{"containers":{"cna":{"affected":[{"product":"dropwizard","vendor":"dropwizard","versions":[{"status":"affected","version":"< 1.3.21"},{"status":"affected","version":">= 2.0.0, < 2.0.3"}]}],"descriptions":[{"lang":"en","value":"dropwizard-validation before versions 2.0.3 and 1.3.21 has a remote code execution vulnerability. A server-side template injection was identified in the self-validating feature enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you are using a self-validating bean an upgrade to Dropwizard 1.3.21/2.0.3 or later is strongly recommended. The changes introduced in Dropwizard 1.3.19 and 2.0.2 for CVE-2020-5245 unfortunately did not fix the underlying issue completely. The issue has been fixed in dropwizard-validation 1.3.21 and 2.0.3 or later. We strongly recommend upgrading to one of these versions."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-74","description":"CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2020-04-10T18:35:18.000Z","orgId":"a0819718-46f1-4df5-94e2-005712e83aaa","shortName":"GitHub_M"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://github.com/dropwizard/dropwizard/security/advisories/GHSA-8jpx-m2wh-2v34"},{"tags":["x_refsource_MISC"],"url":"https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf"},{"tags":["x_refsource_MISC"],"url":"https://github.com/dropwizard/dropwizard/pull/3208"},{"tags":["x_refsource_MISC"],"url":"https://github.com/dropwizard/dropwizard/pull/3209"},{"tags":["x_refsource_MISC"],"url":"https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext"},{"tags":["x_refsource_MISC"],"url":"https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability"},{"tags":["x_refsource_MISC"],"url":"https://github.com/dropwizard/dropwizard/commit/d5a512f7abf965275f2a6b913ac4fe778e424242"}],"source":{"advisory":"GHSA-8jpx-m2wh-2v34","discovery":"UNKNOWN"},"title":"Remote Code Execution (RCE) vulnerability in dropwizard-validation","x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"security-advisories@github.com","ID":"CVE-2020-11002","STATE":"PUBLIC","TITLE":"Remote Code Execution (RCE) vulnerability in dropwizard-validation"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"dropwizard","version":{"version_data":[{"version_value":"< 1.3.21"},{"version_value":">= 2.0.0, < 2.0.3"}]}}]},"vendor_name":"dropwizard"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"dropwizard-validation before versions 2.0.3 and 1.3.21 has a remote code execution vulnerability. A server-side template injection was identified in the self-validating feature enabling attackers to inject arbitrary Java EL expressions, leading to Remote Code Execution (RCE) vulnerability. If you are using a self-validating bean an upgrade to Dropwizard 1.3.21/2.0.3 or later is strongly recommended. The changes introduced in Dropwizard 1.3.19 and 2.0.2 for CVE-2020-5245 unfortunately did not fix the underlying issue completely. The issue has been fixed in dropwizard-validation 1.3.21 and 2.0.3 or later. We strongly recommend upgrading to one of these versions."}]},"impact":{"cvss":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')"}]}]},"references":{"reference_data":[{"name":"https://github.com/dropwizard/dropwizard/security/advisories/GHSA-8jpx-m2wh-2v34","refsource":"CONFIRM","url":"https://github.com/dropwizard/dropwizard/security/advisories/GHSA-8jpx-m2wh-2v34"},{"name":"https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf","refsource":"MISC","url":"https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf"},{"name":"https://github.com/dropwizard/dropwizard/pull/3208","refsource":"MISC","url":"https://github.com/dropwizard/dropwizard/pull/3208"},{"name":"https://github.com/dropwizard/dropwizard/pull/3209","refsource":"MISC","url":"https://github.com/dropwizard/dropwizard/pull/3209"},{"name":"https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext","refsource":"MISC","url":"https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext"},{"name":"https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability","refsource":"MISC","url":"https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability"},{"name":"https://github.com/dropwizard/dropwizard/commit/d5a512f7abf965275f2a6b913ac4fe778e424242","refsource":"MISC","url":"https://github.com/dropwizard/dropwizard/commit/d5a512f7abf965275f2a6b913ac4fe778e424242"}]},"source":{"advisory":"GHSA-8jpx-m2wh-2v34","discovery":"UNKNOWN"}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T11:21:14.209Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://github.com/dropwizard/dropwizard/security/advisories/GHSA-8jpx-m2wh-2v34"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/dropwizard/dropwizard/security/advisories/GHSA-3mcp-9wr4-cjqf"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/dropwizard/dropwizard/pull/3208"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/dropwizard/dropwizard/pull/3209"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://docs.jboss.org/hibernate/validator/6.1/reference/en-US/html_single/#section-hibernateconstraintvalidatorcontext"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/dropwizard/dropwizard/security/policy#reporting-a-vulnerability"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/dropwizard/dropwizard/commit/d5a512f7abf965275f2a6b913ac4fe778e424242"}]}]},"cveMetadata":{"assignerOrgId":"a0819718-46f1-4df5-94e2-005712e83aaa","assignerShortName":"GitHub_M","cveId":"CVE-2020-11002","datePublished":"2020-04-10T18:35:18.000Z","dateReserved":"2020-03-30T00:00:00.000Z","dateUpdated":"2024-08-04T11:21:14.209Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}