Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Owasp Subscribe
Total 25 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-42575 2 Oracle, Owasp 3 Middleware Common Libraries And Tools, Primavera Unifier, Java Html Sanitizer 2023-02-24 7.5 HIGH 9.8 CRITICAL
The OWASP Java HTML Sanitizer before 20211018.1 does not properly enforce policies associated with the SELECT, STYLE, and OPTION elements.
CVE-2022-24891 3 Netapp, Oracle, Owasp 4 Active Iq Unified Manager, Oncommand Workflow Automation, Weblogic Server and 1 more 2023-02-23 4.3 MEDIUM 6.1 MEDIUM
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Prior to version 2.3.0.0, there is a potential for a cross-site scripting vulnerability in ESAPI caused by a incorrect regular expression for "onsiteURL" in the **antisamy-esapi.xml** configuration file that can cause "javascript:" URLs to fail to be correctly sanitized. This issue is patched in ESAPI 2.3.0.0. As a workaround, manually edit the **antisamy-esapi.xml** configuration files to change the "onsiteURL" regular expression. More information about remediation of the vulnerability, including the workaround, is available in the maintainers' release notes and security bulletin.
CVE-2022-23457 3 Netapp, Oracle, Owasp 4 Active Iq Unified Manager, Oncommand Workflow Automation, Weblogic Server and 1 more 2023-02-23 7.5 HIGH 9.8 CRITICAL
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Prior to version 2.3.0.0, the default implementation of `Validator.getValidDirectoryPath(String, String, File, boolean)` may incorrectly treat the tested input string as a child of the specified parent directory. This potentially could allow control-flow bypass checks to be defeated if an attack can specify the entire string representing the 'input' path. This vulnerability is patched in release 2.3.0.0 of ESAPI. As a workaround, it is possible to write one's own implementation of the Validator interface. However, maintainers do not recommend this.
CVE-2020-22669 2 Debian, Owasp 2 Debian Linux, Owasp Modsecurity Core Rule Set 2023-02-16 N/A 9.8 CRITICAL
Modsecurity owasp-modsecurity-crs 3.2.0 (Paranoia level at PL1) has a SQL injection bypass vulnerability. Attackers can use the comment characters and variable assignments in the SQL syntax to bypass Modsecurity WAF protection and implement SQL injection attacks on Web applications.
CVE-2021-35368 3 Debian, Fedoraproject, Owasp 3 Debian Linux, Fedora, Owasp Modsecurity Core Rule Set 2023-02-16 7.5 HIGH 9.8 CRITICAL
OWASP ModSecurity Core Rule Set 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.2 is affected by a Request Body Bypass via a trailing pathname.
CVE-2022-39958 3 Debian, Fedoraproject, Owasp 3 Debian Linux, Fedora, Owasp Modsecurity Core Rule Set 2023-02-16 N/A 7.5 HIGH
The OWASP ModSecurity Core Rule Set (CRS) is affected by a response body bypass to sequentially exfiltrate small and undetectable sections of data by repeatedly submitting an HTTP Range header field with a small byte range. A restricted resource, access to which would ordinarily be detected, may be exfiltrated from the backend, despite being protected by a web application firewall that uses CRS. Short subsections of a restricted resource may bypass pattern matching techniques and allow undetected access. The legacy CRS versions 3.0.x and 3.1.x are affected, as well as the currently supported versions 3.2.1 and 3.3.2. Integrators and users are advised to upgrade to 3.2.2 and 3.3.3 respectively and to configure a CRS paranoia level of 3 or higher.
CVE-2022-39956 3 Debian, Fedoraproject, Owasp 3 Debian Linux, Fedora, Owasp Modsecurity Core Rule Set 2023-02-16 N/A 9.8 CRITICAL
The OWASP ModSecurity Core Rule Set (CRS) is affected by a partial rule set bypass for HTTP multipart requests by submitting a payload that uses a character encoding scheme via the Content-Type or the deprecated Content-Transfer-Encoding multipart MIME header fields that will not be decoded and inspected by the web application firewall engine and the rule set. The multipart payload will therefore bypass detection. A vulnerable backend that supports these encoding schemes can potentially be exploited. The legacy CRS versions 3.0.x and 3.1.x are affected, as well as the currently supported versions 3.2.1 and 3.3.2. Integrators and users are advised upgrade to 3.2.2 and 3.3.3 respectively. The mitigation against these vulnerabilities depends on the installation of the latest ModSecurity version (v2.9.6 / v3.0.8).
CVE-2022-39955 3 Debian, Fedoraproject, Owasp 3 Debian Linux, Fedora, Owasp Modsecurity Core Rule Set 2023-02-16 N/A 9.8 CRITICAL
The OWASP ModSecurity Core Rule Set (CRS) is affected by a partial rule set bypass by submitting a specially crafted HTTP Content-Type header field that indicates multiple character encoding schemes. A vulnerable back-end can potentially be exploited by declaring multiple Content-Type "charset" names and therefore bypassing the configurable CRS Content-Type header "charset" allow list. An encoded payload can bypass CRS detection this way and may then be decoded by the backend. The legacy CRS versions 3.0.x and 3.1.x are affected, as well as the currently supported versions 3.2.1 and 3.3.2. Integrators and users are advised to upgrade to 3.2.2 and 3.3.3 respectively.
CVE-2022-39957 3 Debian, Fedoraproject, Owasp 3 Debian Linux, Fedora, Owasp Modsecurity Core Rule Set 2023-02-16 N/A 7.5 HIGH
The OWASP ModSecurity Core Rule Set (CRS) is affected by a response body bypass. A client can issue an HTTP Accept header field containing an optional "charset" parameter in order to receive the response in an encoded form. Depending on the "charset", this response can not be decoded by the web application firewall. A restricted resource, access to which would ordinarily be detected, may therefore bypass detection. The legacy CRS versions 3.0.x and 3.1.x are affected, as well as the currently supported versions 3.2.1 and 3.3.2. Integrators and users are advised to upgrade to 3.2.2 and 3.3.3 respectively.
CVE-2018-16384 1 Owasp 1 Owasp Modsecurity Core Rule Set 2023-01-30 5.0 MEDIUM 7.5 HIGH
A SQL injection bypass (aka PL1 bypass) exists in OWASP ModSecurity Core Rule Set (owasp-modsecurity-crs) through v3.1.0-rc3 via {`a`b} where a is a special function name (such as "if") and b is the SQL statement to be executed.
CVE-2021-4247 1 Owasp 1 Nodegoat 2022-12-22 N/A 7.5 HIGH
A vulnerability has been found in OWASP NodeGoat and classified as problematic. This vulnerability affects unknown code of the file app/routes/research.js of the component Query Parameter Handler. The manipulation leads to denial of service. The attack can be initiated remotely. The name of the patch is 4a4d1db74c63fb4ff8d366551c3af006c25ead12. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216184.
CVE-2022-39350 1 Owasp 1 Dependency-track Frontend 2022-10-28 N/A N/A
@dependencytrack/frontend is a Single Page Application (SPA) used in Dependency-Track, an open source Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Due to the common practice of providing vulnerability details in markdown format, the Dependency-Track frontend renders them using the JavaScript library Showdown. Showdown does not have any XSS countermeasures built in, and versions before 4.6.1 of the Dependency-Track frontend did not encode or sanitize Showdown's output. This made it possible for arbitrary JavaScript included in vulnerability details via HTML attributes to be executed in context of the frontend. Actors with the `VULNERABILITY_MANAGEMENT` permission can exploit this weakness by creating or editing a custom vulnerability and providing XSS payloads in any of the following fields: Description, Details, Recommendation, or References. The payload will be executed for users with the `VIEW_PORTFOLIO` permission when browsing to the modified vulnerability's page. Alternatively, malicious JavaScript could be introduced via any of the vulnerability databases mirrored by Dependency-Track. However, this attack vector is highly unlikely, and the maintainers of Dependency-Track are not aware of any occurrence of this happening. Note that the `Vulnerability Details` element of the `Audit Vulnerabilities` tab in the project view is not affected. The issue has been fixed in frontend version 4.6.1.
CVE-2022-39351 1 Owasp 1 Dependency-track 2022-10-28 N/A 4.4 MEDIUM
Dependency-Track is a Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Prior to version 4.6.0, performing an API request using a valid API key with insufficient permissions causes the API key to be written to Dependency-Track's audit log in clear text. Actors with access to the audit log can exploit this flaw to gain access to valid API keys. The issue has been fixed in Dependency-Track 4.6.0. Instead of logging the entire API key, only the last 4 characters of the key will be logged. It is strongly recommended to check historic logs for occurrences of this behavior, and re-generating API keys in case of leakage.
CVE-2022-27820 1 Owasp 1 Zed Attack Proxy 2022-03-31 4.3 MEDIUM 4.0 MEDIUM
OWASP Zed Attack Proxy (ZAP) through w2022-03-21 does not verify the TLS certificate chain of an HTTPS server.
CVE-2021-28490 1 Owasp 1 Csrfguard 2021-08-24 6.8 MEDIUM 8.8 HIGH
In OWASP CSRFGuard through 3.1.0, CSRF can occur because the CSRF cookie may be retrieved by using only a session token.
CVE-2010-3300 1 Owasp 1 Enterprise Security Api For Java 2021-06-25 4.3 MEDIUM 5.9 MEDIUM
It was found that all OWASP ESAPI for Java up to version 2.0 RC2 are vulnerable to padding oracle attacks.
CVE-2021-23900 1 Owasp 1 Json-sanitizer 2021-01-19 5.0 MEDIUM 7.5 HIGH
OWASP json-sanitizer before 1.2.2 can output invalid JSON or throw an undeclared exception for crafted input. This may lead to denial of service if the application is not prepared to handle these situations.
CVE-2021-23899 1 Owasp 1 Json-sanitizer 2021-01-19 7.5 HIGH 9.8 CRITICAL
OWASP json-sanitizer before 1.2.2 may emit closing SCRIPT tags and CDATA section delimiters for crafted input. This allows an attacker to inject arbitrary HTML or XML into embedding documents.
CVE-2020-13973 1 Owasp 1 Json-sanitizer 2020-06-12 4.3 MEDIUM 6.1 MEDIUM
OWASP json-sanitizer before 1.2.1 allows XSS. An attacker who controls a substring of the input JSON, and controls another substring adjacent to a SCRIPT element in which the output is embedded as JavaScript, may be able to confuse the HTML parser as to where the SCRIPT element ends, and cause non-script content to be interpreted as JavaScript.
CVE-2019-1020007 1 Owasp 1 Dependency-track 2020-02-13 3.5 LOW 5.4 MEDIUM
Dependency-Track before 3.5.1 allows XSS.