CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-39967 – Full read and controlled SSRF through URL parameter when testing a request inside wiremock-studio
https://notcve.org/view.php?id=CVE-2023-39967
06 Sep 2023 — WireMock is a tool for mocking HTTP services. When certain request URLs like “@127.0.0.1:1234" are used in WireMock Studio configuration fields, the request might be forwarded to an arbitrary service reachable from WireMock’s instance. There are 3 identified potential attack vectors: via “TestRequester” functionality, webhooks and the proxy mode. As we can control HTTP Method, HTTP Headers, HTTP Data, it allows sending requests with the default level of credentials for the WireMock instance. The vendor has ... • https://github.com/wiremock/wiremock/security/advisories/GHSA-676j-xrv3-73vc • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2023-41327 – Controlled SSRF through URL in the WireMock
https://notcve.org/view.php?id=CVE-2023-41327
06 Sep 2023 — WireMock is a tool for mocking HTTP services. WireMock can be configured to only permit proxying (and therefore recording) to certain addresses. This is achieved via a list of allowed address rules and a list of denied address rules, where the allowed list is evaluated first. Until WireMock Webhooks Extension 3.0.0-beta-15, the filtering of target addresses from the proxy mode DID NOT work for Webhooks, so the users were potentially vulnerable regardless of the `limitProxyTargets` settings. Via the WireMock... • https://github.com/wiremock/wiremock/releases/tag/3.0.0-beta-15 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-41329 – Domain restrictions bypass via DNS Rebinding in WireMock and WireMock Studio
https://notcve.org/view.php?id=CVE-2023-41329
06 Sep 2023 — WireMock is a tool for mocking HTTP services. The proxy mode of WireMock, can be protected by the network restrictions configuration, as documented in Preventing proxying to and recording from specific target addresses. These restrictions can be configured using the domain names, and in such a case the configuration is vulnerable to the DNS rebinding attacks. A similar patch was applied in WireMock 3.0.0-beta-15 for the WireMock Webhook Extensions. The root cause of the attack is a defect in the logic which... • https://github.com/wiremock/wiremock/security/advisories/GHSA-pmxq-pj47-j8j4 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-31444
https://notcve.org/view.php?id=CVE-2023-31444
28 Apr 2023 — In Talend Studio before 7.3.1-R2022-10 and 8.x before 8.0.1-R2022-09, microservices allow unauthenticated access to the Jolokia endpoint of the microservice. This allows for remote access to the JVM via the Jolokia JMX-HTTP bridge. • https://talend.com • CWE-306: Missing Authentication for Critical Function •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7472
https://notcve.org/view.php?id=CVE-2018-7472
25 Feb 2018 — INVT Studio 1.2 allows remote attackers to cause a denial of service during import operations. INVT Studio 1.2 permite que atacantes remotos provoquen una denegación de servicio (DoS) durante las operaciones de importación. • http://www.cnvd.org.cn/flaw/show/1205913 •
CVSS: 9.8EPSS: 2%CPEs: 6EXPL: 0CVE-2011-4315
https://notcve.org/view.php?id=CVE-2011-4315
08 Dec 2011 — Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response. Desbordamiento de búfer basado en memoria dinámica en el procesamiento de compresión puntero en core/ngx_resolver.c en nginx antes de v1.0.10 permite a resolvers remotos causar una denegación de servicio (caída del demonio) o posiblemente tener un impacto no especificado a ... • http://lists.fedoraproject.org/pipermail/package-announce/2011-December/070569.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2010-2427
https://notcve.org/view.php?id=CVE-2010-2427
22 Jul 2010 — VMware Studio 2.0 does not properly write to temporary files, which allows local users to gain privileges via unspecified vectors. VMware Studio v2.0 no escribe adecuadamente en los archivos temporales, lo cual permite a usuarios locales conseguir privilegios a través de vectores no especificados. • http://lists.vmware.com/pipermail/security-announce/2010/000101.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2010-2667
https://notcve.org/view.php?id=CVE-2010-2667
22 Jul 2010 — Multiple unspecified vulnerabilities in the Virtual Appliance Management Infrastructure (VAMI) in VMware Studio 2.0 allow remote authenticated users to execute arbitrary commands via vectors involving (1) the Studio virtual appliance or (2) a virtual appliance created by the Studio virtual appliance. Múltiples vulnerabilidades no especificadas en el Virtual Appliance Management Infrastructure (VAMI) en VMware Studio v2.0 permite a usuarios remotos autenticados ejecutar comandos a su elección a través de vec... • http://lists.vmware.com/pipermail/security-announce/2010/000101.html •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2009-2968
https://notcve.org/view.php?id=CVE-2009-2968
02 Sep 2009 — Directory traversal vulnerability in a support component in the web interface in VMware Studio 2.0 public beta before build 1017-185256 allows remote attackers to upload files to arbitrary locations via unspecified vectors. Vulnerabilidad de salto de directorio en un componente de apoyo en la interfaz web en VMware Studio 2.0 public beta en versiones anteriores a la build 1017-185256 permite a atacantes remotos subir ficheros a ubicaciones de su elección mediante vectores no especificados. • http://lists.vmware.com/pipermail/security-announce/2009/000064.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 1CVE-2000-0449 – Omnis Studio 2.4 - Weak Database Field Encryption
https://notcve.org/view.php?id=CVE-2000-0449
01 May 2000 — Omnis Studio 2.4 uses weak encryption (trivial encoding) for encrypting database fields. • https://www.exploit-db.com/exploits/19967 •