cvelistv5 - CVE-2014-1972

CVE-2014-1972 (GCVE-0-2014-1972)

Vulnerability from cvelistv5

Published

2015-08-22 23:00

Modified

2024-08-06 09:58

Severity ?

CWE

Summary

Apache Tapestry before 5.3.6 relies on client-side object storage without checking whether a client has modified an object, which allows remote attackers to cause a denial of service (resource consumption) or execute arbitrary code via crafted serialized data.

References

URL	Tags
vultures@jpcert.or.jp	http://jvn.jp/en/jp/JVN17611367/index.html	Vendor Advisory
vultures@jpcert.or.jp	http://jvndb.jvn.jp/jvndb/JVNDB-2015-000118	Vendor Advisory
vultures@jpcert.or.jp	http://seclists.org/fulldisclosure/2019/Aug/20
vultures@jpcert.or.jp	http://www.openwall.com/lists/oss-security/2019/08/23/5
vultures@jpcert.or.jp	https://issues.apache.org/jira/browse/TAP5-2008
vultures@jpcert.or.jp	https://lists.apache.org/thread.html/84e99dedad2ecb4676de93c3ab73a8a10882951ab6984f514707f3d9%40%3Cusers.tapestry.apache.org%3E
vultures@jpcert.or.jp	https://lists.apache.org/thread.html/bac8d6f9e1b4059b319d9cba6f33219a99b81623476ec896138f851c%40%3Cusers.tapestry.apache.org%3E
vultures@jpcert.or.jp	https://lists.apache.org/thread.html/r7d9c54beb1dc97dcccc58d9b5d31f0f7166f9a25ad1beba5f8091e0c%40%3Ccommits.tapestry.apache.org%3E
vultures@jpcert.or.jp	https://lists.apache.org/thread.html/r87523dd07886223aa086edc25fe9b8ddb9c1090f7db25b068dc30843%40%3Ccommits.tapestry.apache.org%3E
vultures@jpcert.or.jp	https://tapestry.apache.org/release-notes-536.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://jvn.jp/en/jp/JVN17611367/index.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://jvndb.jvn.jp/jvndb/JVNDB-2015-000118	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2019/Aug/20
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2019/08/23/5
af854a3a-2127-422b-91ae-364da2661108	https://issues.apache.org/jira/browse/TAP5-2008
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/84e99dedad2ecb4676de93c3ab73a8a10882951ab6984f514707f3d9%40%3Cusers.tapestry.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/bac8d6f9e1b4059b319d9cba6f33219a99b81623476ec896138f851c%40%3Cusers.tapestry.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r7d9c54beb1dc97dcccc58d9b5d31f0f7166f9a25ad1beba5f8091e0c%40%3Ccommits.tapestry.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r87523dd07886223aa086edc25fe9b8ddb9c1090f7db25b068dc30843%40%3Ccommits.tapestry.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://tapestry.apache.org/release-notes-536.html	Vendor Advisory

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:58:15.657Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://tapestry.apache.org/release-notes-536.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.apache.org/jira/browse/TAP5-2008"
          },
          {
            "name": "JVN#17611367",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN17611367/index.html"
          },
          {
            "name": "JVNDB-2015-000118",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000118"
          },
          {
            "name": "[oss-security] 20190823 CVE-2019-10071: Timing Attack in HMAC Verification in Apache Tapestry",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/08/23/5"
          },
          {
            "name": "20190825 CVE-2019-10071: Timing Attack in HMAC Verification in Apache Tapestry",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2019/Aug/20"
          },
          {
            "name": "[tapestry-users] 20190913 Re: CVE-2019-10071: Apache Tapestry vulnerability disclosure",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/84e99dedad2ecb4676de93c3ab73a8a10882951ab6984f514707f3d9%40%3Cusers.tapestry.apache.org%3E"
          },
          {
            "name": "[tapestry-users] 20191007 Re: CVE-2019-10071: Apache Tapestry vulnerability disclosure",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/bac8d6f9e1b4059b319d9cba6f33219a99b81623476ec896138f851c%40%3Cusers.tapestry.apache.org%3E"
          },
          {
            "name": "[tapestry-commits] 20200111 svn commit: r1055136 [2/2] - in /websites/production/tapestry/content: cache/main.pageCache component-rendering.html content-type-and-markup.html dom.html https.html request-processing.html response-compression.html security.html url-rewriting.html",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r87523dd07886223aa086edc25fe9b8ddb9c1090f7db25b068dc30843%40%3Ccommits.tapestry.apache.org%3E"
          },
          {
            "name": "[tapestry-commits] 20200531 svn commit: r1061326 [4/4] - in /websites/production/tapestry/content: ./ cache/",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r7d9c54beb1dc97dcccc58d9b5d31f0f7166f9a25ad1beba5f8091e0c%40%3Ccommits.tapestry.apache.org%3E"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-08-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Apache Tapestry before 5.3.6 relies on client-side object storage without checking whether a client has modified an object, which allows remote attackers to cause a denial of service (resource consumption) or execute arbitrary code via crafted serialized data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-31T17:06:05",
        "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "shortName": "jpcert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://tapestry.apache.org/release-notes-536.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.apache.org/jira/browse/TAP5-2008"
        },
        {
          "name": "JVN#17611367",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN17611367/index.html"
        },
        {
          "name": "JVNDB-2015-000118",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000118"
        },
        {
          "name": "[oss-security] 20190823 CVE-2019-10071: Timing Attack in HMAC Verification in Apache Tapestry",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/08/23/5"
        },
        {
          "name": "20190825 CVE-2019-10071: Timing Attack in HMAC Verification in Apache Tapestry",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2019/Aug/20"
        },
        {
          "name": "[tapestry-users] 20190913 Re: CVE-2019-10071: Apache Tapestry vulnerability disclosure",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/84e99dedad2ecb4676de93c3ab73a8a10882951ab6984f514707f3d9%40%3Cusers.tapestry.apache.org%3E"
        },
        {
          "name": "[tapestry-users] 20191007 Re: CVE-2019-10071: Apache Tapestry vulnerability disclosure",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/bac8d6f9e1b4059b319d9cba6f33219a99b81623476ec896138f851c%40%3Cusers.tapestry.apache.org%3E"
        },
        {
          "name": "[tapestry-commits] 20200111 svn commit: r1055136 [2/2] - in /websites/production/tapestry/content: cache/main.pageCache component-rendering.html content-type-and-markup.html dom.html https.html request-processing.html response-compression.html security.html url-rewriting.html",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r87523dd07886223aa086edc25fe9b8ddb9c1090f7db25b068dc30843%40%3Ccommits.tapestry.apache.org%3E"
        },
        {
          "name": "[tapestry-commits] 20200531 svn commit: r1061326 [4/4] - in /websites/production/tapestry/content: ./ cache/",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r7d9c54beb1dc97dcccc58d9b5d31f0f7166f9a25ad1beba5f8091e0c%40%3Ccommits.tapestry.apache.org%3E"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2014-1972",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Apache Tapestry before 5.3.6 relies on client-side object storage without checking whether a client has modified an object, which allows remote attackers to cause a denial of service (resource consumption) or execute arbitrary code via crafted serialized data."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://tapestry.apache.org/release-notes-536.html",
              "refsource": "CONFIRM",
              "url": "https://tapestry.apache.org/release-notes-536.html"
            },
            {
              "name": "https://issues.apache.org/jira/browse/TAP5-2008",
              "refsource": "CONFIRM",
              "url": "https://issues.apache.org/jira/browse/TAP5-2008"
            },
            {
              "name": "JVN#17611367",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN17611367/index.html"
            },
            {
              "name": "JVNDB-2015-000118",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000118"
            },
            {
              "name": "[oss-security] 20190823 CVE-2019-10071: Timing Attack in HMAC Verification in Apache Tapestry",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/08/23/5"
            },
            {
              "name": "20190825 CVE-2019-10071: Timing Attack in HMAC Verification in Apache Tapestry",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2019/Aug/20"
            },
            {
              "name": "[tapestry-users] 20190913 Re: CVE-2019-10071: Apache Tapestry vulnerability disclosure",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/84e99dedad2ecb4676de93c3ab73a8a10882951ab6984f514707f3d9@%3Cusers.tapestry.apache.org%3E"
            },
            {
              "name": "[tapestry-users] 20191007 Re: CVE-2019-10071: Apache Tapestry vulnerability disclosure",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/bac8d6f9e1b4059b319d9cba6f33219a99b81623476ec896138f851c@%3Cusers.tapestry.apache.org%3E"
            },
            {
              "name": "[tapestry-commits] 20200111 svn commit: r1055136 [2/2] - in /websites/production/tapestry/content: cache/main.pageCache component-rendering.html content-type-and-markup.html dom.html https.html request-processing.html response-compression.html security.html url-rewriting.html",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r87523dd07886223aa086edc25fe9b8ddb9c1090f7db25b068dc30843@%3Ccommits.tapestry.apache.org%3E"
            },
            {
              "name": "[tapestry-commits] 20200531 svn commit: r1061326 [4/4] - in /websites/production/tapestry/content: ./ cache/",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r7d9c54beb1dc97dcccc58d9b5d31f0f7166f9a25ad1beba5f8091e0c@%3Ccommits.tapestry.apache.org%3E"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
    "assignerShortName": "jpcert",
    "cveId": "CVE-2014-1972",
    "datePublished": "2015-08-22T23:00:00",
    "dateReserved": "2014-02-17T00:00:00",
    "dateUpdated": "2024-08-06T09:58:15.657Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-1972\",\"sourceIdentifier\":\"vultures@jpcert.or.jp\",\"published\":\"2015-08-22T23:59:00.093\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Apache Tapestry before 5.3.6 relies on client-side object storage without checking whether a client has modified an object, which allows remote attackers to cause a denial of service (resource consumption) or execute arbitrary code via crafted serialized data.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad en Apache Tapestry en versiones anteriores a 5.3.6, conf\u00eda en el almacenamiento de objetos del lado del cliente sin comprobar si un cliente ha modificado un objeto, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de recursos) o ejecuci\u00f3n de c\u00f3digo arbitario a trav\u00e9s de datos serializados manipulados.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tapestry:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.3.5\",\"matchCriteriaId\":\"37A5ED8D-280E-48EA-BED5-84083DBC0015\"}]}]}],\"references\":[{\"url\":\"http://jvn.jp/en/jp/JVN17611367/index.html\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://jvndb.jvn.jp/jvndb/JVNDB-2015-000118\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/Aug/20\",\"source\":\"vultures@jpcert.or.jp\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/08/23/5\",\"source\":\"vultures@jpcert.or.jp\"},{\"url\":\"https://issues.apache.org/jira/browse/TAP5-2008\",\"source\":\"vultures@jpcert.or.jp\"},{\"url\":\"https://lists.apache.org/thread.html/84e99dedad2ecb4676de93c3ab73a8a10882951ab6984f514707f3d9%40%3Cusers.tapestry.apache.org%3E\",\"source\":\"vultures@jpcert.or.jp\"},{\"url\":\"https://lists.apache.org/thread.html/bac8d6f9e1b4059b319d9cba6f33219a99b81623476ec896138f851c%40%3Cusers.tapestry.apache.org%3E\",\"source\":\"vultures@jpcert.or.jp\"},{\"url\":\"https://lists.apache.org/thread.html/r7d9c54beb1dc97dcccc58d9b5d31f0f7166f9a25ad1beba5f8091e0c%40%3Ccommits.tapestry.apache.org%3E\",\"source\":\"vultures@jpcert.or.jp\"},{\"url\":\"https://lists.apache.org/thread.html/r87523dd07886223aa086edc25fe9b8ddb9c1090f7db25b068dc30843%40%3Ccommits.tapestry.apache.org%3E\",\"source\":\"vultures@jpcert.or.jp\"},{\"url\":\"https://tapestry.apache.org/release-notes-536.html\",\"source\":\"vultures@jpcert.or.jp\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://jvn.jp/en/jp/JVN17611367/index.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://jvndb.jvn.jp/jvndb/JVNDB-2015-000118\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/Aug/20\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/08/23/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://issues.apache.org/jira/browse/TAP5-2008\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/84e99dedad2ecb4676de93c3ab73a8a10882951ab6984f514707f3d9%40%3Cusers.tapestry.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/bac8d6f9e1b4059b319d9cba6f33219a99b81623476ec896138f851c%40%3Cusers.tapestry.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r7d9c54beb1dc97dcccc58d9b5d31f0f7166f9a25ad1beba5f8091e0c%40%3Ccommits.tapestry.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r87523dd07886223aa086edc25fe9b8ddb9c1090f7db25b068dc30843%40%3Ccommits.tapestry.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://tapestry.apache.org/release-notes-536.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

fkie_cve-2014-1972

Vulnerability from fkie_nvd

Published

2015-08-22 23:59

Modified

2025-04-12 10:46

Severity ?

Summary

References

URL	Tags
vultures@jpcert.or.jp	http://jvn.jp/en/jp/JVN17611367/index.html	Vendor Advisory
vultures@jpcert.or.jp	http://jvndb.jvn.jp/jvndb/JVNDB-2015-000118	Vendor Advisory
vultures@jpcert.or.jp	http://seclists.org/fulldisclosure/2019/Aug/20
vultures@jpcert.or.jp	http://www.openwall.com/lists/oss-security/2019/08/23/5
vultures@jpcert.or.jp	https://issues.apache.org/jira/browse/TAP5-2008
vultures@jpcert.or.jp	https://lists.apache.org/thread.html/84e99dedad2ecb4676de93c3ab73a8a10882951ab6984f514707f3d9%40%3Cusers.tapestry.apache.org%3E
vultures@jpcert.or.jp	https://lists.apache.org/thread.html/bac8d6f9e1b4059b319d9cba6f33219a99b81623476ec896138f851c%40%3Cusers.tapestry.apache.org%3E
vultures@jpcert.or.jp	https://lists.apache.org/thread.html/r7d9c54beb1dc97dcccc58d9b5d31f0f7166f9a25ad1beba5f8091e0c%40%3Ccommits.tapestry.apache.org%3E
vultures@jpcert.or.jp	https://lists.apache.org/thread.html/r87523dd07886223aa086edc25fe9b8ddb9c1090f7db25b068dc30843%40%3Ccommits.tapestry.apache.org%3E
vultures@jpcert.or.jp	https://tapestry.apache.org/release-notes-536.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://jvn.jp/en/jp/JVN17611367/index.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://jvndb.jvn.jp/jvndb/JVNDB-2015-000118	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2019/Aug/20
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2019/08/23/5
af854a3a-2127-422b-91ae-364da2661108	https://issues.apache.org/jira/browse/TAP5-2008
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/84e99dedad2ecb4676de93c3ab73a8a10882951ab6984f514707f3d9%40%3Cusers.tapestry.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/bac8d6f9e1b4059b319d9cba6f33219a99b81623476ec896138f851c%40%3Cusers.tapestry.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r7d9c54beb1dc97dcccc58d9b5d31f0f7166f9a25ad1beba5f8091e0c%40%3Ccommits.tapestry.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r87523dd07886223aa086edc25fe9b8ddb9c1090f7db25b068dc30843%40%3Ccommits.tapestry.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://tapestry.apache.org/release-notes-536.html	Vendor Advisory

Impacted products

	Vendor	Product	Version
	apache	tapestry	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:tapestry:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37A5ED8D-280E-48EA-BED5-84083DBC0015",
              "versionEndIncluding": "5.3.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Apache Tapestry before 5.3.6 relies on client-side object storage without checking whether a client has modified an object, which allows remote attackers to cause a denial of service (resource consumption) or execute arbitrary code via crafted serialized data."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad en Apache Tapestry en versiones anteriores a 5.3.6, conf\u00eda en el almacenamiento de objetos del lado del cliente sin comprobar si un cliente ha modificado un objeto, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de recursos) o ejecuci\u00f3n de c\u00f3digo arbitario a trav\u00e9s de datos serializados manipulados."
    }
  ],
  "id": "CVE-2014-1972",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-08-22T23:59:00.093",
  "references": [
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://jvn.jp/en/jp/JVN17611367/index.html"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000118"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "url": "http://seclists.org/fulldisclosure/2019/Aug/20"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "url": "http://www.openwall.com/lists/oss-security/2019/08/23/5"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "url": "https://issues.apache.org/jira/browse/TAP5-2008"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "url": "https://lists.apache.org/thread.html/84e99dedad2ecb4676de93c3ab73a8a10882951ab6984f514707f3d9%40%3Cusers.tapestry.apache.org%3E"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "url": "https://lists.apache.org/thread.html/bac8d6f9e1b4059b319d9cba6f33219a99b81623476ec896138f851c%40%3Cusers.tapestry.apache.org%3E"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "url": "https://lists.apache.org/thread.html/r7d9c54beb1dc97dcccc58d9b5d31f0f7166f9a25ad1beba5f8091e0c%40%3Ccommits.tapestry.apache.org%3E"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "url": "https://lists.apache.org/thread.html/r87523dd07886223aa086edc25fe9b8ddb9c1090f7db25b068dc30843%40%3Ccommits.tapestry.apache.org%3E"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tapestry.apache.org/release-notes-536.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://jvn.jp/en/jp/JVN17611367/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000118"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/fulldisclosure/2019/Aug/20"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2019/08/23/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.apache.org/jira/browse/TAP5-2008"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/84e99dedad2ecb4676de93c3ab73a8a10882951ab6984f514707f3d9%40%3Cusers.tapestry.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/bac8d6f9e1b4059b319d9cba6f33219a99b81623476ec896138f851c%40%3Cusers.tapestry.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r7d9c54beb1dc97dcccc58d9b5d31f0f7166f9a25ad1beba5f8091e0c%40%3Ccommits.tapestry.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r87523dd07886223aa086edc25fe9b8ddb9c1090f7db25b068dc30843%40%3Ccommits.tapestry.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tapestry.apache.org/release-notes-536.html"
    }
  ],
  "sourceIdentifier": "vultures@jpcert.or.jp",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-c438-8cvq-pxxx

Vulnerability from github

Published

2022-05-13 01:26

Modified

2023-08-07 20:22

Summary

Apache Tapestry Unsafe Object Storage

Details

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tapestry:tapestry-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.3.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2014-1972"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-502"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-08-07T20:22:29Z",
    "nvd_published_at": "2015-08-22T23:59:00Z",
    "severity": "HIGH"
  },
  "details": "Apache Tapestry before 5.3.6 relies on client-side object storage without checking whether a client has modified an object, which allows remote attackers to cause a denial of service (resource consumption) or execute arbitrary code via crafted serialized data.",
  "id": "GHSA-c438-8cvq-pxxx",
  "modified": "2023-08-07T20:22:29Z",
  "published": "2022-05-13T01:26:11Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1972"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tapestry-5/commit/5ad5257fdfacbad2c7c480fdf2afa15d9a37e6b0"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tapestry-5"
    },
    {
      "type": "WEB",
      "url": "https://issues.apache.org/jira/browse/TAP5-2008"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/84e99dedad2ecb4676de93c3ab73a8a10882951ab6984f514707f3d9@%3Cusers.tapestry.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/bac8d6f9e1b4059b319d9cba6f33219a99b81623476ec896138f851c@%3Cusers.tapestry.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r7d9c54beb1dc97dcccc58d9b5d31f0f7166f9a25ad1beba5f8091e0c@%3Ccommits.tapestry.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r87523dd07886223aa086edc25fe9b8ddb9c1090f7db25b068dc30843@%3Ccommits.tapestry.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://tapestry.apache.org/release-notes-536.html"
    },
    {
      "type": "WEB",
      "url": "http://jvn.jp/en/jp/JVN17611367/index.html"
    },
    {
      "type": "WEB",
      "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000118"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2019/Aug/20"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2019/08/23/5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "Apache Tapestry Unsafe Object Storage"
}

gsd-2014-1972

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aliases

CVE-2014-1972

Aliases

CVE-2014-1972

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2014-1972",
    "description": "Apache Tapestry before 5.3.6 relies on client-side object storage without checking whether a client has modified an object, which allows remote attackers to cause a denial of service (resource consumption) or execute arbitrary code via crafted serialized data.",
    "id": "GSD-2014-1972"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2014-1972"
      ],
      "details": "Apache Tapestry before 5.3.6 relies on client-side object storage without checking whether a client has modified an object, which allows remote attackers to cause a denial of service (resource consumption) or execute arbitrary code via crafted serialized data.",
      "id": "GSD-2014-1972",
      "modified": "2023-12-13T01:22:51.633105Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "vultures@jpcert.or.jp",
        "ID": "CVE-2014-1972",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Apache Tapestry before 5.3.6 relies on client-side object storage without checking whether a client has modified an object, which allows remote attackers to cause a denial of service (resource consumption) or execute arbitrary code via crafted serialized data."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://tapestry.apache.org/release-notes-536.html",
            "refsource": "CONFIRM",
            "url": "https://tapestry.apache.org/release-notes-536.html"
          },
          {
            "name": "https://issues.apache.org/jira/browse/TAP5-2008",
            "refsource": "CONFIRM",
            "url": "https://issues.apache.org/jira/browse/TAP5-2008"
          },
          {
            "name": "JVN#17611367",
            "refsource": "JVN",
            "url": "http://jvn.jp/en/jp/JVN17611367/index.html"
          },
          {
            "name": "JVNDB-2015-000118",
            "refsource": "JVNDB",
            "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000118"
          },
          {
            "name": "[oss-security] 20190823 CVE-2019-10071: Timing Attack in HMAC Verification in Apache Tapestry",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2019/08/23/5"
          },
          {
            "name": "20190825 CVE-2019-10071: Timing Attack in HMAC Verification in Apache Tapestry",
            "refsource": "FULLDISC",
            "url": "http://seclists.org/fulldisclosure/2019/Aug/20"
          },
          {
            "name": "[tapestry-users] 20190913 Re: CVE-2019-10071: Apache Tapestry vulnerability disclosure",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/84e99dedad2ecb4676de93c3ab73a8a10882951ab6984f514707f3d9@%3Cusers.tapestry.apache.org%3E"
          },
          {
            "name": "[tapestry-users] 20191007 Re: CVE-2019-10071: Apache Tapestry vulnerability disclosure",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/bac8d6f9e1b4059b319d9cba6f33219a99b81623476ec896138f851c@%3Cusers.tapestry.apache.org%3E"
          },
          {
            "name": "[tapestry-commits] 20200111 svn commit: r1055136 [2/2] - in /websites/production/tapestry/content: cache/main.pageCache component-rendering.html content-type-and-markup.html dom.html https.html request-processing.html response-compression.html security.html url-rewriting.html",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r87523dd07886223aa086edc25fe9b8ddb9c1090f7db25b068dc30843@%3Ccommits.tapestry.apache.org%3E"
          },
          {
            "name": "[tapestry-commits] 20200531 svn commit: r1061326 [4/4] - in /websites/production/tapestry/content: ./ cache/",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r7d9c54beb1dc97dcccc58d9b5d31f0f7166f9a25ad1beba5f8091e0c@%3Ccommits.tapestry.apache.org%3E"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "(,5.3.6)",
          "affected_versions": "All versions before 5.3.6",
          "cvss_v2": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "cwe_ids": [
            "CWE-1035",
            "CWE-399",
            "CWE-78",
            "CWE-937"
          ],
          "date": "2023-08-16",
          "description": "Apache Tapestry before 5.3.6 relies on client-side object storage without checking whether a client has modified an object, which allows remote attackers to cause a denial of service (resource consumption) or execute arbitrary code via crafted serialized data.",
          "fixed_versions": [
            "5.3.6"
          ],
          "identifier": "CVE-2014-1972",
          "identifiers": [
            "GHSA-c438-8cvq-pxxx",
            "CVE-2014-1972"
          ],
          "not_impacted": "All versions starting from 5.3.6",
          "package_slug": "maven/org.apache.tapestry/tapestry-core",
          "pubdate": "2022-05-13",
          "solution": "Upgrade to version 5.3.6 or above.",
          "title": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2014-1972",
            "https://issues.apache.org/jira/browse/TAP5-2008",
            "https://lists.apache.org/thread.html/84e99dedad2ecb4676de93c3ab73a8a10882951ab6984f514707f3d9@%3Cusers.tapestry.apache.org%3E",
            "https://lists.apache.org/thread.html/bac8d6f9e1b4059b319d9cba6f33219a99b81623476ec896138f851c@%3Cusers.tapestry.apache.org%3E",
            "https://lists.apache.org/thread.html/r7d9c54beb1dc97dcccc58d9b5d31f0f7166f9a25ad1beba5f8091e0c@%3Ccommits.tapestry.apache.org%3E",
            "https://lists.apache.org/thread.html/r87523dd07886223aa086edc25fe9b8ddb9c1090f7db25b068dc30843@%3Ccommits.tapestry.apache.org%3E",
            "https://tapestry.apache.org/release-notes-536.html",
            "http://jvn.jp/en/jp/JVN17611367/index.html",
            "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000118",
            "http://seclists.org/fulldisclosure/2019/Aug/20",
            "http://www.openwall.com/lists/oss-security/2019/08/23/5",
            "https://github.com/apache/tapestry-5/commit/5ad5257fdfacbad2c7c480fdf2afa15d9a37e6b0",
            "https://github.com/advisories/GHSA-c438-8cvq-pxxx"
          ],
          "uuid": "e565e5f1-f5f6-44df-9185-51f71f1573ce"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apache:tapestry:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "5.3.5",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "vultures@jpcert.or.jp",
          "ID": "CVE-2014-1972"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Apache Tapestry before 5.3.6 relies on client-side object storage without checking whether a client has modified an object, which allows remote attackers to cause a denial of service (resource consumption) or execute arbitrary code via crafted serialized data."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "JVNDB-2015-000118",
              "refsource": "JVNDB",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000118"
            },
            {
              "name": "https://tapestry.apache.org/release-notes-536.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://tapestry.apache.org/release-notes-536.html"
            },
            {
              "name": "JVN#17611367",
              "refsource": "JVN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://jvn.jp/en/jp/JVN17611367/index.html"
            },
            {
              "name": "https://issues.apache.org/jira/browse/TAP5-2008",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://issues.apache.org/jira/browse/TAP5-2008"
            },
            {
              "name": "[oss-security] 20190823 CVE-2019-10071: Timing Attack in HMAC Verification in Apache Tapestry",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2019/08/23/5"
            },
            {
              "name": "20190825 CVE-2019-10071: Timing Attack in HMAC Verification in Apache Tapestry",
              "refsource": "FULLDISC",
              "tags": [],
              "url": "http://seclists.org/fulldisclosure/2019/Aug/20"
            },
            {
              "name": "[tapestry-users] 20190913 Re: CVE-2019-10071: Apache Tapestry vulnerability disclosure",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/84e99dedad2ecb4676de93c3ab73a8a10882951ab6984f514707f3d9@%3Cusers.tapestry.apache.org%3E"
            },
            {
              "name": "[tapestry-users] 20191007 Re: CVE-2019-10071: Apache Tapestry vulnerability disclosure",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/bac8d6f9e1b4059b319d9cba6f33219a99b81623476ec896138f851c@%3Cusers.tapestry.apache.org%3E"
            },
            {
              "name": "[tapestry-commits] 20200111 svn commit: r1055136 [2/2] - in /websites/production/tapestry/content: cache/main.pageCache component-rendering.html content-type-and-markup.html dom.html https.html request-processing.html response-compression.html security.html url-rewriting.html",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/r87523dd07886223aa086edc25fe9b8ddb9c1090f7db25b068dc30843@%3Ccommits.tapestry.apache.org%3E"
            },
            {
              "name": "[tapestry-commits] 20200531 svn commit: r1061326 [4/4] - in /websites/production/tapestry/content: ./ cache/",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/r7d9c54beb1dc97dcccc58d9b5d31f0f7166f9a25ad1beba5f8091e0c@%3Ccommits.tapestry.apache.org%3E"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2020-05-31T18:15Z",
      "publishedDate": "2015-08-22T23:59Z"
    }
  }
}

cnvd-2015-05632

Vulnerability from cnvd

Title: Apache Tapestry拒绝服务漏洞

Description:

Apache Tapestry是美国阿帕奇（Apache）软件基金会所研发的一套用来创建基于Java的Web应用程序框架。

Apache Tapestry 5.3.6之前版本中存在安全漏洞，该漏洞源于程序在客户端存储对象时未能检查对象是否被篡改。远程攻击者可借助特制的序列化数据利用该漏洞造成拒绝服务（资源消耗），或执行任意代码。

Severity: 中

Patch Name: Apache Tapestry拒绝服务漏洞的补丁

Patch Description:

Apache Tapestry是美国阿帕奇（Apache）软件基金会所研发的一套用来创建基于Java的Web应用程序框架。Apache Tapestry 5.3.6之前版本中存在安全漏洞，该漏洞源于程序在客户端存储对象时未能检查对象是否被篡改。远程攻击者可借助特制的序列化数据利用该漏洞造成拒绝服务（资源消耗），或执行任意代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： https://tapestry.apache.org/release-notes-536.html

Reference: https://issues.apache.org/jira/browse/TAP5-2008 http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000118.html

Impacted products

Name
Apache Tapestry <5.3.6

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2014-1972"
    }
  },
  "description": "Apache Tapestry\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u6240\u7814\u53d1\u7684\u4e00\u5957\u7528\u6765\u521b\u5efa\u57fa\u4e8eJava\u7684Web\u5e94\u7528\u7a0b\u5e8f\u6846\u67b6\u3002\r\n\r\nApache Tapestry 5.3.6\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u5728\u5ba2\u6237\u7aef\u5b58\u50a8\u5bf9\u8c61\u65f6\u672a\u80fd\u68c0\u67e5\u5bf9\u8c61\u662f\u5426\u88ab\u7be1\u6539\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684\u5e8f\u5217\u5316\u6570\u636e\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u8d44\u6e90\u6d88\u8017\uff09\uff0c\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "Takeshi Terada of Mitsui Bussan Secure Directions, Inc.",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://tapestry.apache.org/release-notes-536.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-05632",
  "openTime": "2015-08-27",
  "patchDescription": "Apache Tapestry\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u6240\u7814\u53d1\u7684\u4e00\u5957\u7528\u6765\u521b\u5efa\u57fa\u4e8eJava\u7684Web\u5e94\u7528\u7a0b\u5e8f\u6846\u67b6\u3002Apache Tapestry 5.3.6\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u5728\u5ba2\u6237\u7aef\u5b58\u50a8\u5bf9\u8c61\u65f6\u672a\u80fd\u68c0\u67e5\u5bf9\u8c61\u662f\u5426\u88ab\u7be1\u6539\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684\u5e8f\u5217\u5316\u6570\u636e\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u8d44\u6e90\u6d88\u8017\uff09\uff0c\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Apache Tapestry\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Apache Tapestry \u003c5.3.6"
  },
  "referenceLink": "https://issues.apache.org/jira/browse/TAP5-2008\r\nhttp://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000118.html",
  "serverity": "\u4e2d",
  "submitTime": "2015-08-25",
  "title": "Apache Tapestry\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

CVE-2014-1972

Vulnerability from jvndb

Published

2015-08-20 15:53

Modified

2015-08-26 17:51

Severity ?

() - -

Summary

Apache Tapestry deserializes untrusted data

Details

Apache Tapestry contains a vulnerability where it may deserialize untrusted data. Apache Tapestry is a framework for creating Java web applications. Apache Tapestry contains an interface where client side serialized data sent to the server is deserialized after it is received by the server. This data serialization / deserialization process does not contain data validation. Therefore, if the serialized data is altered, the server will deserailze data without validating the data (CWE-502). Takeshi Terada of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

References

▼	Type	URL
	JVN	https://jvn.jp/en/jp/JVN17611367/index.html
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1972
	NVD	https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1972
	JPCERT	https://www.jpcert.or.jp/securecoding/2014/OracleJava-AtomicReferenceArray.pdf
	Related Information	https://www.securecoding.cert.org/confluence/display/java/SER02-J.+Sign+then+seal+sensitive+objects+before+sending+them+outside+a+trust+boundary;jsessionid=6418285E96FE6503CBFF59A54A87B1E7
	No Mapping(CWE-Other)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

▼	Vendor	Product
	Apache Software Foundation	Apache Tapestry

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000118.html",
  "dc:date": "2015-08-26T17:51+09:00",
  "dcterms:issued": "2015-08-20T15:53+09:00",
  "dcterms:modified": "2015-08-26T17:51+09:00",
  "description": "Apache Tapestry contains a vulnerability where it may deserialize untrusted data.\r\n\r\nApache Tapestry is a framework for creating Java web applications. Apache Tapestry contains an interface where client side serialized data sent to the server is deserialized after it is received by the server. This data serialization / deserialization process does not contain data validation. Therefore, if the serialized data is altered, the server will deserailze data without validating the data (CWE-502).\r\n\r\nTakeshi Terada of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000118.html",
  "sec:cpe": {
    "#text": "cpe:/a:apache:tapestry",
    "@product": "Apache Tapestry",
    "@vendor": "Apache Software Foundation",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "6.8",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2015-000118",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/jp/JVN17611367/index.html",
      "@id": "JVN#17611367",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1972",
      "@id": "CVE-2014-1972",
      "@source": "CVE"
    },
    {
      "#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1972",
      "@id": "CVE-2014-1972",
      "@source": "NVD"
    },
    {
      "#text": "https://www.jpcert.or.jp/securecoding/2014/OracleJava-AtomicReferenceArray.pdf",
      "@id": "OracleJava-AtomicReferenceArray.pdf",
      "@source": "JPCERT"
    },
    {
      "#text": "https://www.securecoding.cert.org/confluence/display/java/SER02-J.+Sign+then+seal+sensitive+objects+before+sending+them+outside+a+trust+boundary;jsessionid=6418285E96FE6503CBFF59A54A87B1E7",
      "@id": "SER02-J. Sign then seal sensitive objects before sending them outside a trust boundary",
      "@source": "Related Information"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-Other",
      "@title": "No Mapping(CWE-Other)"
    }
  ],
  "title": "Apache Tapestry deserializes untrusted data"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2014-1972 (GCVE-0-2014-1972)

Vulnerability from cvelistv5

fkie_cve-2014-1972

Vulnerability from fkie_nvd

ghsa-c438-8cvq-pxxx

Vulnerability from github

gsd-2014-1972

Vulnerability from gsd

cnvd-2015-05632

Vulnerability from cnvd

CVE-2014-1972

Vulnerability from jvndb

Tags

Sightings

Nomenclature