiers": [
"CVE-2022-36033",
"GHSA-gp7f-rwcx-9369"
],
"not_impacted": "",
"package_slug": "maven/org.jsoup/jsoup",
"pubdate": "2022-08-29",
"solution": "Upgrade to version 1.15.3 or above.",
"title": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2022-36033",
"https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369",
"https://github.com/jhy/jsoup/releases/tag/jsoup-1.15.3",
"https://jsoup.org/news/release-1.15.3"
],
"uuid": "5e790b26-f626-4539-96c3-4c4cfa7aa2da"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:jsoup:jsoup:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.15.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:management_services_for_netapp_hci:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-36033"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "jsoup is a Java HTML parser, built for HTML editing, cleaning, scraping, and cross-site scripting (XSS) safety. jsoup may incorrectly sanitize HTML including `javascript:` URL expressions, which could allow XSS attacks when a reader subsequently clicks that link. If the non-default `SafeList.preserveRelativeLinks` option is enabled, HTML including `javascript:` URLs that have been crafted with control characters will not be sanitized. If the site that this HTML is published on does not set a Content Security Policy, an XSS attack is then possible. This issue is patched in jsoup 1.15.3. Users should upgrade to this version. Additionally, as the unsanitized input may have been persisted, old content should be cleaned again using the updated version. To remediate this issue without immediately upgrading: - disable `SafeList.preserveRelativeLinks`, which will rewrite input URLs as absolute URLs - ensure an appropriate [Content Security Policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) is defined. (This should be used regardless of upgrading, as a defence-in-depth best practice.)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369",
"refsource": "CONFIRM",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369"
},
{
"name": "https://github.com/jhy/jsoup/releases/tag/jsoup-1.15.3",
"refsource": "MISC",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/jhy/jsoup/releases/tag/jsoup-1.15.3"
},
{
"name": "https://jsoup.org/news/release-1.15.3",
"refsource": "MISC",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://jsoup.org/news/release-1.15.3"
},
{
"name": "https://security.netapp.com/advisory/ntap-20221104-0006/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20221104-0006/"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
},
"lastModifiedDate": "2022-12-08T03:48Z",
"publishedDate": "2022-08-29T17:15Z"
}
}
}
CVE-2022-36033
Vulnerability from fstec - Published: 24.08.2022
VLAI Severity ?
Title
Уязвимость параметра SafeList.preserveRelativeLinks Java-библиотеки анализа, извлечения и управления данными в документах HTML jsoup, позволяющая нарушителю осуществлять межсайтовые сценарные атаки (XSS)
Description
Уязвимость параметра SafeList.preserveRelativeLinks Java-библиотеки анализа, извлечения и управления данными в документах HTML jsoup связана с непринятием мер по защите структуры веб-страницы. Эксплуатация уязвимости может позволить нарушителю осуществлять межсайтовые сценарные атаки (XSS)
Severity ?
Vendor
ООО «Ред Софт», Сообщество свободного программного обеспечения, Elastic NV, Google Inc
Software Name
РЕД ОС (запись в едином реестре российских программ №3751), jsoup, Logstash, Android Studio
Software Version
7.3 (РЕД ОС), до 1.15.3 (jsoup), до 8.12.1 (Logstash), 2025.2.3.9 (Android Studio)
Possible Mitigations
Использование рекомендаций производителя:
https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369
Для Logstash:
Организационные меры:
1. Ограничить использование программного средства
2. Использование аналогичного программного средства
Для РедОС: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
Reference
https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369
http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
CWE
CWE-87
{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:N",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Elastic NV, Google Inc",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "7.3 (\u0420\u0415\u0414 \u041e\u0421), \u0434\u043e 1.15.3 (jsoup), \u0434\u043e 8.12.1 (Logstash), 2025.2.3.9 (Android Studio)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369\n\n\u0414\u043b\u044f Logstash:\n\u041e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u043c\u0435\u0440\u044b:\n1. \u041e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\n2. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "24.08.2022",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "10.02.2026",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "26.08.2022",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2022-05314",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2022-36033",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "\u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), jsoup, Logstash, Android Studio",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 SafeList.preserveRelativeLinks Java-\u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u0430\u043d\u0430\u043b\u0438\u0437\u0430, \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0432 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u0445 HTML jsoup, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u044b\u0435 \u0441\u0446\u0435\u043d\u0430\u0440\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0438 (XSS)",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u0438\u0435 \u043c\u0435\u0440 \u043f\u043e \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0430\u043b\u044c\u0442\u0435\u0440\u043d\u0430\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0441\u0438\u043d\u0442\u0430\u043a\u0441\u0438\u0441\u0430 XSS (CWE-87)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 SafeList.preserveRelativeLinks Java-\u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u0430\u043d\u0430\u043b\u0438\u0437\u0430, \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0432 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u0445 HTML jsoup \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u0438\u0435\u043c \u043c\u0435\u0440 \u043f\u043e \u0437\u0430\u0449\u0438\u0442\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0432\u0435\u0431-\u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u043c\u0435\u0436\u0441\u0430\u0439\u0442\u043e\u0432\u044b\u0435 \u0441\u0446\u0435\u043d\u0430\u0440\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0438 (XSS)",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "\u0412 \u0445\u043e\u0434\u0435 \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f (\u0422\u041e1092) \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Logstash \u0431\u044b\u043b\u0438 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u044b \u043e\u043f\u0430\u0441\u043d\u044b\u0435 \u043a\u043e\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438, \u0430 \u0438\u043c\u0435\u043d\u043d\u043e \u043f\u043e\u043b\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0431\u0430\u043d\u043d\u0435\u0440\u044b",
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u043d\u044a\u0435\u043a\u0446\u0438\u044f",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369\nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-87",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,4)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,3)"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…