dmyers87 / commercial-marketplace-saas-manual-on-boarding Goto Github PK

Vulnerable Library - azure.identity.1.3.0.nupkg

This is the implementation of the Azure SDK Client Library for Azure Identity

Library home page: https://api.nuget.org/packages/azure.identity.1.3.0.nupkg

Path to dependency file: /src/CommandCenter/CommandCenter.csproj

Path to vulnerable library: /home/wss-scanner/.nuget/packages/azure.identity/1.3.0/azure.identity.1.3.0.nupkg

Dependency Hierarchy:

• ercenk.microsoft.marketplace.1.0.0-preview5.nupkg (Root Library)
  • ❌ azure.identity.1.3.0.nupkg (Vulnerable Library)

Found in base branch: main

Vulnerability Details

Azure Identity Library for .NET Information Disclosure Vulnerability

Publish Date: 2024-04-09

URL: CVE-2024-29992

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: GHSA-wvxc-855f-jvrv

Release Date: 2024-04-09

Fix Resolution: Azure.Identity - 1.11.0

Vulnerable Library - system.text.regularexpressions.4.3.0.nupkg

Provides the System.Text.RegularExpressions.Regex class, an implementation of a regular expression e...

Library home page: https://api.nuget.org/packages/system.text.regularexpressions.4.3.0.nupkg

Path to dependency file: /src/CommandCenter/CommandCenter.csproj

Path to vulnerable library: /usr/share/dotnet/sdk/NuGetFallbackFolder/system.text.regularexpressions/4.3.0/system.text.regularexpressions.4.3.0.nupkg

Dependency Hierarchy:

• microsoft.azure.cosmos.table.1.0.8.nupkg (Root Library)
  • microsoft.azure.documentdb.core.2.11.2.nupkg
    • netstandard.library.1.6.1.nupkg
      • system.xml.xdocument.4.3.0.nupkg
        • system.xml.readerwriter.4.3.0.nupkg
          • ❌ system.text.regularexpressions.4.3.0.nupkg (Vulnerable Library)

Found in HEAD commit: b363cbedbe66b77c2fdc0201b10a4714fabf1499

Found in base branch: main

Vulnerability Details

A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka '.NET Framework and .NET Core Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981.
Mend Note: After conducting further research, Mend has determined that CVE-2019-0820 only affects environments with versions 4.3.0 and 4.3.1 only on netcore50 environment of system.text.regularexpressions.nupkg.

Publish Date: 2019-05-16

URL: CVE-2019-0820

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: GHSA-cmhx-cq75-c4mj

Release Date: 2019-05-16

Fix Resolution: System.Text.RegularExpressions - 4.3.1

Vulnerable Libraries - jquery.validate-1.17.0.js, jquery.validate-1.17.0.min.js

Found in HEAD commit: b363cbedbe66b77c2fdc0201b10a4714fabf1499

Found in base branch: main

Vulnerability Details

The jQuery Validation Plugin (jquery-validation) provides drop-in validation for forms. Versions of jquery-validation prior to 1.19.5 are vulnerable to regular expression denial of service (ReDoS) when an attacker is able to supply arbitrary input to the url2 method. This is due to an incomplete fix for CVE-2021-43306. Users should upgrade to version 1.19.5 to receive a patch.

Publish Date: 2022-07-14

URL: CVE-2022-31147

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: GHSA-ffmh-x56j-9rc3

Release Date: 2022-07-14

Fix Resolution: jquery-validation - 1.19.5

Vulnerable Libraries - jquery-3.3.1.min.js, jquery-3.3.1.js

Found in HEAD commit: b363cbedbe66b77c2fdc0201b10a4714fabf1499

Found in base branch: main

Vulnerability Details

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

Publish Date: 2020-04-29

URL: CVE-2020-11022

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11022

Release Date: 2020-04-29

Fix Resolution: jQuery - 3.5.0

Vulnerable Libraries - jquery-3.3.1.js, jquery-3.3.1.min.js

Found in HEAD commit: b363cbedbe66b77c2fdc0201b10a4714fabf1499

Found in base branch: main

Vulnerability Details

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype.

Publish Date: 2019-04-20

URL: CVE-2019-11358

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11358

Release Date: 2019-04-20

Fix Resolution: jquery - 3.4.0

Vulnerable Library - system.text.encodings.web.4.5.0.nupkg

Provides types for encoding and escaping strings for use in JavaScript, HyperText Markup Language (H...

Library home page: https://api.nuget.org/packages/system.text.encodings.web.4.5.0.nupkg

Path to dependency file: /src/CommandCenter/CommandCenter.csproj

Path to vulnerable library: /usr/share/dotnet/sdk/NuGetFallbackFolder/system.text.encodings.web/4.5.0/system.text.encodings.web.4.5.0.nupkg

Dependency Hierarchy:

• CommandCenter-1.0.0 (Root Library)
  • serilog.aspnetcore.4.0.0.nupkg
    • microsoft.aspnetcore.hosting.abstractions.2.2.0.nupkg
      • microsoft.aspnetcore.http.abstractions.2.2.0.nupkg
        • ❌ system.text.encodings.web.4.5.0.nupkg (Vulnerable Library)

Found in HEAD commit: b363cbedbe66b77c2fdc0201b10a4714fabf1499

Found in base branch: main

Vulnerability Details

.NET Core Remote Code Execution Vulnerability

Publish Date: 2021-02-25

URL: CVE-2021-26701

CVSS 3 Score Details (8.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Release Date: 2021-02-25

Fix Resolution: System.Text.Encodings.Web - 4.5.1,4.7.2,5.0.1

Vulnerable Libraries - jquery-3.3.1.js, jquery-3.3.1.min.js

Found in base branch: main

Vulnerability Details

Cross Site Scripting vulnerability in jQuery 2.2.0 through 3.x before 3.5.0 allows a remote attacker to execute arbitrary code via the element.

Publish Date: 2023-06-26

URL: CVE-2020-23064

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/

Release Date: 2023-06-26

Fix Resolution: jquery - 3.5.0

Vulnerable Libraries - jquery.validate-1.17.0.min.js, jquery.validate-1.17.0.js

Found in HEAD commit: b363cbedbe66b77c2fdc0201b10a4714fabf1499

Found in base branch: main

Vulnerability Details

The jQuery Validation Plugin provides drop-in validation for your existing forms. It is published as an npm package "jquery-validation". jquery-validation before version 1.19.3 contains one or more regular expressions that are vulnerable to ReDoS (Regular Expression Denial of Service). This is fixed in 1.19.3.

Publish Date: 2021-01-13

URL: CVE-2021-21252

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: GHSA-jxwx-85vp-gvwm

Release Date: 2021-01-13

Fix Resolution: jquery-validation - 1.19.3

Vulnerable Library - microsoft.aspnetcore.authentication.jwtbearer.5.0.0.nupkg

ASP.NET Core middleware that enables an application to receive an OpenID Connect bearer token.

This...

Library home page: https://api.nuget.org/packages/microsoft.aspnetcore.authentication.jwtbearer.5.0.0.nupkg

Path to dependency file: /src/CommandCenter/CommandCenter.csproj

Path to vulnerable library: /home/wss-scanner/.nuget/packages/microsoft.aspnetcore.authentication.jwtbearer/5.0.0/microsoft.aspnetcore.authentication.jwtbearer.5.0.0.nupkg

Dependency Hierarchy:

• CommandCenter-1.0.0 (Root Library)
  • microsoft.identity.web.ui.1.8.1.nupkg
    • microsoft.identity.web.1.8.1.nupkg
      • ❌ microsoft.aspnetcore.authentication.jwtbearer.5.0.0.nupkg (Vulnerable Library)

Found in HEAD commit: b363cbedbe66b77c2fdc0201b10a4714fabf1499

Found in base branch: main

Vulnerability Details

ASP.NET Core and Visual Studio Information Disclosure Vulnerability

Publish Date: 2021-08-12

URL: CVE-2021-34532

CVSS 3 Score Details (5.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Local
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: GHSA-q7cg-43mg-qp69

Release Date: 2021-08-12

Fix Resolution: Microsoft.AspNetCore.Authentication.JwtBearer - 2.1.30, 3.1.18, 5.0.9

Vulnerable Library - starkbank-ecdsa.1.2.0.nupkg

Pure C# implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) by Stark Bank

Library home page: https://api.nuget.org/packages/starkbank-ecdsa.1.2.0.nupkg

Path to dependency file: /src/CommandCenter/CommandCenter.csproj

Path to vulnerable library: /home/wss-scanner/.nuget/packages/starkbank-ecdsa/1.2.0/starkbank-ecdsa.1.2.0.nupkg

Dependency Hierarchy:

• sendgrid.9.22.0.nupkg (Root Library)
  • ❌ starkbank-ecdsa.1.2.0.nupkg (Vulnerable Library)

Found in base branch: main

Vulnerability Details

The verify function in the Stark Bank .NET ECDSA library (ecdsa-dotnet) 1.3.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages.

Publish Date: 2021-11-09

URL: CVE-2021-43569

CVSS 3 Score Details (9.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: GHSA-j3jw-j2j8-2wv9

Release Date: 2021-11-09

Fix Resolution: starkbank-ecdsa - 1.3.2

Vulnerable Libraries - system.identitymodel.tokens.jwt.6.7.1.nupkg, microsoft.identitymodel.jsonwebtokens.6.7.1.nupkg

Found in HEAD commit: b363cbedbe66b77c2fdc0201b10a4714fabf1499

Found in base branch: main

Vulnerability Details

Microsoft Identity Denial of service vulnerability

Publish Date: 2024-01-09

URL: CVE-2024-21319

CVSS 3 Score Details (6.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: High
  • User Interaction: None
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: GHSA-8g9c-28fc-mcx2

Release Date: 2024-01-09

Fix Resolution: System.IdentityModel.Tokens.Jwt - 5.7.0,6.34.0,7.1.2, Microsoft.IdentityModel.JsonWebTokens - 5.7.0,6.34.0,7.1.2

Vulnerable Library - azure.identity.1.3.0.nupkg

This is the implementation of the Azure SDK Client Library for Azure Identity

Library home page: https://api.nuget.org/packages/azure.identity.1.3.0.nupkg

Path to dependency file: /src/CommandCenter/CommandCenter.csproj

Path to vulnerable library: /home/wss-scanner/.nuget/packages/azure.identity/1.3.0/azure.identity.1.3.0.nupkg

Dependency Hierarchy:

• ercenk.microsoft.marketplace.1.0.0-preview5.nupkg (Root Library)
  • ❌ azure.identity.1.3.0.nupkg (Vulnerable Library)

Found in base branch: main

Vulnerability Details

Azure Identity SDK Remote Code Execution Vulnerability

Publish Date: 2023-10-10

URL: CVE-2023-36414

CVSS 3 Score Details (8.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: Low
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2023-36414

Release Date: 2023-10-10

Fix Resolution: Azure.Identity - 1.10.2

Vulnerable Library - microsoft.visualstudio.azure.containers.tools.targets.1.10.8.nupkg

Targets files to enable the Visual Studio Tools for Containers.

Library home page: https://api.nuget.org/packages/microsoft.visualstudio.azure.containers.tools.targets.1.10.8.nupkg

Path to dependency file: /src/CommandCenter/CommandCenter.csproj

Path to vulnerable library: /home/wss-scanner/.nuget/packages/microsoft.visualstudio.azure.containers.tools.targets/1.10.8/microsoft.visualstudio.azure.containers.tools.targets.1.10.8.nupkg,/zure.containers.tools.targets/1.10.8/microsoft.visualstudio.azure.containers.tools.targets.1.10.8.nupkg

Dependency Hierarchy:

• ❌ microsoft.visualstudio.azure.containers.tools.targets.1.10.8.nupkg (Vulnerable Library)

Found in HEAD commit: b363cbedbe66b77c2fdc0201b10a4714fabf1499

Found in base branch: main

Vulnerability Details

Newtonsoft.Json prior to version 13.0.1 is vulnerable to Insecure Defaults due to improper handling of expressions with high nesting level that lead to StackOverFlow exception or high CPU and RAM usage. Exploiting this vulnerability results in Denial Of Service (DoS). \n\nThe serialization and deserialization path have different properties regarding the issue.\n\nDeserializing methods (like JsonConvert.DeserializeObject) will process the input that results in burning the CPU, allocating memory, and consuming a thread of execution. Quite high nesting level (>10kk, or 9.5MB of {a:{a:{... input) is needed to achieve the latency over 10 seconds, depending on the hardware.\n\nSerializing methods (like JsonConvert.Serialize or JObject.ToString) will throw StackOverFlow exception with the nesting level of around 20k.\n\nTo mitigate the issue one either need to update Newtonsoft.Json to 13.0.1 or set MaxDepth parameter in the JsonSerializerSettings. This can be done globally with the following statement. After that the parsing of the nested input will fail fast with Newtonsoft.Json.JsonReaderException:\n\n \nJsonConvert.DefaultSettings = () => new JsonSerializerSettings { MaxDepth = 128 };\n\n\nRepro code:\n\n//Create a string representation of an highly nested object (JSON serialized)\nint nRep = 25000;\nstring json = string.Concat(Enumerable.Repeat(\"{a:\", nRep)) + \"1\" +\n string.Concat(Enumerable.Repeat(\"}\", nRep));\n\n//Parse this object (leads to high CPU/RAM consumption)\nvar parsedJson = JsonConvert.DeserializeObject(json);\n\n// Methods below all throw stack overflow with nRep around 20k and higher\n// string a = parsedJson.ToString();\n// string b = JsonConvert.SerializeObject(parsedJson);\n\n\n### Additional affected product and version information\nThe original statement about the problem only affecting IIS applications is misleading. Any application is affected, however the IIS has a behavior that stops restarting the instance after some time resulting in a harder-to-fix DoS.**

Publish Date: 2022-06-22

URL: WS-2022-0161

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Release Date: 2022-06-22

Fix Resolution: Newtonsoft.Json - 13.0.1;Microsoft.Extensions.ApiDescription.Server - 6.0.0

Vulnerable Libraries - coverlet.collector.3.0.2.nupkg, microsoft.visualstudio.azure.containers.tools.targets.1.10.8.nupkg, newtonsoft.json.12.0.2.nupkg

Found in base branch: main

Vulnerability Details

Newtonsoft.Json before version 13.0.1 is affected by a mishandling of exceptional conditions vulnerability. Crafted data that is passed to the JsonConvert.DeserializeObject method may trigger a StackOverflow exception resulting in denial of service. Depending on the usage of the library, an unauthenticated and remote attacker may be able to cause the denial of service condition.

Publish Date: 2024-01-03

URL: CVE-2024-21907

CVSS 3 Score Details (7.5)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: High

Suggested Fix

Type: Upgrade version

Origin: GHSA-5crp-9r3c-p9vr

Release Date: 2024-01-03

Fix Resolution: Newtonsoft.Json - 13.0.1

Vulnerable Libraries - jquery-3.3.1.js, jquery-3.3.1.min.js

Found in HEAD commit: b363cbedbe66b77c2fdc0201b10a4714fabf1499

Found in base branch: main

Vulnerability Details

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

Publish Date: 2020-04-29

URL: CVE-2020-11023

CVSS 3 Score Details (6.1)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope: Changed
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

Suggested Fix

Type: Upgrade version

Origin: https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6,https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md#440

Release Date: 2020-04-29

Fix Resolution: jquery - 3.5.0;jquery-rails - 4.4.0