CVE-2019-10219 – hibernate-validator: safeHTML validator allows XSS
https://notcve.org/view.php?id=CVE-2019-10219
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack. Una vulnerabilidad fue encontrada en Hibernate-Validator. La anotación del validador SafeHtml no puede sanear apropiadamente las cargas útiles que consisten en código potencialmente malicioso en los comentarios e instrucciones HTML. • https://access.redhat.com/errata/RHSA-2020:0159 https://access.redhat.com/errata/RHSA-2020:0160 https://access.redhat.com/errata/RHSA-2020:0161 https://access.redhat.com/errata/RHSA-2020:0164 https://access.redhat.com/errata/RHSA-2020:0445 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219 https://lists.apache.org/thread.html/r4f8b4e2541be4234946e40d55859273a7eec0f4901e8080ce2406fe6%40%3Cnotifications.accumulo.apache.org%3E https://lists.apache.org/thread.html/r4f92d7f7682dcff92722fa947f9e6f8ba2227c5dc3e11ba0911 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2014-3558 – Validator: JSM bypass via ReflectionHelper
https://notcve.org/view.php?id=CVE-2014-3558
ReflectionHelper (org.hibernate.validator.util.ReflectionHelper) in Hibernate Validator 4.1.0 before 4.2.1, 4.3.x before 4.3.2, and 5.x before 5.1.2 allows attackers to bypass Java Security Manager (JSM) restrictions and execute restricted reflection calls via a crafted application. ReflectionHelper (org.hibernate.validator.util.ReflectionHelper) en Hibernate Validator 4.1.0 anterior a 4.2.1, 4.3.x anterior a 4.3.2, y 5.x anterior a 5.1.2 permite a atacantes evadir las restricciones de Java Security Manager (JSM) y ejecutar llamadas de reflección restringidas a través de una aplicación manipulada. It was discovered that the implementation of org.hibernate.validator.util.ReflectionHelper together with the permissions required to run Hibernate Validator under the Java Security Manager could allow a malicious application deployed in the same application container to execute several actions with escalated privileges, which might otherwise not be possible. This flaw could be used to perform various attacks, including but not restricted to, arbitrary code execution in systems that are otherwise secured by the Java Security Manager. • http://rhn.redhat.com/errata/RHSA-2014-1285.html http://rhn.redhat.com/errata/RHSA-2014-1286.html http://rhn.redhat.com/errata/RHSA-2014-1287.html http://rhn.redhat.com/errata/RHSA-2014-1288.html http://rhn.redhat.com/errata/RHSA-2015-0125.html http://rhn.redhat.com/errata/RHSA-2015-0720.html https://github.com/victims/victims-cve-db/blob/master/database/java/2014/3558.yaml https://hibernate.atlassian.net/browse/HV-912 https://access.redhat.com/security/cve/ • CWE-264: Permissions, Privileges, and Access Controls CWE-266: Incorrect Privilege Assignment •