scalatestplus-play_2.12-3.1.2.jar: 25 vulnerabilities (highest severity is: 9.8)

[mend-for-github-com]

Vulnerable Library - scalatestplus-play_2.12-3.1.2.jar

Path to dependency file: /test/demo-helper/play-helper/build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/net.sourceforge.htmlunit/htmlunit/2.27/aea70f853583b0eadcaa6a0429595973036cc745/htmlunit-2.27.jar

Found in HEAD commit: 4e5656db54be4b22481fe3774c2caeba51bac190

Vulnerabilities

CVE	Severity	CVSS	Exploit Maturity	EPSS	Dependency	Type	Fixed in (scalatestplus-play_2.12 version)	Remediation Possible**	Reachability
CVE-2023-26119	Critical	9.8	Not Defined	1.6%	htmlunit-2.27.jar	Transitive	N/A*	❌
CVE-2017-7658	Critical	9.8	Not Defined	1.2%	jetty-http-9.4.5.v20170502.jar	Transitive	4.0.0	✅
CVE-2017-7657	Critical	9.8	Not Defined	0.70000005%	jetty-http-9.4.5.v20170502.jar	Transitive	4.0.0	✅
CVE-2020-5529	High	8.1	Not Defined	0.4%	htmlunit-2.27.jar	Transitive	N/A*	❌
WS-2021-0419	High	7.7	Not Defined		gson-2.8.0.jar	Transitive	N/A*	❌
WS-2014-0065	High	7.5	Not Defined		jna-platform-4.1.0.jar	Transitive	4.0.0	✅
CVE-2023-36478	High	7.5	Not Defined	0.2%	jetty-http-9.4.5.v20170502.jar	Transitive	N/A*	❌
CVE-2023-2798	High	7.5	Not Defined	0.1%	htmlunit-2.27.jar	Transitive	N/A*	❌
CVE-2022-34169	High	7.5	Not Defined	0.2%	xalan-2.7.2.jar	Transitive	N/A*	❌
CVE-2022-29546	High	7.5	Not Defined	0.1%	neko-htmlunit-2.27.jar	Transitive	N/A*	❌
CVE-2022-25647	High	7.5	Not Defined	0.2%	gson-2.8.0.jar	Transitive	N/A*	❌
CVE-2021-28165	High	7.5	Not Defined	80.2%	jetty-io-9.4.5.v20170502.jar	Transitive	N/A*	❌
CVE-2019-17598	High	7.5	Not Defined	0.2%	play-ws_2.12-2.6.5.jar	Transitive	3.1.3	✅
CVE-2012-0881	High	7.5	Not Defined	0.9%	xercesImpl-2.11.0.jar	Transitive	4.0.0	✅
CVE-2022-23437	Medium	6.5	Not Defined	0.4%	xercesImpl-2.11.0.jar	Transitive	N/A*	❌
CVE-2019-10241	Medium	6.1	Not Defined	0.5%	jetty-util-9.4.5.v20170502.jar	Transitive	5.0.0	✅
CVE-2013-4002	Medium	5.9	Not Defined	1.9%	xercesImpl-2.11.0.jar	Transitive	N/A*	❌
CVE-2020-15250	Medium	5.5	Not Defined	0.1%	junit-4.12.jar	Transitive	N/A*	❌
CVE-2023-40167	Medium	5.3	Not Defined	0.1%	jetty-http-9.4.5.v20170502.jar	Transitive	N/A*	❌
CVE-2023-26049	Medium	5.3	Not Defined	0.1%	jetty-http-9.4.5.v20170502.jar	Transitive	N/A*	❌
CVE-2021-28169	Medium	5.3	Not Defined	0.6%	jetty-http-9.4.5.v20170502.jar	Transitive	N/A*	❌
CVE-2020-14338	Medium	5.3	Not Defined	0.1%	xercesImpl-2.11.0.jar	Transitive	4.0.0	✅
CVE-2020-13956	Medium	5.3	Not Defined	0.2%	httpclient-4.5.3.jar	Transitive	N/A*	❌
CVE-2018-12536	Medium	5.3	Not Defined	0.3%	jetty-util-9.4.5.v20170502.jar	Transitive	4.0.0	✅
CVE-2022-2047	Low	2.7	Not Defined	0.1%	detected in multiple dependencies	Transitive	N/A*	❌

*For some transitive vulnerabilities, there is no version of direct dependency with a fix. Check the "Details" section below to see if there is a version of transitive dependency where vulnerability is fixed.

**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation

Details

Partial details (19 vulnerabilities) are displayed below due to a content size limitation in GitHub. To view information on the remaining vulnerabilities, navigate to the Mend Application.

CVE-2023-26119

Vulnerable Library - htmlunit-2.27.jar

A headless browser intended for use in testing web-based applications.

Library home page: http://htmlunit.sourceforge.net

Path to dependency file: /test/demo-helper/play-helper/build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/net.sourceforge.htmlunit/htmlunit/2.27/aea70f853583b0eadcaa6a0429595973036cc745/htmlunit-2.27.jar

Dependency Hierarchy:

• scalatestplus-play_2.12-3.1.2.jar (Root Library)
  • selenium-java-3.5.3.jar
    • ❌ htmlunit-2.27.jar (Vulnerable Library)

Found in HEAD commit: 4e5656db54be4b22481fe3774c2caeba51bac190

Found in base branch: main

Vulnerability Details

Versions of the package net.sourceforge.htmlunit:htmlunit from 0 and before 3.0.0 are vulnerable to Remote Code Execution (RCE) via XSTL, when browsing the attacker’s webpage.

Publish Date: 2023-04-03

URL: CVE-2023-26119

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 1.6%

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://www.cve.org/CVERecord?id=CVE-2023-26119

Release Date: 2023-04-03

Fix Resolution: net.sourceforge.htmlunit:htmlunit:3.0.0

CVE-2017-7658

Vulnerable Library - jetty-http-9.4.5.v20170502.jar

The Eclipse Jetty Project

Library home page: http://www.eclipse.org/jetty

Path to dependency file: /test/demo-helper/play-helper/build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.eclipse.jetty/jetty-http/9.4.5.v20170502/c51b8a6a67d64672889249dd958edd77bff8fc0c/jetty-http-9.4.5.v20170502.jar

Dependency Hierarchy:

• scalatestplus-play_2.12-3.1.2.jar (Root Library)
  • selenium-java-3.5.3.jar
    • ❌ jetty-http-9.4.5.v20170502.jar (Vulnerable Library)

Found in HEAD commit: 4e5656db54be4b22481fe3774c2caeba51bac190

Found in base branch: main

Vulnerability Details

In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization.

Publish Date: 2018-06-26

URL: CVE-2017-7658

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 1.2%

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7658

Release Date: 2018-06-26

Fix Resolution (org.eclipse.jetty:jetty-http): 9.4.11.v20180605

Direct dependency fix Resolution (org.scalatestplus.play:scalatestplus-play_2.12): 4.0.0

⛑️ Automatic Remediation will be attempted for this issue.

CVE-2017-7657

Vulnerable Library - jetty-http-9.4.5.v20170502.jar

The Eclipse Jetty Project

Library home page: http://www.eclipse.org/jetty

Path to dependency file: /test/demo-helper/play-helper/build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.eclipse.jetty/jetty-http/9.4.5.v20170502/c51b8a6a67d64672889249dd958edd77bff8fc0c/jetty-http-9.4.5.v20170502.jar

Dependency Hierarchy:

• scalatestplus-play_2.12-3.1.2.jar (Root Library)
  • selenium-java-3.5.3.jar
    • ❌ jetty-http-9.4.5.v20170502.jar (Vulnerable Library)

Found in HEAD commit: 4e5656db54be4b22481fe3774c2caeba51bac190

Found in base branch: main

Vulnerability Details

In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.

Publish Date: 2018-06-26

URL: CVE-2017-7657

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.70000005%

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668

Release Date: 2018-06-26

Fix Resolution (org.eclipse.jetty:jetty-http): 9.4.11.v20180605

Direct dependency fix Resolution (org.scalatestplus.play:scalatestplus-play_2.12): 4.0.0

⛑️ Automatic Remediation will be attempted for this issue.

CVE-2020-5529

Vulnerable Library - htmlunit-2.27.jar

A headless browser intended for use in testing web-based applications.

Library home page: http://htmlunit.sourceforge.net

Path to dependency file: /test/demo-helper/play-helper/build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/net.sourceforge.htmlunit/htmlunit/2.27/aea70f853583b0eadcaa6a0429595973036cc745/htmlunit-2.27.jar

Dependency Hierarchy:

• scalatestplus-play_2.12-3.1.2.jar (Root Library)
  • selenium-java-3.5.3.jar
    • ❌ htmlunit-2.27.jar (Vulnerable Library)

Found in HEAD commit: 4e5656db54be4b22481fe3774c2caeba51bac190

Found in base branch: main

Vulnerability Details

HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. HtmlUnit initializes Rhino engine improperly, hence a malicious JavScript code can execute arbitrary Java code on the application. Moreover, when embedded in Android application, Android-specific initialization of Rhino engine is done in an improper way, hence a malicious JavaScript code can execute arbitrary Java code on the application.

Publish Date: 2020-02-11

URL: CVE-2020-5529

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.4%

CVSS 3 Score Details (8.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Release Date: 2020-02-11

Fix Resolution: net.sourceforge.htmlunit:htmlunit:2.37.0

WS-2021-0419

Vulnerable Library - gson-2.8.0.jar

Gson JSON library

Library home page: https://github.com/google/gson

Path to dependency file: /test/demo-helper/play-helper/build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/com.google.code.gson/gson/2.8.0/c4ba5371a29ac9b2ad6129b1d39ea38750043eff/gson-2.8.0.jar

Dependency Hierarchy:

• scalatestplus-play_2.12-3.1.2.jar (Root Library)
  • selenium-java-3.5.3.jar
    • ❌ gson-2.8.0.jar (Vulnerable Library)

Found in HEAD commit: 4e5656db54be4b22481fe3774c2caeba51bac190

Found in base branch: main

Vulnerability Details

Denial of Service vulnerability was discovered in gson before 2.8.9 via the writeReplace() method.

Publish Date: 2021-10-11

URL: WS-2021-0419

Threat Assessment

Exploit Maturity: Not Defined

EPSS:

CVSS 3 Score Details (7.7)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: High
  • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Release Date: 2021-10-11

Fix Resolution: com.google.code.gson:gson:2.8.9

WS-2014-0065

Vulnerable Library - jna-platform-4.1.0.jar

Java Native Access Platform

Library home page: https://github.com/twall/jna

Path to dependency file: /test/demo-helper/play-helper/build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/net.java.dev.jna/jna-platform/4.1.0/23457ad1cf75c2c16763330de5565a0e67b4bc0a/jna-platform-4.1.0.jar

Dependency Hierarchy:

• scalatestplus-play_2.12-3.1.2.jar (Root Library)
  • selenium-java-3.5.3.jar
    • ❌ jna-platform-4.1.0.jar (Vulnerable Library)

Found in HEAD commit: 4e5656db54be4b22481fe3774c2caeba51bac190

Found in base branch: main

Vulnerability Details

JNA prior to 5.0.0 was discovered to contain an out-of-bounds read. Advapi32Util.registryGetValues does not terminate the returned string with null terminators. When it tries to identify the string content it searches for the next null-terminator and will read out-of-bounds of the buffer.

Publish Date: 2014-06-24

URL: WS-2014-0065

Threat Assessment

Exploit Maturity: Not Defined

EPSS:

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Release Date: 2014-06-24

Fix Resolution (net.java.dev.jna:jna-platform): 5.0.0

Direct dependency fix Resolution (org.scalatestplus.play:scalatestplus-play_2.12): 4.0.0

⛑️ Automatic Remediation will be attempted for this issue.

CVE-2023-36478

Vulnerable Library - jetty-http-9.4.5.v20170502.jar

The Eclipse Jetty Project

Library home page: http://www.eclipse.org/jetty

Path to dependency file: /test/demo-helper/play-helper/build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.eclipse.jetty/jetty-http/9.4.5.v20170502/c51b8a6a67d64672889249dd958edd77bff8fc0c/jetty-http-9.4.5.v20170502.jar

Dependency Hierarchy:

• scalatestplus-play_2.12-3.1.2.jar (Root Library)
  • selenium-java-3.5.3.jar
    • ❌ jetty-http-9.4.5.v20170502.jar (Vulnerable Library)

Found in HEAD commit: 4e5656db54be4b22481fe3774c2caeba51bac190

Found in base branch: main

Vulnerability Details

Eclipse Jetty provides a web server and servlet container. In versions 11.0.0 through 11.0.15, 10.0.0 through 10.0.15, and 9.0.0 through 9.4.52, an integer overflow in MetaDataBuilder.checkSize allows for HTTP/2 HPACK header values to
exceed their size limit. MetaDataBuilder.java determines if a header name or value exceeds the size limit, and throws an exception if the limit is exceeded. However, when length is very large and huffman is true, the multiplication by 4 in line 295
will overflow, and length will become negative. (_size+length) will now be negative, and the check on line 296 will not be triggered. Furthermore, MetaDataBuilder.checkSize allows for user-entered HPACK header value sizes to be negative, potentially leading to a very large buffer allocation later on when the user-entered size is multiplied by 2. This means that if a user provides a negative length value (or, more precisely, a length value which, when multiplied by the 4/3 fudge factor, is negative), and this length value is a very large positive number when multiplied by 2, then the user can cause a very large buffer to be allocated on the server. Users of HTTP/2 can be impacted by a remote denial of service attack. The issue has been fixed in versions 11.0.16, 10.0.16, and 9.4.53. There are no known workarounds.

Publish Date: 2023-10-10

URL: CVE-2023-36478

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.2%

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-wgh7-54f2-x98r

Release Date: 2023-10-10

Fix Resolution: org.eclipse.jetty.http2:http2-hpack:9.4.53.v20231009,10.0.16,11.0.16;org.eclipse.jetty.http3:http3-qpack:10.0.16,11.0.16;org.eclipse.jetty:jetty-http:9.4.53.v20231009,10.0.16,11.0.16

CVE-2023-2798

Vulnerable Library - htmlunit-2.27.jar

A headless browser intended for use in testing web-based applications.

Library home page: http://htmlunit.sourceforge.net

Path to dependency file: /test/demo-helper/play-helper/build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/net.sourceforge.htmlunit/htmlunit/2.27/aea70f853583b0eadcaa6a0429595973036cc745/htmlunit-2.27.jar

Dependency Hierarchy:

• scalatestplus-play_2.12-3.1.2.jar (Root Library)
  • selenium-java-3.5.3.jar
    • ❌ htmlunit-2.27.jar (Vulnerable Library)

Found in HEAD commit: 4e5656db54be4b22481fe3774c2caeba51bac190

Found in base branch: main

Vulnerability Details

Those using HtmlUnit to browse untrusted webpages may be vulnerable to Denial of service attacks (DoS). If HtmlUnit is running on user supplied web pages, an attacker may supply content that causes HtmlUnit to crash by a stack overflow. This effect may support a denial of service attack.This issue affects htmlunit before 2.70.0.

Publish Date: 2023-05-25

URL: CVE-2023-2798

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.1%

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Release Date: 2023-05-25

Fix Resolution: net.sourceforge.htmlunit:htmlunit:2.70.0

CVE-2022-34169

Vulnerable Library - xalan-2.7.2.jar

Xalan-Java is an XSLT processor for transforming XML documents into HTML, text, or other XML document types. It implements XSL Transformations (XSLT) Version 1.0 and XML Path Language (XPath) Version 1.0 and can be used from the command line, in an applet or a servlet, or as a module in other program.

Library home page: http://xml.apache.org/xalan-j/

Path to dependency file: /test/demo-helper/play-helper/build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/xalan/xalan/2.7.2/d55d3f02a56ec4c25695fe67e1334ff8c2ecea23/xalan-2.7.2.jar

Dependency Hierarchy:

• scalatestplus-play_2.12-3.1.2.jar (Root Library)
  • selenium-java-3.5.3.jar
    • ❌ xalan-2.7.2.jar (Vulnerable Library)

Found in HEAD commit: 4e5656db54be4b22481fe3774c2caeba51bac190

Found in base branch: main

Vulnerability Details

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.

Publish Date: 2022-07-19

URL: CVE-2022-34169

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.2%

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: High
  • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-9339-86wc-4qgf

Release Date: 2022-07-19

Fix Resolution: xalan:xalan:2.7.3

CVE-2022-29546

Vulnerable Library - neko-htmlunit-2.27.jar

HtmlUnit adaptation of NekoHtml. It has the same functionality but exposing HTMLElements to be overridden.

Library home page: http://htmlunit.sourceforge.net

Path to dependency file: /test/demo-helper/play-helper/build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/net.sourceforge.htmlunit/neko-htmlunit/2.27/a1afb1fd290cc6d076639d852b80943c10ace0a2/neko-htmlunit-2.27.jar

Dependency Hierarchy:

• scalatestplus-play_2.12-3.1.2.jar (Root Library)
  • selenium-java-3.5.3.jar
    • ❌ neko-htmlunit-2.27.jar (Vulnerable Library)

Found in HEAD commit: 4e5656db54be4b22481fe3774c2caeba51bac190

Found in base branch: main

Vulnerability Details

HtmlUnit NekoHtml Parser before 2.61.0 suffers from a denial of service vulnerability. Crafted input associated with the parsing of Processing Instruction (PI) data leads to heap memory consumption. This is similar to CVE-2022-28366 but affects a much later version of the product.

Publish Date: 2022-04-25

URL: CVE-2022-29546

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.1%

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Release Date: 2022-04-25

Fix Resolution: net.sourceforge.htmlunit:neko-htmlunit:2.61.0

CVE-2022-25647

Vulnerable Library - gson-2.8.0.jar

Gson JSON library

Library home page: https://github.com/google/gson

Path to dependency file: /test/demo-helper/play-helper/build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/com.google.code.gson/gson/2.8.0/c4ba5371a29ac9b2ad6129b1d39ea38750043eff/gson-2.8.0.jar

Dependency Hierarchy:

• scalatestplus-play_2.12-3.1.2.jar (Root Library)
  • selenium-java-3.5.3.jar
    • ❌ gson-2.8.0.jar (Vulnerable Library)

Found in HEAD commit: 4e5656db54be4b22481fe3774c2caeba51bac190

Found in base branch: main

Vulnerability Details

The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.

Publish Date: 2022-05-01

URL: CVE-2022-25647

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.2%

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25647`

Release Date: 2022-05-01

Fix Resolution: com.google.code.gson:gson:gson-parent-2.8.9

CVE-2021-28165

Vulnerable Library - jetty-io-9.4.5.v20170502.jar

The Eclipse Jetty Project

Library home page: http://www.eclipse.org/jetty

Path to dependency file: /test/demo-helper/play-helper/build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.eclipse.jetty/jetty-io/9.4.5.v20170502/76086f955d4e943396b8f340fd5bae3ce4da19d9/jetty-io-9.4.5.v20170502.jar

Dependency Hierarchy:

• scalatestplus-play_2.12-3.1.2.jar (Root Library)
  • selenium-java-3.5.3.jar
    • ❌ jetty-io-9.4.5.v20170502.jar (Vulnerable Library)

Found in HEAD commit: 4e5656db54be4b22481fe3774c2caeba51bac190

Found in base branch: main

Vulnerability Details

In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.

Publish Date: 2021-04-01

URL: CVE-2021-28165

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 80.2%

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-26vr-8j45-3r4w

Release Date: 2021-04-01

Fix Resolution: org.eclipse.jetty:jetty-io:9.4.39, org.eclipse.jetty:jetty-io:10.0.2, org.eclipse.jetty:jetty-io:11.0.2

CVE-2019-17598

Vulnerable Library - play-ws_2.12-2.6.5.jar

Play-WS

Path to dependency file: /test/demo-helper/play-helper/build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/com.typesafe.play/play-ws_2.12/2.6.5/47a852ed178ef948b3a1e93c1c0bb27a4602e647/play-ws_2.12-2.6.5.jar

Dependency Hierarchy:

• scalatestplus-play_2.12-3.1.2.jar (Root Library)
  • ❌ play-ws_2.12-2.6.5.jar (Vulnerable Library)

Found in HEAD commit: 4e5656db54be4b22481fe3774c2caeba51bac190

Found in base branch: main

Vulnerability Details

An issue was discovered in Lightbend Play Framework 2.5.x through 2.6.23. When configured to make requests using an authenticated HTTP proxy, play-ws may sometimes, typically under high load, when connecting to a target host using https, expose the proxy credentials to the target host.

Publish Date: 2020-08-24

URL: CVE-2019-17598

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.2%

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-442g-gcg6-mhm4

Release Date: 2020-08-24

Fix Resolution (com.typesafe.play:play-ws_2.12): 2.6.24

Direct dependency fix Resolution (org.scalatestplus.play:scalatestplus-play_2.12): 3.1.3

⛑️ Automatic Remediation will be attempted for this issue.

CVE-2012-0881

Vulnerable Library - xercesImpl-2.11.0.jar

Xerces2 is the next generation of high performance, fully compliant XML parsers in the Apache Xerces family. This new version of Xerces introduces the Xerces Native Interface (XNI), a complete framework for building parser components and configurations that is extremely modular and easy to program.

The Apache Xerces2 parser is the reference implementation of XNI but other parser components, configurations, and parsers can be written using the Xerces Native Interface. For complete design and implementation documents, refer to the XNI Manual.

Xerces2 is a fully conforming XML Schema 1.0 processor. A partial experimental implementation of the XML Schema 1.1 Structures and Datatypes Working Drafts (December 2009) and an experimental implementation of the XML Schema Definition Language (XSD): Component Designators (SCD) Candidate Recommendation (January 2010) are provided for evaluation. For more information, refer to the XML Schema page.

Xerces2 also provides a complete implementation of the Document Object Model Level 3 Core and Load/Save W3C Recommendations and provides a complete implementation of the XML Inclusions (XInclude) W3C Recommendation. It also provides support for OASIS XML Catalogs v1.1.

Xerces2 is able to parse documents written according to the XML 1.1 Recommendation, except that it does not yet provide an option to enable normalization checking as described in section 2.13 of this specification. It also handles namespaces according to the XML Namespaces 1.1 Recommendation, and will correctly serialize XML 1.1 documents if the DOM level 3 load/save APIs are in use.</p>

Library home page: https://xerces.apache.org/xerces2-j/

Path to dependency file: /test/demo-helper/play-helper/build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/xerces/xercesImpl/2.11.0/9bb329db1cfc4e22462c9d6b43a8432f5850e92c/xercesImpl-2.11.0.jar

Dependency Hierarchy:

• scalatestplus-play_2.12-3.1.2.jar (Root Library)
  • selenium-java-3.5.3.jar
    • ❌ xercesImpl-2.11.0.jar (Vulnerable Library)

Found in HEAD commit: 4e5656db54be4b22481fe3774c2caeba51bac190

Found in base branch: main

Vulnerability Details

Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service (CPU consumption) via a crafted message to an XML service, which triggers hash table collisions.

Publish Date: 2017-10-30

URL: CVE-2012-0881

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.9%

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0881

Release Date: 2017-10-30

Fix Resolution (xerces:xercesImpl): 2.12.0

Direct dependency fix Resolution (org.scalatestplus.play:scalatestplus-play_2.12): 4.0.0

⛑️ Automatic Remediation will be attempted for this issue.

CVE-2022-23437

Vulnerable Library - xercesImpl-2.11.0.jar

Xerces2 is the next generation of high performance, fully compliant XML parsers in the Apache Xerces family. This new version of Xerces introduces the Xerces Native Interface (XNI), a complete framework for building parser components and configurations that is extremely modular and easy to program.

The Apache Xerces2 parser is the reference implementation of XNI but other parser components, configurations, and parsers can be written using the Xerces Native Interface. For complete design and implementation documents, refer to the XNI Manual.

Xerces2 is a fully conforming XML Schema 1.0 processor. A partial experimental implementation of the XML Schema 1.1 Structures and Datatypes Working Drafts (December 2009) and an experimental implementation of the XML Schema Definition Language (XSD): Component Designators (SCD) Candidate Recommendation (January 2010) are provided for evaluation. For more information, refer to the XML Schema page.

Xerces2 also provides a complete implementation of the Document Object Model Level 3 Core and Load/Save W3C Recommendations and provides a complete implementation of the XML Inclusions (XInclude) W3C Recommendation. It also provides support for OASIS XML Catalogs v1.1.

Xerces2 is able to parse documents written according to the XML 1.1 Recommendation, except that it does not yet provide an option to enable normalization checking as described in section 2.13 of this specification. It also handles namespaces according to the XML Namespaces 1.1 Recommendation, and will correctly serialize XML 1.1 documents if the DOM level 3 load/save APIs are in use.</p>

Library home page: https://xerces.apache.org/xerces2-j/

Path to dependency file: /test/demo-helper/play-helper/build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/xerces/xercesImpl/2.11.0/9bb329db1cfc4e22462c9d6b43a8432f5850e92c/xercesImpl-2.11.0.jar

Dependency Hierarchy:

• scalatestplus-play_2.12-3.1.2.jar (Root Library)
  • selenium-java-3.5.3.jar
    • ❌ xercesImpl-2.11.0.jar (Vulnerable Library)

Found in HEAD commit: 4e5656db54be4b22481fe3774c2caeba51bac190

Found in base branch: main

Vulnerability Details

There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolonged duration. This vulnerability is present within XercesJ version 2.12.1 and the previous versions.

Publish Date: 2022-01-24

URL: CVE-2022-23437

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.4%

CVSS 3 Score Details (6.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-h65f-jvqw-m9fj

Release Date: 2022-01-24

Fix Resolution: xerces:xercesImpl:2.12.2

CVE-2019-10241

Vulnerable Library - jetty-util-9.4.5.v20170502.jar

Utility classes for Jetty

Library home page: http://www.eclipse.org/jetty

Path to dependency file: /test/demo-helper/play-helper/build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.eclipse.jetty/jetty-util/9.4.5.v20170502/5fd36dfcf39110b809bd9b20cec62706ab694711/jetty-util-9.4.5.v20170502.jar

Dependency Hierarchy:

• scalatestplus-play_2.12-3.1.2.jar (Root Library)
  • selenium-java-3.5.3.jar
    • ❌ jetty-util-9.4.5.v20170502.jar (Vulnerable Library)

Found in HEAD commit: 4e5656db54be4b22481fe3774c2caeba51bac190

Found in base branch: main

Vulnerability Details

In Eclipse Jetty version 9.2.26 and older, 9.3.25 and older, and 9.4.15 and older, the server is vulnerable to XSS conditions if a remote client USES a specially formatted URL against the DefaultServlet or ResourceHandler that is configured for showing a Listing of directory contents.

Publish Date: 2019-04-22

URL: CVE-2019-10241

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.5%

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10241

Release Date: 2019-04-22

Fix Resolution (org.eclipse.jetty:jetty-util): 9.4.16.v20190411

Direct dependency fix Resolution (org.scalatestplus.play:scalatestplus-play_2.12): 5.0.0

⛑️ Automatic Remediation will be attempted for this issue.

CVE-2013-4002

Vulnerable Library - xercesImpl-2.11.0.jar

Xerces2 is the next generation of high performance, fully compliant XML parsers in the Apache Xerces family. This new version of Xerces introduces the Xerces Native Interface (XNI), a complete framework for building parser components and configurations that is extremely modular and easy to program.

The Apache Xerces2 parser is the reference implementation of XNI but other parser components, configurations, and parsers can be written using the Xerces Native Interface. For complete design and implementation documents, refer to the XNI Manual.

Xerces2 is a fully conforming XML Schema 1.0 processor. A partial experimental implementation of the XML Schema 1.1 Structures and Datatypes Working Drafts (December 2009) and an experimental implementation of the XML Schema Definition Language (XSD): Component Designators (SCD) Candidate Recommendation (January 2010) are provided for evaluation. For more information, refer to the XML Schema page.

Xerces2 also provides a complete implementation of the Document Object Model Level 3 Core and Load/Save W3C Recommendations and provides a complete implementation of the XML Inclusions (XInclude) W3C Recommendation. It also provides support for OASIS XML Catalogs v1.1.

Xerces2 is able to parse documents written according to the XML 1.1 Recommendation, except that it does not yet provide an option to enable normalization checking as described in section 2.13 of this specification. It also handles namespaces according to the XML Namespaces 1.1 Recommendation, and will correctly serialize XML 1.1 documents if the DOM level 3 load/save APIs are in use.</p>

Library home page: https://xerces.apache.org/xerces2-j/

Path to dependency file: /test/demo-helper/play-helper/build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/xerces/xercesImpl/2.11.0/9bb329db1cfc4e22462c9d6b43a8432f5850e92c/xercesImpl-2.11.0.jar

Dependency Hierarchy:

• scalatestplus-play_2.12-3.1.2.jar (Root Library)
  • selenium-java-3.5.3.jar
    • ❌ xercesImpl-2.11.0.jar (Vulnerable Library)

Found in HEAD commit: 4e5656db54be4b22481fe3774c2caeba51bac190

Found in base branch: main

Vulnerability Details

XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names.

Publish Date: 2013-07-23

URL: CVE-2013-4002

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 1.9%

CVSS 3 Score Details (5.9)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4002

Release Date: 2013-07-23

Fix Resolution: xerces:xercesImpl:Xerces-J_2_12_0

CVE-2020-15250

Vulnerable Library - junit-4.12.jar

JUnit is a unit testing framework for Java, created by Erich Gamma and Kent Beck.

Library home page: http://junit.org

Path to dependency file: /test/demo-helper/play-helper/build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/junit/junit/4.12/2973d150c0dc1fefe998f834810d68f278ea58ec/junit-4.12.jar

Dependency Hierarchy:

• scalatestplus-play_2.12-3.1.2.jar (Root Library)
  • selenium-java-3.5.3.jar
    • ❌ junit-4.12.jar (Vulnerable Library)

Found in HEAD commit: 4e5656db54be4b22481fe3774c2caeba51bac190

Found in base branch: main

Vulnerability Details

In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability does not allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. This vulnerability impacts you if the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder, and the JUnit tests execute in an environment where the OS has other untrusted users. Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. For Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. For Java 1.6 and lower users: no patch is available, you must use the workaround below. If you are unable to patch, or are stuck running on Java 1.6, specifying the java.io.tmpdir system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. For more information, including an example of vulnerable code, see the referenced GitHub Security Advisory.

Publish Date: 2020-10-12

URL: CVE-2020-15250

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.1%

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-269g-pwp5-87pp

Release Date: 2020-10-12

Fix Resolution: junit:junit:4.13.1

CVE-2023-40167

Vulnerable Library - jetty-http-9.4.5.v20170502.jar

The Eclipse Jetty Project

Library home page: http://www.eclipse.org/jetty

Path to dependency file: /test/demo-helper/play-helper/build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.eclipse.jetty/jetty-http/9.4.5.v20170502/c51b8a6a67d64672889249dd958edd77bff8fc0c/jetty-http-9.4.5.v20170502.jar

Dependency Hierarchy:

• scalatestplus-play_2.12-3.1.2.jar (Root Library)
  • selenium-java-3.5.3.jar
    • ❌ jetty-http-9.4.5.v20170502.jar (Vulnerable Library)

Found in HEAD commit: 4e5656db54be4b22481fe3774c2caeba51bac190

Found in base branch: main

Vulnerability Details

Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts the + character proceeding the content-length value in a HTTP/1 header field. This is more permissive than allowed by the RFC and other servers routinely reject such requests with 400 responses. There is no known exploit scenario, but it is conceivable that request smuggling could result if jetty is used in combination with a server that does not close the connection after sending such a 400 response. Versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1 contain a patch for this issue. There is no workaround as there is no known exploit scenario.

Publish Date: 2023-09-15

URL: CVE-2023-40167

Threat Assessment

Exploit Maturity: Not Defined

EPSS: 0.1%

CVSS 3 Score Details (5.3)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: Low
  • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-hmr7-m48g-48f6

Release Date: 2023-09-15

Fix Resolution: org.eclipse.jetty:jetty-http:9.4.52.v20230823,10.0.16,11.0.16,12.0.1

---

⛑️Automatic Remediation will be attempted for this issue.