Search criteria
27 vulnerabilities found for dspace by duraspace
FKIE_CVE-2022-31192
Vulnerability from fkie_nvd - Published: 2022-08-01 21:15 - Updated: 2024-11-21 07:04
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI "Request a Copy" feature does not properly escape values submitted and stored from the "Request a Copy" form. This means that item requests could be vulnerable to XSS attacks. This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/DSpace/DSpace/commit/28eb8158210d41168a62ed5f9e044f754513bc37 | Patch, Third Party Advisory | |
| security-advisories@github.com | https://github.com/DSpace/DSpace/commit/f7758457b7ec3489d525e39aa753cc70809d9ad9 | Patch, Third Party Advisory | |
| security-advisories@github.com | https://github.com/DSpace/DSpace/security/advisories/GHSA-4wm8-c2vv-xrpq | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/DSpace/DSpace/commit/28eb8158210d41168a62ed5f9e044f754513bc37 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/DSpace/DSpace/commit/f7758457b7ec3489d525e39aa753cc70809d9ad9 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/DSpace/DSpace/security/advisories/GHSA-4wm8-c2vv-xrpq | Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:duraspace:dspace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0931332-ACDA-450E-BDC7-BE5D44E27F66",
"versionEndIncluding": "5.10",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:duraspace:dspace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27C1503E-2C8B-43CD-8937-9ABE6C24C67F",
"versionEndExcluding": "6.4",
"versionStartExcluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI \"Request a Copy\" feature does not properly escape values submitted and stored from the \"Request a Copy\" form. This means that item requests could be vulnerable to XSS attacks. This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds for this vulnerability."
},
{
"lang": "es",
"value": "El software de c\u00f3digo abierto DSpace es una aplicaci\u00f3n de repositorio que proporciona acceso duradero a recursos digitales. dspace-jspui es un componente de interfaz de usuario para DSpace. La funci\u00f3n \"Request a Copy\" de JSPUI no escapa adecuadamente de los valores enviados y almacenados desde el formulario \"Request a Copy\". Esto significa que las peticiones de elementos podr\u00edan ser vulnerables a ataques de tipo XSS. Esta vulnerabilidad s\u00f3lo afecta a la JSPUI. Es recomendado a usuarios actualizar. No se presentan mitigaciones conocidas para esta vulnerabilidad"
}
],
"id": "CVE-2022-31192",
"lastModified": "2024-11-21T07:04:05.603",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-01T21:15:13.347",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/28eb8158210d41168a62ed5f9e044f754513bc37"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/f7758457b7ec3489d525e39aa753cc70809d9ad9"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-4wm8-c2vv-xrpq"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/28eb8158210d41168a62ed5f9e044f754513bc37"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/f7758457b7ec3489d525e39aa753cc70809d9ad9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-4wm8-c2vv-xrpq"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-31193
Vulnerability from fkie_nvd - Published: 2022-08-01 21:15 - Updated: 2024-11-21 07:04
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI controlled vocabulary servlet is vulnerable to an open redirect attack, where an attacker can craft a malicious URL that looks like a legitimate DSpace/repository URL. When that URL is clicked by the target, it redirects them to a site of the attacker's choice. This issue has been patched in versions 5.11 and 6.4. Users are advised to upgrade. There are no known workaround for this vulnerability.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/DSpace/DSpace/commit/5f72424a478f59061dcc516b866dcc687bc3f9de | Patch, Third Party Advisory | |
| security-advisories@github.com | https://github.com/DSpace/DSpace/commit/f7758457b7ec3489d525e39aa753cc70809d9ad9 | Patch, Third Party Advisory | |
| security-advisories@github.com | https://github.com/DSpace/DSpace/security/advisories/GHSA-763j-q7wv-vf3m | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/DSpace/DSpace/commit/5f72424a478f59061dcc516b866dcc687bc3f9de | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/DSpace/DSpace/commit/f7758457b7ec3489d525e39aa753cc70809d9ad9 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/DSpace/DSpace/security/advisories/GHSA-763j-q7wv-vf3m | Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:duraspace:dspace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0931332-ACDA-450E-BDC7-BE5D44E27F66",
"versionEndIncluding": "5.10",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:duraspace:dspace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27C1503E-2C8B-43CD-8937-9ABE6C24C67F",
"versionEndExcluding": "6.4",
"versionStartExcluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI controlled vocabulary servlet is vulnerable to an open redirect attack, where an attacker can craft a malicious URL that looks like a legitimate DSpace/repository URL. When that URL is clicked by the target, it redirects them to a site of the attacker\u0027s choice. This issue has been patched in versions 5.11 and 6.4. Users are advised to upgrade. There are no known workaround for this vulnerability."
},
{
"lang": "es",
"value": "El software de c\u00f3digo abierto DSpace es una aplicaci\u00f3n de repositorio que proporciona acceso duradero a los recursos digitales. dspace-jspui es un componente de interfaz de usuario para DSpace. El servlet de vocabulario controlado por JSPUI es vulnerable a un ataque de redireccionamiento abierto, en el que un atacante puede dise\u00f1ar una URL maliciosa que parezca una URL leg\u00edtima de DSpace/repositorio. Cuando el objetivo hace clic en esa URL, le es redirigido a un sitio de la elecci\u00f3n del atacante. Este problema ha sido parcheado en las versiones 5.11 y 6.4. Se recomienda a usuarios actualizar. No se presentan mitigaciones conocidas para esta vulnerabilidad"
}
],
"id": "CVE-2022-31193",
"lastModified": "2024-11-21T07:04:05.747",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-01T21:15:13.423",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/5f72424a478f59061dcc516b866dcc687bc3f9de"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/f7758457b7ec3489d525e39aa753cc70809d9ad9"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-763j-q7wv-vf3m"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/5f72424a478f59061dcc516b866dcc687bc3f9de"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/f7758457b7ec3489d525e39aa753cc70809d9ad9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-763j-q7wv-vf3m"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-31191
Vulnerability from fkie_nvd - Published: 2022-08-01 21:15 - Updated: 2024-11-21 07:04
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI spellcheck "Did you mean" HTML escapes the data-spell attribute in the link, but not the actual displayed text. Similarly, the JSPUI autocomplete HTML does not properly escape text passed to it. Both are vulnerable to XSS. This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds for this issue.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:duraspace:dspace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "89609B7B-870E-41BB-98F5-9F0BDA11A08C",
"versionEndIncluding": "5.10",
"versionStartExcluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:duraspace:dspace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27C1503E-2C8B-43CD-8937-9ABE6C24C67F",
"versionEndExcluding": "6.4",
"versionStartExcluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI spellcheck \"Did you mean\" HTML escapes the data-spell attribute in the link, but not the actual displayed text. Similarly, the JSPUI autocomplete HTML does not properly escape text passed to it. Both are vulnerable to XSS. This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds for this issue."
},
{
"lang": "es",
"value": "El software de c\u00f3digo abierto DSpace es una aplicaci\u00f3n de repositorio que proporciona acceso duradero a los recursos digitales. dspace-jspui es un componente de interfaz de usuario para DSpace. El corrector ortogr\u00e1fico de JSPUI \"Did you mean\" HTML escapa el atributo data-spell en el enlace, pero no el texto real mostrado. Del mismo modo, el HTML de autocompletar de JSPUI no escapa correctamente el texto que le es pasado. Ambos son vulnerables a un ataque de tipo XSS. Esta vulnerabilidad s\u00f3lo afecta a la JSPUI. Es recomendado a usuarios actualizar. No se presentan mitigaciones conocidas para este problema"
}
],
"id": "CVE-2022-31191",
"lastModified": "2024-11-21T07:04:05.460",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-01T21:15:13.280",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/35030a23e48b5946f5853332c797e1c4adea7bb7"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/6f75bb084ab1937d094208c55cd84340040bcbb5"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/c89e493e517b424dea6175caba54e91d3847fc3a"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/ebb83a75234d3de9be129464013e998dc929b68d"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-c558-5gfm-p2r8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/35030a23e48b5946f5853332c797e1c4adea7bb7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/6f75bb084ab1937d094208c55cd84340040bcbb5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/c89e493e517b424dea6175caba54e91d3847fc3a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/ebb83a75234d3de9be129464013e998dc929b68d"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-c558-5gfm-p2r8"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-31189
Vulnerability from fkie_nvd - Published: 2022-08-01 21:15 - Updated: 2024-11-21 07:04
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. When an "Internal System Error" occurs in the JSPUI, then entire exception (including stack trace) is available. Information in this stacktrace may be useful to an attacker in launching a more sophisticated attack. This vulnerability only impacts the JSPUI. This issue has been fixed in version 6.4. users are advised to upgrade. Users unable to upgrade should disable the display of error messages in their internal.jsp file.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/DSpace/DSpace/commit/afcc6c3389729b85d5c7b0230cbf9aaf7452f31a | Patch, Third Party Advisory | |
| security-advisories@github.com | https://github.com/DSpace/DSpace/security/advisories/GHSA-c2j7-66m3-r4ff | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/DSpace/DSpace/commit/afcc6c3389729b85d5c7b0230cbf9aaf7452f31a | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/DSpace/DSpace/security/advisories/GHSA-c2j7-66m3-r4ff | Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:duraspace:dspace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5C7E6BD-3A22-4279-907B-6B2C76E0185C",
"versionEndExcluding": "6.4",
"versionStartExcluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. When an \"Internal System Error\" occurs in the JSPUI, then entire exception (including stack trace) is available. Information in this stacktrace may be useful to an attacker in launching a more sophisticated attack. This vulnerability only impacts the JSPUI. This issue has been fixed in version 6.4. users are advised to upgrade. Users unable to upgrade should disable the display of error messages in their internal.jsp file."
},
{
"lang": "es",
"value": "El software de c\u00f3digo abierto DSpace es una aplicaci\u00f3n de repositorio que proporciona acceso duradero a los recursos digitales. dspace-jspui es un componente de interfaz de usuario para DSpace. Cuando es producido un \"Error interno del sistema\" en la JSPUI, la excepci\u00f3n completa (incluyendo el seguimiento de la pila) est\u00e1 disponible. La informaci\u00f3n en este stacktrace puede ser \u00fatil para un atacante para lanzar un ataque m\u00e1s sofisticado. Esta vulnerabilidad s\u00f3lo afecta a la JSPUI. Este problema ha sido corregido en versi\u00f3n 6.4. Es recomendado a usuarios actualicen. Los usuarios que no puedan actualizarse deber\u00e1n deshabilitar la visualizaci\u00f3n de mensajes de error en su archivo internal.jsp"
}
],
"id": "CVE-2022-31189",
"lastModified": "2024-11-21T07:04:05.193",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-01T21:15:13.217",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/afcc6c3389729b85d5c7b0230cbf9aaf7452f31a"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-c2j7-66m3-r4ff"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/afcc6c3389729b85d5c7b0230cbf9aaf7452f31a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-c2j7-66m3-r4ff"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-209"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-31195
Vulnerability from fkie_nvd - Published: 2022-08-01 21:15 - Updated: 2024-11-21 07:04
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
DSpace open source software is a repository application which provides durable access to digital resources. In affected versions the ItemImportServiceImpl is vulnerable to a path traversal vulnerability. This means a malicious SAF (simple archive format) package could cause a file/directory to be created anywhere the Tomcat/DSpace user can write to on the server. However, this path traversal vulnerability is only possible by a user with special privileges (either Administrators or someone with command-line access to the server). This vulnerability impacts the XMLUI, JSPUI and command-line. Users are advised to upgrade. As a basic workaround, users may block all access to the following URL paths: If you are using the XMLUI, block all access to /admin/batchimport path (this is the URL of the Admin Batch Import tool). Keep in mind, if your site uses the path "/xmlui", then you'd need to block access to /xmlui/admin/batchimport. If you are using the JSPUI, block all access to /dspace-admin/batchimport path (this is the URL of the Admin Batch Import tool). Keep in mind, if your site uses the path "/jspui", then you'd need to block access to /jspui/dspace-admin/batchimport. Keep in mind, only an Administrative user or a user with command-line access to the server is able to import/upload SAF packages. Therefore, assuming those users do not blindly upload untrusted SAF packages, then it is unlikely your site could be impacted by this vulnerability.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/DSpace/DSpace/commit/56e76049185bbd87c994128a9d77735ad7af0199 | Patch, Third Party Advisory | |
| security-advisories@github.com | https://github.com/DSpace/DSpace/commit/7af52a0883a9dbc475cf3001f04ed11b24c8a4c0 | Patch, Third Party Advisory | |
| security-advisories@github.com | https://github.com/DSpace/DSpace/security/advisories/GHSA-8rmh-55h4-93h5 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/DSpace/DSpace/commit/56e76049185bbd87c994128a9d77735ad7af0199 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/DSpace/DSpace/commit/7af52a0883a9dbc475cf3001f04ed11b24c8a4c0 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/DSpace/DSpace/security/advisories/GHSA-8rmh-55h4-93h5 | Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:duraspace:dspace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0931332-ACDA-450E-BDC7-BE5D44E27F66",
"versionEndIncluding": "5.10",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:duraspace:dspace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27C1503E-2C8B-43CD-8937-9ABE6C24C67F",
"versionEndExcluding": "6.4",
"versionStartExcluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. In affected versions the ItemImportServiceImpl is vulnerable to a path traversal vulnerability. This means a malicious SAF (simple archive format) package could cause a file/directory to be created anywhere the Tomcat/DSpace user can write to on the server. However, this path traversal vulnerability is only possible by a user with special privileges (either Administrators or someone with command-line access to the server). This vulnerability impacts the XMLUI, JSPUI and command-line. Users are advised to upgrade. As a basic workaround, users may block all access to the following URL paths: If you are using the XMLUI, block all access to /admin/batchimport path (this is the URL of the Admin Batch Import tool). Keep in mind, if your site uses the path \"/xmlui\", then you\u0027d need to block access to /xmlui/admin/batchimport. If you are using the JSPUI, block all access to /dspace-admin/batchimport path (this is the URL of the Admin Batch Import tool). Keep in mind, if your site uses the path \"/jspui\", then you\u0027d need to block access to /jspui/dspace-admin/batchimport. Keep in mind, only an Administrative user or a user with command-line access to the server is able to import/upload SAF packages. Therefore, assuming those users do not blindly upload untrusted SAF packages, then it is unlikely your site could be impacted by this vulnerability."
},
{
"lang": "es",
"value": "El software de c\u00f3digo abierto DSpace es una aplicaci\u00f3n de repositorio que proporciona acceso duradero a los recursos digitales. En las versiones afectadas el ItemImportServiceImpl es vulnerable a una vulnerabilidad de salto de ruta. Esto significa que un paquete SAF (formato de archivo simple) malicioso podr\u00eda causar la creaci\u00f3n de un archivo/directorio en cualquier lugar donde el usuario de Tomcat/DSpace pueda escribir en el servidor. Sin embargo, esta vulnerabilidad de salto de ruta s\u00f3lo es posible por un usuario con privilegios especiales (ya sea administradores o alguien con acceso a la l\u00ednea de comandos del servidor). Esta vulnerabilidad afecta a XMLUI, JSPUI y a la l\u00ednea de comandos. Es recomendado a usuarios actualizar. Como mitigaci\u00f3n b\u00e1sica, los usuarios pueden bloquear todo el acceso a las siguientes rutas URL: Si usa la XMLUI, bloquee todos los accesos a la ruta /admin/batchimport (esta es la URL de la herramienta Admin Batch Import). Ten en cuenta que si tu sitio usa la ruta \"/xmlui\", tendr\u00e1s que bloquear el acceso a /xmlui/admin/batchimport. Si usas la JSPUI, bloquea todo el acceso a la ruta /dspace-admin/batchimport (esta es la URL de la herramienta Admin Batch Import). Ten en cuenta que si tu sitio usa la ruta \"/jspui\", entonces tendr\u00e1s que bloquear el acceso a /jspui/dspace-admin/batchimport. Tenga en cuenta que s\u00f3lo un usuario administrativo o un usuario con acceso a la l\u00ednea de comandos del servidor puede importar/cargar paquetes SAF. Por lo tanto, asumiendo que esos usuarios no suben ciegamente paquetes SAF no confiables, entonces es poco probable que su sitio pueda ser impactado por esta vulnerabilidad"
}
],
"id": "CVE-2022-31195",
"lastModified": "2024-11-21T07:04:06.047",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-01T21:15:13.557",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/56e76049185bbd87c994128a9d77735ad7af0199"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/7af52a0883a9dbc475cf3001f04ed11b24c8a4c0"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-8rmh-55h4-93h5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/56e76049185bbd87c994128a9d77735ad7af0199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/7af52a0883a9dbc475cf3001f04ed11b24c8a4c0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-8rmh-55h4-93h5"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-31194
Vulnerability from fkie_nvd - Published: 2022-08-01 21:15 - Updated: 2024-11-21 07:04
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI resumable upload implementations in SubmissionController and FileUploadRequest are vulnerable to multiple path traversal attacks, allowing an attacker to create files/directories anywhere on the server writable by the Tomcat/DSpace user, by modifying some request parameters during submission. This path traversal can only be executed by a user with special privileges (submitter rights). This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds. However, this vulnerability cannot be exploited by an anonymous user or a basic user. The user must first have submitter privileges to at least one Collection and be able to determine how to modify the request parameters to exploit the vulnerability.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/DSpace/DSpace/commit/7569c6374aefeafb996e202cf8d631020eda5f24 | Patch, Third Party Advisory | |
| security-advisories@github.com | https://github.com/DSpace/DSpace/commit/d1dd7d23329ef055069759df15cfa200c8e3 | Patch, Third Party Advisory | |
| security-advisories@github.com | https://github.com/DSpace/DSpace/security/advisories/GHSA-qp5m-c3m9-8q2p | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/DSpace/DSpace/commit/7569c6374aefeafb996e202cf8d631020eda5f24 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/DSpace/DSpace/commit/d1dd7d23329ef055069759df15cfa200c8e3 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/DSpace/DSpace/security/advisories/GHSA-qp5m-c3m9-8q2p | Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:duraspace:dspace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0931332-ACDA-450E-BDC7-BE5D44E27F66",
"versionEndIncluding": "5.10",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:duraspace:dspace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27C1503E-2C8B-43CD-8937-9ABE6C24C67F",
"versionEndExcluding": "6.4",
"versionStartExcluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI resumable upload implementations in SubmissionController and FileUploadRequest are vulnerable to multiple path traversal attacks, allowing an attacker to create files/directories anywhere on the server writable by the Tomcat/DSpace user, by modifying some request parameters during submission. This path traversal can only be executed by a user with special privileges (submitter rights). This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds. However, this vulnerability cannot be exploited by an anonymous user or a basic user. The user must first have submitter privileges to at least one Collection and be able to determine how to modify the request parameters to exploit the vulnerability."
},
{
"lang": "es",
"value": "El software de c\u00f3digo abierto DSpace es una aplicaci\u00f3n de repositorio que proporciona acceso duradero a los recursos digitales. dspace-jspui es un componente de interfaz de usuario para DSpace. Las implementaciones de subida reanudable de JSPUI en SubmissionController y FileUploadRequest son vulnerables a m\u00faltiples ataques de salto de ruta, permitiendo a un atacante crear archivos/directorios en cualquier lugar del servidor escribibles por el usuario de Tomcat/DSpace, al modificar algunos par\u00e1metros de petici\u00f3n durante el env\u00edo. Este path traversal s\u00f3lo puede ser ejecutado por un usuario con privilegios especiales (submitter rights). Esta vulnerabilidad s\u00f3lo afecta a la JSPUI. Es recomendado a usuarios actualizar. No se presentan mitigaciones conocidas. Sin embargo, esta vulnerabilidad no puede ser explotada por un usuario an\u00f3nimo o un usuario b\u00e1sico. El usuario debe tener primero privilegios de remitente para al menos una colecci\u00f3n y ser capaz de determinar c\u00f3mo modificar los par\u00e1metros de la petici\u00f3n para explotar la vulnerabilidad"
}
],
"id": "CVE-2022-31194",
"lastModified": "2024-11-21T07:04:05.913",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 5.3,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-01T21:15:13.490",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/7569c6374aefeafb996e202cf8d631020eda5f24"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/d1dd7d23329ef055069759df15cfa200c8e3"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-qp5m-c3m9-8q2p"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/7569c6374aefeafb996e202cf8d631020eda5f24"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/d1dd7d23329ef055069759df15cfa200c8e3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-qp5m-c3m9-8q2p"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-31190
Vulnerability from fkie_nvd - Published: 2022-08-01 20:15 - Updated: 2024-11-21 07:04
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
DSpace open source software is a repository application which provides durable access to digital resources. dspace-xmlui is a UI component for DSpace. In affected versions metadata on a withdrawn Item is exposed via the XMLUI "mets.xml" object, as long as you know the handle/URL of the withdrawn Item. This vulnerability only impacts the XMLUI. Users are advised to upgrade to version 6.4 or newer.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/DSpace/DSpace/commit/574e25496a40173653ae7d0a49a19ed8e3458606.patch | Patch, Third Party Advisory | |
| security-advisories@github.com | https://github.com/DSpace/DSpace/pull/2451 | Patch, Third Party Advisory | |
| security-advisories@github.com | https://github.com/DSpace/DSpace/security/advisories/GHSA-7w85-pp86-p4pq | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/DSpace/DSpace/commit/574e25496a40173653ae7d0a49a19ed8e3458606.patch | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/DSpace/DSpace/pull/2451 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/DSpace/DSpace/security/advisories/GHSA-7w85-pp86-p4pq | Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:duraspace:dspace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25C7D713-232D-4234-B069-67FBBFE2B495",
"versionEndExcluding": "6.4",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-xmlui is a UI component for DSpace. In affected versions metadata on a withdrawn Item is exposed via the XMLUI \"mets.xml\" object, as long as you know the handle/URL of the withdrawn Item. This vulnerability only impacts the XMLUI. Users are advised to upgrade to version 6.4 or newer."
},
{
"lang": "es",
"value": "El software de c\u00f3digo abierto DSpace es una aplicaci\u00f3n de repositorio que proporciona acceso duradero a recursos digitales. dspace-xmlui es un componente de interfaz de usuario para DSpace. En versiones afectadas, los metadatos de un elemento retirado son expuestos por medio del objeto \"mets.xml\" de XMLUI, siempre y cuando sea conocido el handle/URL del elemento retirado. Esta vulnerabilidad s\u00f3lo afecta a la XMLUI. Es recomendado a usuarios actualizar a versi\u00f3n 6.4 o m\u00e1s reciente"
}
],
"id": "CVE-2022-31190",
"lastModified": "2024-11-21T07:04:05.330",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-01T20:15:08.707",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/574e25496a40173653ae7d0a49a19ed8e3458606.patch"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/pull/2451"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-7w85-pp86-p4pq"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/574e25496a40173653ae7d0a49a19ed8e3458606.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/pull/2451"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-7w85-pp86-p4pq"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-41189
Vulnerability from fkie_nvd - Published: 2021-10-29 18:15 - Updated: 2024-11-21 06:25
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
DSpace is an open source turnkey repository application. In version 7.0, any community or collection administrator can escalate their permission up to become system administrator. This vulnerability only exists in 7.0 and does not impact 6.x or below. This issue is patched in version 7.1. As a workaround, users of 7.0 may temporarily disable the ability for community or collection administrators to manage permissions or workflows settings.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:duraspace:dspace:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC2273B4-D6B6-4968-BF9A-65812B5799A1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "DSpace is an open source turnkey repository application. In version 7.0, any community or collection administrator can escalate their permission up to become system administrator. This vulnerability only exists in 7.0 and does not impact 6.x or below. This issue is patched in version 7.1. As a workaround, users of 7.0 may temporarily disable the ability for community or collection administrators to manage permissions or workflows settings."
},
{
"lang": "es",
"value": "DSpace es una aplicaci\u00f3n de repositorio de c\u00f3digo abierto llave en mano. En la versi\u00f3n 7.0, cualquier administrador de una comunidad o colecci\u00f3n puede escalar sus permisos hasta convertirse en administrador del sistema. Esta vulnerabilidad s\u00f3lo se presenta en la versi\u00f3n 7.0 y no afecta a las versiones 6.x o por debajo. Este problema est\u00e1 parcheado en la versi\u00f3n 7.1. Como soluci\u00f3n, los usuarios de la versi\u00f3n 7.0 pueden deshabilitar temporalmente la capacidad para los administradores de comunidades o colecciones para administrar los permisos o la configuraci\u00f3n de los flujos de trabajo"
}
],
"id": "CVE-2021-41189",
"lastModified": "2024-11-21T06:25:43.383",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-29T18:15:08.167",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/277b499a5cd3a4f5eb2370513a1b7e4ec2a6e041"
},
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/c3bea16ab911606e15ae96c97a1575e1ffb14f8a"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/issues/7928"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-cf2j-vf36-c6w8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/277b499a5cd3a4f5eb2370513a1b7e4ec2a6e041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/commit/c3bea16ab911606e15ae96c97a1575e1ffb14f8a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/issues/7928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-cf2j-vf36-c6w8"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-10726
Vulnerability from fkie_nvd - Published: 2018-07-10 11:29 - Updated: 2024-11-21 02:44
Severity ?
Summary
The XMLUI feature in DSpace before 3.6, 4.x before 4.5, and 5.x before 5.5 allows directory traversal via the themes/ path in an attack with two or more arbitrary characters and a colon before a pathname, as demonstrated by a themes/Reference/aa:etc/passwd URI.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/DSpace/DSpace/releases/tag/dspace-5.5 | Third Party Advisory | |
| cve@mitre.org | https://jira.duraspace.org/browse/DS-3094 | Patch, Vendor Advisory | |
| cve@mitre.org | https://wiki.duraspace.org/display/DSDOC5x/Release+Notes | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/DSpace/DSpace/releases/tag/dspace-5.5 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jira.duraspace.org/browse/DS-3094 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wiki.duraspace.org/display/DSDOC5x/Release+Notes | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:duraspace:dspace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B32494A-2890-4F42-A585-FFB8173CB136",
"versionEndExcluding": "3.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:duraspace:dspace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F0BCD07-82EB-42E1-98E8-0EA63C01A2D7",
"versionEndExcluding": "4.5",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:duraspace:dspace:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA07733D-026B-4305-9D0F-4575D7338D4C",
"versionEndExcluding": "5.5",
"versionStartIncluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The XMLUI feature in DSpace before 3.6, 4.x before 4.5, and 5.x before 5.5 allows directory traversal via the themes/ path in an attack with two or more arbitrary characters and a colon before a pathname, as demonstrated by a themes/Reference/aa:etc/passwd URI."
},
{
"lang": "es",
"value": "La caracter\u00edstica XMLUI en DSpace en versiones anteriores a la 3.6, versiones 4.x anteriores a la 4.5 y versiones 5.x anteriores a la 5.5 permite el salto de directorios mediante la ruta themes/ en un ataque con dos o m\u00e1s caracteres arbitrarios y dos puntos antes de un nombre de ruta. Esto queda demostrado con un URI themes/Reference/aa:etc/passwd."
}
],
"id": "CVE-2016-10726",
"lastModified": "2024-11-21T02:44:36.280",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-10T11:29:00.223",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/releases/tag/dspace-5.5"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://jira.duraspace.org/browse/DS-3094"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.duraspace.org/display/DSDOC5x/Release+Notes"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/DSpace/DSpace/releases/tag/dspace-5.5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://jira.duraspace.org/browse/DS-3094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://wiki.duraspace.org/display/DSDOC5x/Release+Notes"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2022-31195 (GCVE-0-2022-31195)
Vulnerability from cvelistv5 – Published: 2022-08-01 20:35 – Updated: 2025-04-23 17:55
VLAI?
Title
Path traversal vulnerability in Simple Archive Format package import in DSpace
Summary
DSpace open source software is a repository application which provides durable access to digital resources. In affected versions the ItemImportServiceImpl is vulnerable to a path traversal vulnerability. This means a malicious SAF (simple archive format) package could cause a file/directory to be created anywhere the Tomcat/DSpace user can write to on the server. However, this path traversal vulnerability is only possible by a user with special privileges (either Administrators or someone with command-line access to the server). This vulnerability impacts the XMLUI, JSPUI and command-line. Users are advised to upgrade. As a basic workaround, users may block all access to the following URL paths: If you are using the XMLUI, block all access to /admin/batchimport path (this is the URL of the Admin Batch Import tool). Keep in mind, if your site uses the path "/xmlui", then you'd need to block access to /xmlui/admin/batchimport. If you are using the JSPUI, block all access to /dspace-admin/batchimport path (this is the URL of the Admin Batch Import tool). Keep in mind, if your site uses the path "/jspui", then you'd need to block access to /jspui/dspace-admin/batchimport. Keep in mind, only an Administrative user or a user with command-line access to the server is able to import/upload SAF packages. Therefore, assuming those users do not blindly upload untrusted SAF packages, then it is unlikely your site could be impacted by this vulnerability.
Severity ?
7.2 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:11:39.806Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-8rmh-55h4-93h5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/56e76049185bbd87c994128a9d77735ad7af0199"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/7af52a0883a9dbc475cf3001f04ed11b24c8a4c0"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31195",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T15:51:15.550830Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:55:08.985Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DSpace",
"vendor": "DSpace",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.0, \u003c 6.4"
},
{
"status": "affected",
"version": "\u003e= 4.0, \u003c 5.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. In affected versions the ItemImportServiceImpl is vulnerable to a path traversal vulnerability. This means a malicious SAF (simple archive format) package could cause a file/directory to be created anywhere the Tomcat/DSpace user can write to on the server. However, this path traversal vulnerability is only possible by a user with special privileges (either Administrators or someone with command-line access to the server). This vulnerability impacts the XMLUI, JSPUI and command-line. Users are advised to upgrade. As a basic workaround, users may block all access to the following URL paths: If you are using the XMLUI, block all access to /admin/batchimport path (this is the URL of the Admin Batch Import tool). Keep in mind, if your site uses the path \"/xmlui\", then you\u0027d need to block access to /xmlui/admin/batchimport. If you are using the JSPUI, block all access to /dspace-admin/batchimport path (this is the URL of the Admin Batch Import tool). Keep in mind, if your site uses the path \"/jspui\", then you\u0027d need to block access to /jspui/dspace-admin/batchimport. Keep in mind, only an Administrative user or a user with command-line access to the server is able to import/upload SAF packages. Therefore, assuming those users do not blindly upload untrusted SAF packages, then it is unlikely your site could be impacted by this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T20:35:11.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-8rmh-55h4-93h5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/56e76049185bbd87c994128a9d77735ad7af0199"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/7af52a0883a9dbc475cf3001f04ed11b24c8a4c0"
}
],
"source": {
"advisory": "GHSA-8rmh-55h4-93h5",
"discovery": "UNKNOWN"
},
"title": "Path traversal vulnerability in Simple Archive Format package import in DSpace",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31195",
"STATE": "PUBLIC",
"TITLE": "Path traversal vulnerability in Simple Archive Format package import in DSpace"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DSpace",
"version": {
"version_data": [
{
"version_value": "\u003e= 6.0, \u003c 6.4"
},
{
"version_value": "\u003e= 4.0, \u003c 5.11"
}
]
}
}
]
},
"vendor_name": "DSpace"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. In affected versions the ItemImportServiceImpl is vulnerable to a path traversal vulnerability. This means a malicious SAF (simple archive format) package could cause a file/directory to be created anywhere the Tomcat/DSpace user can write to on the server. However, this path traversal vulnerability is only possible by a user with special privileges (either Administrators or someone with command-line access to the server). This vulnerability impacts the XMLUI, JSPUI and command-line. Users are advised to upgrade. As a basic workaround, users may block all access to the following URL paths: If you are using the XMLUI, block all access to /admin/batchimport path (this is the URL of the Admin Batch Import tool). Keep in mind, if your site uses the path \"/xmlui\", then you\u0027d need to block access to /xmlui/admin/batchimport. If you are using the JSPUI, block all access to /dspace-admin/batchimport path (this is the URL of the Admin Batch Import tool). Keep in mind, if your site uses the path \"/jspui\", then you\u0027d need to block access to /jspui/dspace-admin/batchimport. Keep in mind, only an Administrative user or a user with command-line access to the server is able to import/upload SAF packages. Therefore, assuming those users do not blindly upload untrusted SAF packages, then it is unlikely your site could be impacted by this vulnerability."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/DSpace/DSpace/security/advisories/GHSA-8rmh-55h4-93h5",
"refsource": "CONFIRM",
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-8rmh-55h4-93h5"
},
{
"name": "https://github.com/DSpace/DSpace/commit/56e76049185bbd87c994128a9d77735ad7af0199",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/56e76049185bbd87c994128a9d77735ad7af0199"
},
{
"name": "https://github.com/DSpace/DSpace/commit/7af52a0883a9dbc475cf3001f04ed11b24c8a4c0",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/7af52a0883a9dbc475cf3001f04ed11b24c8a4c0"
}
]
},
"source": {
"advisory": "GHSA-8rmh-55h4-93h5",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-31195",
"datePublished": "2022-08-01T20:35:11.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:55:08.985Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31192 (GCVE-0-2022-31192)
Vulnerability from cvelistv5 – Published: 2022-08-01 20:30 – Updated: 2025-04-23 17:55
VLAI?
Title
Cross Site Scripting possible in DSpace JSPUI "Request a Copy" feature
Summary
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI "Request a Copy" feature does not properly escape values submitted and stored from the "Request a Copy" form. This means that item requests could be vulnerable to XSS attacks. This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Severity ?
7.1 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:11:39.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/f7758457b7ec3489d525e39aa753cc70809d9ad9"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-4wm8-c2vv-xrpq"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/28eb8158210d41168a62ed5f9e044f754513bc37"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31192",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:02:35.997411Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:55:14.797Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DSpace",
"vendor": "DSpace",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.0, \u003c 6.4"
},
{
"status": "affected",
"version": "\u003e= 4.0, \u003c 5.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI \"Request a Copy\" feature does not properly escape values submitted and stored from the \"Request a Copy\" form. This means that item requests could be vulnerable to XSS attacks. This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T20:30:36.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/f7758457b7ec3489d525e39aa753cc70809d9ad9"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-4wm8-c2vv-xrpq"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/28eb8158210d41168a62ed5f9e044f754513bc37"
}
],
"source": {
"advisory": "GHSA-4wm8-c2vv-xrpq",
"discovery": "UNKNOWN"
},
"title": "Cross Site Scripting possible in DSpace JSPUI \"Request a Copy\" feature",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31192",
"STATE": "PUBLIC",
"TITLE": "Cross Site Scripting possible in DSpace JSPUI \"Request a Copy\" feature"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DSpace",
"version": {
"version_data": [
{
"version_value": "\u003e= 6.0, \u003c 6.4"
},
{
"version_value": "\u003e= 4.0, \u003c 5.11"
}
]
}
}
]
},
"vendor_name": "DSpace"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI \"Request a Copy\" feature does not properly escape values submitted and stored from the \"Request a Copy\" form. This means that item requests could be vulnerable to XSS attacks. This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/DSpace/DSpace/commit/f7758457b7ec3489d525e39aa753cc70809d9ad9",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/f7758457b7ec3489d525e39aa753cc70809d9ad9"
},
{
"name": "https://github.com/DSpace/DSpace/security/advisories/GHSA-4wm8-c2vv-xrpq",
"refsource": "CONFIRM",
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-4wm8-c2vv-xrpq"
},
{
"name": "https://github.com/DSpace/DSpace/commit/28eb8158210d41168a62ed5f9e044f754513bc37",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/28eb8158210d41168a62ed5f9e044f754513bc37"
}
]
},
"source": {
"advisory": "GHSA-4wm8-c2vv-xrpq",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-31192",
"datePublished": "2022-08-01T20:30:36.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:55:14.797Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31191 (GCVE-0-2022-31191)
Vulnerability from cvelistv5 – Published: 2022-08-01 20:30 – Updated: 2025-04-23 17:55
VLAI?
Title
Cross Site Scripting possible in DSpace JSPUI spellcheck and autocomplete tools
Summary
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI spellcheck "Did you mean" HTML escapes the data-spell attribute in the link, but not the actual displayed text. Similarly, the JSPUI autocomplete HTML does not properly escape text passed to it. Both are vulnerable to XSS. This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds for this issue.
Severity ?
7.1 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:11:39.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-c558-5gfm-p2r8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/35030a23e48b5946f5853332c797e1c4adea7bb7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/6f75bb084ab1937d094208c55cd84340040bcbb5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/c89e493e517b424dea6175caba54e91d3847fc3a"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/ebb83a75234d3de9be129464013e998dc929b68d"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31191",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:02:38.661784Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:55:20.799Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DSpace",
"vendor": "DSpace",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.0, \u003c 6.4"
},
{
"status": "affected",
"version": "\u003e= 4.0, \u003c 5.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI spellcheck \"Did you mean\" HTML escapes the data-spell attribute in the link, but not the actual displayed text. Similarly, the JSPUI autocomplete HTML does not properly escape text passed to it. Both are vulnerable to XSS. This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T20:30:17.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-c558-5gfm-p2r8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/35030a23e48b5946f5853332c797e1c4adea7bb7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/6f75bb084ab1937d094208c55cd84340040bcbb5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/c89e493e517b424dea6175caba54e91d3847fc3a"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/ebb83a75234d3de9be129464013e998dc929b68d"
}
],
"source": {
"advisory": "GHSA-c558-5gfm-p2r8",
"discovery": "UNKNOWN"
},
"title": "Cross Site Scripting possible in DSpace JSPUI spellcheck and autocomplete tools",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31191",
"STATE": "PUBLIC",
"TITLE": "Cross Site Scripting possible in DSpace JSPUI spellcheck and autocomplete tools"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DSpace",
"version": {
"version_data": [
{
"version_value": "\u003e= 6.0, \u003c 6.4"
},
{
"version_value": "\u003e= 4.0, \u003c 5.11"
}
]
}
}
]
},
"vendor_name": "DSpace"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI spellcheck \"Did you mean\" HTML escapes the data-spell attribute in the link, but not the actual displayed text. Similarly, the JSPUI autocomplete HTML does not properly escape text passed to it. Both are vulnerable to XSS. This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds for this issue."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/DSpace/DSpace/security/advisories/GHSA-c558-5gfm-p2r8",
"refsource": "CONFIRM",
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-c558-5gfm-p2r8"
},
{
"name": "https://github.com/DSpace/DSpace/commit/35030a23e48b5946f5853332c797e1c4adea7bb7",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/35030a23e48b5946f5853332c797e1c4adea7bb7"
},
{
"name": "https://github.com/DSpace/DSpace/commit/6f75bb084ab1937d094208c55cd84340040bcbb5",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/6f75bb084ab1937d094208c55cd84340040bcbb5"
},
{
"name": "https://github.com/DSpace/DSpace/commit/c89e493e517b424dea6175caba54e91d3847fc3a",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/c89e493e517b424dea6175caba54e91d3847fc3a"
},
{
"name": "https://github.com/DSpace/DSpace/commit/ebb83a75234d3de9be129464013e998dc929b68d",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/ebb83a75234d3de9be129464013e998dc929b68d"
}
]
},
"source": {
"advisory": "GHSA-c558-5gfm-p2r8",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-31191",
"datePublished": "2022-08-01T20:30:17.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:55:20.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31194 (GCVE-0-2022-31194)
Vulnerability from cvelistv5 – Published: 2022-08-01 20:25 – Updated: 2025-04-23 17:55
VLAI?
Title
Path traversal vulnerabilities in DSpace JSPUI submission upload
Summary
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI resumable upload implementations in SubmissionController and FileUploadRequest are vulnerable to multiple path traversal attacks, allowing an attacker to create files/directories anywhere on the server writable by the Tomcat/DSpace user, by modifying some request parameters during submission. This path traversal can only be executed by a user with special privileges (submitter rights). This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds. However, this vulnerability cannot be exploited by an anonymous user or a basic user. The user must first have submitter privileges to at least one Collection and be able to determine how to modify the request parameters to exploit the vulnerability.
Severity ?
8.2 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:11:39.570Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-qp5m-c3m9-8q2p"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/7569c6374aefeafb996e202cf8d631020eda5f24"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/d1dd7d23329ef055069759df15cfa200c8e3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31194",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:02:42.465436Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:55:28.376Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DSpace",
"vendor": "DSpace",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.0, \u003c 6.4"
},
{
"status": "affected",
"version": "\u003e= 4.0, \u003c 5.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI resumable upload implementations in SubmissionController and FileUploadRequest are vulnerable to multiple path traversal attacks, allowing an attacker to create files/directories anywhere on the server writable by the Tomcat/DSpace user, by modifying some request parameters during submission. This path traversal can only be executed by a user with special privileges (submitter rights). This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds. However, this vulnerability cannot be exploited by an anonymous user or a basic user. The user must first have submitter privileges to at least one Collection and be able to determine how to modify the request parameters to exploit the vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T20:25:26.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-qp5m-c3m9-8q2p"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/7569c6374aefeafb996e202cf8d631020eda5f24"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/d1dd7d23329ef055069759df15cfa200c8e3"
}
],
"source": {
"advisory": "GHSA-qp5m-c3m9-8q2p",
"discovery": "UNKNOWN"
},
"title": "Path traversal vulnerabilities in DSpace JSPUI submission upload",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31194",
"STATE": "PUBLIC",
"TITLE": "Path traversal vulnerabilities in DSpace JSPUI submission upload"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DSpace",
"version": {
"version_data": [
{
"version_value": "\u003e= 6.0, \u003c 6.4"
},
{
"version_value": "\u003e= 4.0, \u003c 5.11"
}
]
}
}
]
},
"vendor_name": "DSpace"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI resumable upload implementations in SubmissionController and FileUploadRequest are vulnerable to multiple path traversal attacks, allowing an attacker to create files/directories anywhere on the server writable by the Tomcat/DSpace user, by modifying some request parameters during submission. This path traversal can only be executed by a user with special privileges (submitter rights). This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds. However, this vulnerability cannot be exploited by an anonymous user or a basic user. The user must first have submitter privileges to at least one Collection and be able to determine how to modify the request parameters to exploit the vulnerability."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/DSpace/DSpace/security/advisories/GHSA-qp5m-c3m9-8q2p",
"refsource": "CONFIRM",
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-qp5m-c3m9-8q2p"
},
{
"name": "https://github.com/DSpace/DSpace/commit/7569c6374aefeafb996e202cf8d631020eda5f24",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/7569c6374aefeafb996e202cf8d631020eda5f24"
},
{
"name": "https://github.com/DSpace/DSpace/commit/d1dd7d23329ef055069759df15cfa200c8e3",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/d1dd7d23329ef055069759df15cfa200c8e3"
}
]
},
"source": {
"advisory": "GHSA-qp5m-c3m9-8q2p",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-31194",
"datePublished": "2022-08-01T20:25:26.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:55:28.376Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31193 (GCVE-0-2022-31193)
Vulnerability from cvelistv5 – Published: 2022-08-01 20:25 – Updated: 2025-04-23 17:55
VLAI?
Title
URL Redirection to Untrusted Site in Dspace JSPUI
Summary
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI controlled vocabulary servlet is vulnerable to an open redirect attack, where an attacker can craft a malicious URL that looks like a legitimate DSpace/repository URL. When that URL is clicked by the target, it redirects them to a site of the attacker's choice. This issue has been patched in versions 5.11 and 6.4. Users are advised to upgrade. There are no known workaround for this vulnerability.
Severity ?
7.1 (High)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:11:39.618Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-763j-q7wv-vf3m"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/5f72424a478f59061dcc516b866dcc687bc3f9de"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/f7758457b7ec3489d525e39aa753cc70809d9ad9"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31193",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:02:45.414422Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:55:36.024Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DSpace",
"vendor": "DSpace",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.0, \u003c 6.4"
},
{
"status": "affected",
"version": "\u003e= 4.0, \u003c 5.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI controlled vocabulary servlet is vulnerable to an open redirect attack, where an attacker can craft a malicious URL that looks like a legitimate DSpace/repository URL. When that URL is clicked by the target, it redirects them to a site of the attacker\u0027s choice. This issue has been patched in versions 5.11 and 6.4. Users are advised to upgrade. There are no known workaround for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T20:25:12.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-763j-q7wv-vf3m"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/5f72424a478f59061dcc516b866dcc687bc3f9de"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/f7758457b7ec3489d525e39aa753cc70809d9ad9"
}
],
"source": {
"advisory": "GHSA-763j-q7wv-vf3m",
"discovery": "UNKNOWN"
},
"title": "URL Redirection to Untrusted Site in Dspace JSPUI",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31193",
"STATE": "PUBLIC",
"TITLE": "URL Redirection to Untrusted Site in Dspace JSPUI"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DSpace",
"version": {
"version_data": [
{
"version_value": "\u003e= 6.0, \u003c 6.4"
},
{
"version_value": "\u003e= 4.0, \u003c 5.11"
}
]
}
}
]
},
"vendor_name": "DSpace"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI controlled vocabulary servlet is vulnerable to an open redirect attack, where an attacker can craft a malicious URL that looks like a legitimate DSpace/repository URL. When that URL is clicked by the target, it redirects them to a site of the attacker\u0027s choice. This issue has been patched in versions 5.11 and 6.4. Users are advised to upgrade. There are no known workaround for this vulnerability."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/DSpace/DSpace/security/advisories/GHSA-763j-q7wv-vf3m",
"refsource": "CONFIRM",
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-763j-q7wv-vf3m"
},
{
"name": "https://github.com/DSpace/DSpace/commit/5f72424a478f59061dcc516b866dcc687bc3f9de",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/5f72424a478f59061dcc516b866dcc687bc3f9de"
},
{
"name": "https://github.com/DSpace/DSpace/commit/f7758457b7ec3489d525e39aa753cc70809d9ad9",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/f7758457b7ec3489d525e39aa753cc70809d9ad9"
}
]
},
"source": {
"advisory": "GHSA-763j-q7wv-vf3m",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-31193",
"datePublished": "2022-08-01T20:25:12.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:55:36.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31189 (GCVE-0-2022-31189)
Vulnerability from cvelistv5 – Published: 2022-08-01 20:20 – Updated: 2025-04-23 17:55
VLAI?
Title
"Internal System Error" page in DSpace JSPUI prints exceptions and stack traces without sanitization
Summary
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. When an "Internal System Error" occurs in the JSPUI, then entire exception (including stack trace) is available. Information in this stacktrace may be useful to an attacker in launching a more sophisticated attack. This vulnerability only impacts the JSPUI. This issue has been fixed in version 6.4. users are advised to upgrade. Users unable to upgrade should disable the display of error messages in their internal.jsp file.
Severity ?
5.3 (Medium)
CWE
- CWE-209 - Generation of Error Message Containing Sensitive Information
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:11:39.664Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-c2j7-66m3-r4ff"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/afcc6c3389729b85d5c7b0230cbf9aaf7452f31a"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31189",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T15:52:52.394445Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:55:41.782Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DSpace",
"vendor": "DSpace",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.0, \u003c 6.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. When an \"Internal System Error\" occurs in the JSPUI, then entire exception (including stack trace) is available. Information in this stacktrace may be useful to an attacker in launching a more sophisticated attack. This vulnerability only impacts the JSPUI. This issue has been fixed in version 6.4. users are advised to upgrade. Users unable to upgrade should disable the display of error messages in their internal.jsp file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "CWE-209: Generation of Error Message Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T20:20:11.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-c2j7-66m3-r4ff"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/afcc6c3389729b85d5c7b0230cbf9aaf7452f31a"
}
],
"source": {
"advisory": "GHSA-c2j7-66m3-r4ff",
"discovery": "UNKNOWN"
},
"title": "\"Internal System Error\" page in DSpace JSPUI prints exceptions and stack traces without sanitization",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31189",
"STATE": "PUBLIC",
"TITLE": "\"Internal System Error\" page in DSpace JSPUI prints exceptions and stack traces without sanitization"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DSpace",
"version": {
"version_data": [
{
"version_value": "\u003e= 4.0, \u003c 6.4"
}
]
}
}
]
},
"vendor_name": "DSpace"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. When an \"Internal System Error\" occurs in the JSPUI, then entire exception (including stack trace) is available. Information in this stacktrace may be useful to an attacker in launching a more sophisticated attack. This vulnerability only impacts the JSPUI. This issue has been fixed in version 6.4. users are advised to upgrade. Users unable to upgrade should disable the display of error messages in their internal.jsp file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-209: Generation of Error Message Containing Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/DSpace/DSpace/security/advisories/GHSA-c2j7-66m3-r4ff",
"refsource": "CONFIRM",
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-c2j7-66m3-r4ff"
},
{
"name": "https://github.com/DSpace/DSpace/commit/afcc6c3389729b85d5c7b0230cbf9aaf7452f31a",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/afcc6c3389729b85d5c7b0230cbf9aaf7452f31a"
}
]
},
"source": {
"advisory": "GHSA-c2j7-66m3-r4ff",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-31189",
"datePublished": "2022-08-01T20:20:11.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:55:41.782Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31190 (GCVE-0-2022-31190)
Vulnerability from cvelistv5 – Published: 2022-08-01 20:10 – Updated: 2025-04-23 17:55
VLAI?
Title
Metadata of withdrawn Items is exposed to anonymous users in DSpace XMLUI
Summary
DSpace open source software is a repository application which provides durable access to digital resources. dspace-xmlui is a UI component for DSpace. In affected versions metadata on a withdrawn Item is exposed via the XMLUI "mets.xml" object, as long as you know the handle/URL of the withdrawn Item. This vulnerability only impacts the XMLUI. Users are advised to upgrade to version 6.4 or newer.
Severity ?
5.3 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:11:39.629Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-7w85-pp86-p4pq"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/pull/2451"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/574e25496a40173653ae7d0a49a19ed8e3458606.patch"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31190",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T15:52:56.353881Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:55:48.589Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DSpace",
"vendor": "DSpace",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.0, \u003c 6.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-xmlui is a UI component for DSpace. In affected versions metadata on a withdrawn Item is exposed via the XMLUI \"mets.xml\" object, as long as you know the handle/URL of the withdrawn Item. This vulnerability only impacts the XMLUI. Users are advised to upgrade to version 6.4 or newer."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T20:10:11.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-7w85-pp86-p4pq"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/pull/2451"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/574e25496a40173653ae7d0a49a19ed8e3458606.patch"
}
],
"source": {
"advisory": "GHSA-7w85-pp86-p4pq",
"discovery": "UNKNOWN"
},
"title": "Metadata of withdrawn Items is exposed to anonymous users in DSpace XMLUI",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31190",
"STATE": "PUBLIC",
"TITLE": "Metadata of withdrawn Items is exposed to anonymous users in DSpace XMLUI"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DSpace",
"version": {
"version_data": [
{
"version_value": "\u003e= 4.0, \u003c 6.4"
}
]
}
}
]
},
"vendor_name": "DSpace"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-xmlui is a UI component for DSpace. In affected versions metadata on a withdrawn Item is exposed via the XMLUI \"mets.xml\" object, as long as you know the handle/URL of the withdrawn Item. This vulnerability only impacts the XMLUI. Users are advised to upgrade to version 6.4 or newer."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/DSpace/DSpace/security/advisories/GHSA-7w85-pp86-p4pq",
"refsource": "CONFIRM",
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-7w85-pp86-p4pq"
},
{
"name": "https://github.com/DSpace/DSpace/pull/2451",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/pull/2451"
},
{
"name": "https://github.com/DSpace/DSpace/commit/574e25496a40173653ae7d0a49a19ed8e3458606.patch",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/574e25496a40173653ae7d0a49a19ed8e3458606.patch"
}
]
},
"source": {
"advisory": "GHSA-7w85-pp86-p4pq",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-31190",
"datePublished": "2022-08-01T20:10:11.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:55:48.589Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41189 (GCVE-0-2021-41189)
Vulnerability from cvelistv5 – Published: 2021-10-29 17:25 – Updated: 2024-08-04 03:08
VLAI?
Title
Communities and collections administrators can escalate their privilege up to system administrator
Summary
DSpace is an open source turnkey repository application. In version 7.0, any community or collection administrator can escalate their permission up to become system administrator. This vulnerability only exists in 7.0 and does not impact 6.x or below. This issue is patched in version 7.1. As a workaround, users of 7.0 may temporarily disable the ability for community or collection administrators to manage permissions or workflows settings.
Severity ?
7.2 (High)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:08:31.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-cf2j-vf36-c6w8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/issues/7928"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/277b499a5cd3a4f5eb2370513a1b7e4ec2a6e041"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/c3bea16ab911606e15ae96c97a1575e1ffb14f8a"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DSpace",
"vendor": "DSpace",
"versions": [
{
"status": "affected",
"version": "\u003e= 7.0, \u003c 7.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DSpace is an open source turnkey repository application. In version 7.0, any community or collection administrator can escalate their permission up to become system administrator. This vulnerability only exists in 7.0 and does not impact 6.x or below. This issue is patched in version 7.1. As a workaround, users of 7.0 may temporarily disable the ability for community or collection administrators to manage permissions or workflows settings."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-29T17:25:10",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-cf2j-vf36-c6w8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/issues/7928"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/277b499a5cd3a4f5eb2370513a1b7e4ec2a6e041"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/c3bea16ab911606e15ae96c97a1575e1ffb14f8a"
}
],
"source": {
"advisory": "GHSA-cf2j-vf36-c6w8",
"discovery": "UNKNOWN"
},
"title": "Communities and collections administrators can escalate their privilege up to system administrator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-41189",
"STATE": "PUBLIC",
"TITLE": "Communities and collections administrators can escalate their privilege up to system administrator"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DSpace",
"version": {
"version_data": [
{
"version_value": "\u003e= 7.0, \u003c 7.1"
}
]
}
}
]
},
"vendor_name": "DSpace"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DSpace is an open source turnkey repository application. In version 7.0, any community or collection administrator can escalate their permission up to become system administrator. This vulnerability only exists in 7.0 and does not impact 6.x or below. This issue is patched in version 7.1. As a workaround, users of 7.0 may temporarily disable the ability for community or collection administrators to manage permissions or workflows settings."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863: Incorrect Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/DSpace/DSpace/security/advisories/GHSA-cf2j-vf36-c6w8",
"refsource": "CONFIRM",
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-cf2j-vf36-c6w8"
},
{
"name": "https://github.com/DSpace/DSpace/issues/7928",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/issues/7928"
},
{
"name": "https://github.com/DSpace/DSpace/commit/277b499a5cd3a4f5eb2370513a1b7e4ec2a6e041",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/277b499a5cd3a4f5eb2370513a1b7e4ec2a6e041"
},
{
"name": "https://github.com/DSpace/DSpace/commit/c3bea16ab911606e15ae96c97a1575e1ffb14f8a",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/c3bea16ab911606e15ae96c97a1575e1ffb14f8a"
}
]
},
"source": {
"advisory": "GHSA-cf2j-vf36-c6w8",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-41189",
"datePublished": "2021-10-29T17:25:10",
"dateReserved": "2021-09-15T00:00:00",
"dateUpdated": "2024-08-04T03:08:31.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-10726 (GCVE-0-2016-10726)
Vulnerability from cvelistv5 – Published: 2018-07-10 11:00 – Updated: 2024-08-06 03:30
VLAI?
Summary
The XMLUI feature in DSpace before 3.6, 4.x before 4.5, and 5.x before 5.5 allows directory traversal via the themes/ path in an attack with two or more arbitrary characters and a colon before a pathname, as demonstrated by a themes/Reference/aa:etc/passwd URI.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:30:20.173Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/releases/tag/dspace-5.5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.duraspace.org/display/DSDOC5x/Release+Notes"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jira.duraspace.org/browse/DS-3094"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-07-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The XMLUI feature in DSpace before 3.6, 4.x before 4.5, and 5.x before 5.5 allows directory traversal via the themes/ path in an attack with two or more arbitrary characters and a colon before a pathname, as demonstrated by a themes/Reference/aa:etc/passwd URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-10T11:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/releases/tag/dspace-5.5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.duraspace.org/display/DSDOC5x/Release+Notes"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jira.duraspace.org/browse/DS-3094"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10726",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The XMLUI feature in DSpace before 3.6, 4.x before 4.5, and 5.x before 5.5 allows directory traversal via the themes/ path in an attack with two or more arbitrary characters and a colon before a pathname, as demonstrated by a themes/Reference/aa:etc/passwd URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/DSpace/DSpace/releases/tag/dspace-5.5",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/releases/tag/dspace-5.5"
},
{
"name": "https://wiki.duraspace.org/display/DSDOC5x/Release+Notes",
"refsource": "MISC",
"url": "https://wiki.duraspace.org/display/DSDOC5x/Release+Notes"
},
{
"name": "https://jira.duraspace.org/browse/DS-3094",
"refsource": "MISC",
"url": "https://jira.duraspace.org/browse/DS-3094"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-10726",
"datePublished": "2018-07-10T11:00:00",
"dateReserved": "2018-07-10T00:00:00",
"dateUpdated": "2024-08-06T03:30:20.173Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31195 (GCVE-0-2022-31195)
Vulnerability from nvd – Published: 2022-08-01 20:35 – Updated: 2025-04-23 17:55
VLAI?
Title
Path traversal vulnerability in Simple Archive Format package import in DSpace
Summary
DSpace open source software is a repository application which provides durable access to digital resources. In affected versions the ItemImportServiceImpl is vulnerable to a path traversal vulnerability. This means a malicious SAF (simple archive format) package could cause a file/directory to be created anywhere the Tomcat/DSpace user can write to on the server. However, this path traversal vulnerability is only possible by a user with special privileges (either Administrators or someone with command-line access to the server). This vulnerability impacts the XMLUI, JSPUI and command-line. Users are advised to upgrade. As a basic workaround, users may block all access to the following URL paths: If you are using the XMLUI, block all access to /admin/batchimport path (this is the URL of the Admin Batch Import tool). Keep in mind, if your site uses the path "/xmlui", then you'd need to block access to /xmlui/admin/batchimport. If you are using the JSPUI, block all access to /dspace-admin/batchimport path (this is the URL of the Admin Batch Import tool). Keep in mind, if your site uses the path "/jspui", then you'd need to block access to /jspui/dspace-admin/batchimport. Keep in mind, only an Administrative user or a user with command-line access to the server is able to import/upload SAF packages. Therefore, assuming those users do not blindly upload untrusted SAF packages, then it is unlikely your site could be impacted by this vulnerability.
Severity ?
7.2 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:11:39.806Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-8rmh-55h4-93h5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/56e76049185bbd87c994128a9d77735ad7af0199"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/7af52a0883a9dbc475cf3001f04ed11b24c8a4c0"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31195",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T15:51:15.550830Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:55:08.985Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DSpace",
"vendor": "DSpace",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.0, \u003c 6.4"
},
{
"status": "affected",
"version": "\u003e= 4.0, \u003c 5.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. In affected versions the ItemImportServiceImpl is vulnerable to a path traversal vulnerability. This means a malicious SAF (simple archive format) package could cause a file/directory to be created anywhere the Tomcat/DSpace user can write to on the server. However, this path traversal vulnerability is only possible by a user with special privileges (either Administrators or someone with command-line access to the server). This vulnerability impacts the XMLUI, JSPUI and command-line. Users are advised to upgrade. As a basic workaround, users may block all access to the following URL paths: If you are using the XMLUI, block all access to /admin/batchimport path (this is the URL of the Admin Batch Import tool). Keep in mind, if your site uses the path \"/xmlui\", then you\u0027d need to block access to /xmlui/admin/batchimport. If you are using the JSPUI, block all access to /dspace-admin/batchimport path (this is the URL of the Admin Batch Import tool). Keep in mind, if your site uses the path \"/jspui\", then you\u0027d need to block access to /jspui/dspace-admin/batchimport. Keep in mind, only an Administrative user or a user with command-line access to the server is able to import/upload SAF packages. Therefore, assuming those users do not blindly upload untrusted SAF packages, then it is unlikely your site could be impacted by this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T20:35:11.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-8rmh-55h4-93h5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/56e76049185bbd87c994128a9d77735ad7af0199"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/7af52a0883a9dbc475cf3001f04ed11b24c8a4c0"
}
],
"source": {
"advisory": "GHSA-8rmh-55h4-93h5",
"discovery": "UNKNOWN"
},
"title": "Path traversal vulnerability in Simple Archive Format package import in DSpace",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31195",
"STATE": "PUBLIC",
"TITLE": "Path traversal vulnerability in Simple Archive Format package import in DSpace"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DSpace",
"version": {
"version_data": [
{
"version_value": "\u003e= 6.0, \u003c 6.4"
},
{
"version_value": "\u003e= 4.0, \u003c 5.11"
}
]
}
}
]
},
"vendor_name": "DSpace"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. In affected versions the ItemImportServiceImpl is vulnerable to a path traversal vulnerability. This means a malicious SAF (simple archive format) package could cause a file/directory to be created anywhere the Tomcat/DSpace user can write to on the server. However, this path traversal vulnerability is only possible by a user with special privileges (either Administrators or someone with command-line access to the server). This vulnerability impacts the XMLUI, JSPUI and command-line. Users are advised to upgrade. As a basic workaround, users may block all access to the following URL paths: If you are using the XMLUI, block all access to /admin/batchimport path (this is the URL of the Admin Batch Import tool). Keep in mind, if your site uses the path \"/xmlui\", then you\u0027d need to block access to /xmlui/admin/batchimport. If you are using the JSPUI, block all access to /dspace-admin/batchimport path (this is the URL of the Admin Batch Import tool). Keep in mind, if your site uses the path \"/jspui\", then you\u0027d need to block access to /jspui/dspace-admin/batchimport. Keep in mind, only an Administrative user or a user with command-line access to the server is able to import/upload SAF packages. Therefore, assuming those users do not blindly upload untrusted SAF packages, then it is unlikely your site could be impacted by this vulnerability."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/DSpace/DSpace/security/advisories/GHSA-8rmh-55h4-93h5",
"refsource": "CONFIRM",
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-8rmh-55h4-93h5"
},
{
"name": "https://github.com/DSpace/DSpace/commit/56e76049185bbd87c994128a9d77735ad7af0199",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/56e76049185bbd87c994128a9d77735ad7af0199"
},
{
"name": "https://github.com/DSpace/DSpace/commit/7af52a0883a9dbc475cf3001f04ed11b24c8a4c0",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/7af52a0883a9dbc475cf3001f04ed11b24c8a4c0"
}
]
},
"source": {
"advisory": "GHSA-8rmh-55h4-93h5",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-31195",
"datePublished": "2022-08-01T20:35:11.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:55:08.985Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31192 (GCVE-0-2022-31192)
Vulnerability from nvd – Published: 2022-08-01 20:30 – Updated: 2025-04-23 17:55
VLAI?
Title
Cross Site Scripting possible in DSpace JSPUI "Request a Copy" feature
Summary
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI "Request a Copy" feature does not properly escape values submitted and stored from the "Request a Copy" form. This means that item requests could be vulnerable to XSS attacks. This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Severity ?
7.1 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:11:39.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/f7758457b7ec3489d525e39aa753cc70809d9ad9"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-4wm8-c2vv-xrpq"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/28eb8158210d41168a62ed5f9e044f754513bc37"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31192",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:02:35.997411Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:55:14.797Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DSpace",
"vendor": "DSpace",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.0, \u003c 6.4"
},
{
"status": "affected",
"version": "\u003e= 4.0, \u003c 5.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI \"Request a Copy\" feature does not properly escape values submitted and stored from the \"Request a Copy\" form. This means that item requests could be vulnerable to XSS attacks. This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T20:30:36.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/f7758457b7ec3489d525e39aa753cc70809d9ad9"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-4wm8-c2vv-xrpq"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/28eb8158210d41168a62ed5f9e044f754513bc37"
}
],
"source": {
"advisory": "GHSA-4wm8-c2vv-xrpq",
"discovery": "UNKNOWN"
},
"title": "Cross Site Scripting possible in DSpace JSPUI \"Request a Copy\" feature",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31192",
"STATE": "PUBLIC",
"TITLE": "Cross Site Scripting possible in DSpace JSPUI \"Request a Copy\" feature"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DSpace",
"version": {
"version_data": [
{
"version_value": "\u003e= 6.0, \u003c 6.4"
},
{
"version_value": "\u003e= 4.0, \u003c 5.11"
}
]
}
}
]
},
"vendor_name": "DSpace"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI \"Request a Copy\" feature does not properly escape values submitted and stored from the \"Request a Copy\" form. This means that item requests could be vulnerable to XSS attacks. This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/DSpace/DSpace/commit/f7758457b7ec3489d525e39aa753cc70809d9ad9",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/f7758457b7ec3489d525e39aa753cc70809d9ad9"
},
{
"name": "https://github.com/DSpace/DSpace/security/advisories/GHSA-4wm8-c2vv-xrpq",
"refsource": "CONFIRM",
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-4wm8-c2vv-xrpq"
},
{
"name": "https://github.com/DSpace/DSpace/commit/28eb8158210d41168a62ed5f9e044f754513bc37",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/28eb8158210d41168a62ed5f9e044f754513bc37"
}
]
},
"source": {
"advisory": "GHSA-4wm8-c2vv-xrpq",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-31192",
"datePublished": "2022-08-01T20:30:36.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:55:14.797Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31191 (GCVE-0-2022-31191)
Vulnerability from nvd – Published: 2022-08-01 20:30 – Updated: 2025-04-23 17:55
VLAI?
Title
Cross Site Scripting possible in DSpace JSPUI spellcheck and autocomplete tools
Summary
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI spellcheck "Did you mean" HTML escapes the data-spell attribute in the link, but not the actual displayed text. Similarly, the JSPUI autocomplete HTML does not properly escape text passed to it. Both are vulnerable to XSS. This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds for this issue.
Severity ?
7.1 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:11:39.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-c558-5gfm-p2r8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/35030a23e48b5946f5853332c797e1c4adea7bb7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/6f75bb084ab1937d094208c55cd84340040bcbb5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/c89e493e517b424dea6175caba54e91d3847fc3a"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/ebb83a75234d3de9be129464013e998dc929b68d"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31191",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:02:38.661784Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:55:20.799Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DSpace",
"vendor": "DSpace",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.0, \u003c 6.4"
},
{
"status": "affected",
"version": "\u003e= 4.0, \u003c 5.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI spellcheck \"Did you mean\" HTML escapes the data-spell attribute in the link, but not the actual displayed text. Similarly, the JSPUI autocomplete HTML does not properly escape text passed to it. Both are vulnerable to XSS. This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T20:30:17.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-c558-5gfm-p2r8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/35030a23e48b5946f5853332c797e1c4adea7bb7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/6f75bb084ab1937d094208c55cd84340040bcbb5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/c89e493e517b424dea6175caba54e91d3847fc3a"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/ebb83a75234d3de9be129464013e998dc929b68d"
}
],
"source": {
"advisory": "GHSA-c558-5gfm-p2r8",
"discovery": "UNKNOWN"
},
"title": "Cross Site Scripting possible in DSpace JSPUI spellcheck and autocomplete tools",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31191",
"STATE": "PUBLIC",
"TITLE": "Cross Site Scripting possible in DSpace JSPUI spellcheck and autocomplete tools"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DSpace",
"version": {
"version_data": [
{
"version_value": "\u003e= 6.0, \u003c 6.4"
},
{
"version_value": "\u003e= 4.0, \u003c 5.11"
}
]
}
}
]
},
"vendor_name": "DSpace"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI spellcheck \"Did you mean\" HTML escapes the data-spell attribute in the link, but not the actual displayed text. Similarly, the JSPUI autocomplete HTML does not properly escape text passed to it. Both are vulnerable to XSS. This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds for this issue."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/DSpace/DSpace/security/advisories/GHSA-c558-5gfm-p2r8",
"refsource": "CONFIRM",
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-c558-5gfm-p2r8"
},
{
"name": "https://github.com/DSpace/DSpace/commit/35030a23e48b5946f5853332c797e1c4adea7bb7",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/35030a23e48b5946f5853332c797e1c4adea7bb7"
},
{
"name": "https://github.com/DSpace/DSpace/commit/6f75bb084ab1937d094208c55cd84340040bcbb5",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/6f75bb084ab1937d094208c55cd84340040bcbb5"
},
{
"name": "https://github.com/DSpace/DSpace/commit/c89e493e517b424dea6175caba54e91d3847fc3a",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/c89e493e517b424dea6175caba54e91d3847fc3a"
},
{
"name": "https://github.com/DSpace/DSpace/commit/ebb83a75234d3de9be129464013e998dc929b68d",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/ebb83a75234d3de9be129464013e998dc929b68d"
}
]
},
"source": {
"advisory": "GHSA-c558-5gfm-p2r8",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-31191",
"datePublished": "2022-08-01T20:30:17.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:55:20.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31194 (GCVE-0-2022-31194)
Vulnerability from nvd – Published: 2022-08-01 20:25 – Updated: 2025-04-23 17:55
VLAI?
Title
Path traversal vulnerabilities in DSpace JSPUI submission upload
Summary
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI resumable upload implementations in SubmissionController and FileUploadRequest are vulnerable to multiple path traversal attacks, allowing an attacker to create files/directories anywhere on the server writable by the Tomcat/DSpace user, by modifying some request parameters during submission. This path traversal can only be executed by a user with special privileges (submitter rights). This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds. However, this vulnerability cannot be exploited by an anonymous user or a basic user. The user must first have submitter privileges to at least one Collection and be able to determine how to modify the request parameters to exploit the vulnerability.
Severity ?
8.2 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:11:39.570Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-qp5m-c3m9-8q2p"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/7569c6374aefeafb996e202cf8d631020eda5f24"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/d1dd7d23329ef055069759df15cfa200c8e3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31194",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:02:42.465436Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:55:28.376Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DSpace",
"vendor": "DSpace",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.0, \u003c 6.4"
},
{
"status": "affected",
"version": "\u003e= 4.0, \u003c 5.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI resumable upload implementations in SubmissionController and FileUploadRequest are vulnerable to multiple path traversal attacks, allowing an attacker to create files/directories anywhere on the server writable by the Tomcat/DSpace user, by modifying some request parameters during submission. This path traversal can only be executed by a user with special privileges (submitter rights). This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds. However, this vulnerability cannot be exploited by an anonymous user or a basic user. The user must first have submitter privileges to at least one Collection and be able to determine how to modify the request parameters to exploit the vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T20:25:26.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-qp5m-c3m9-8q2p"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/7569c6374aefeafb996e202cf8d631020eda5f24"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/d1dd7d23329ef055069759df15cfa200c8e3"
}
],
"source": {
"advisory": "GHSA-qp5m-c3m9-8q2p",
"discovery": "UNKNOWN"
},
"title": "Path traversal vulnerabilities in DSpace JSPUI submission upload",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31194",
"STATE": "PUBLIC",
"TITLE": "Path traversal vulnerabilities in DSpace JSPUI submission upload"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DSpace",
"version": {
"version_data": [
{
"version_value": "\u003e= 6.0, \u003c 6.4"
},
{
"version_value": "\u003e= 4.0, \u003c 5.11"
}
]
}
}
]
},
"vendor_name": "DSpace"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI resumable upload implementations in SubmissionController and FileUploadRequest are vulnerable to multiple path traversal attacks, allowing an attacker to create files/directories anywhere on the server writable by the Tomcat/DSpace user, by modifying some request parameters during submission. This path traversal can only be executed by a user with special privileges (submitter rights). This vulnerability only impacts the JSPUI. Users are advised to upgrade. There are no known workarounds. However, this vulnerability cannot be exploited by an anonymous user or a basic user. The user must first have submitter privileges to at least one Collection and be able to determine how to modify the request parameters to exploit the vulnerability."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/DSpace/DSpace/security/advisories/GHSA-qp5m-c3m9-8q2p",
"refsource": "CONFIRM",
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-qp5m-c3m9-8q2p"
},
{
"name": "https://github.com/DSpace/DSpace/commit/7569c6374aefeafb996e202cf8d631020eda5f24",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/7569c6374aefeafb996e202cf8d631020eda5f24"
},
{
"name": "https://github.com/DSpace/DSpace/commit/d1dd7d23329ef055069759df15cfa200c8e3",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/d1dd7d23329ef055069759df15cfa200c8e3"
}
]
},
"source": {
"advisory": "GHSA-qp5m-c3m9-8q2p",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-31194",
"datePublished": "2022-08-01T20:25:26.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:55:28.376Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31193 (GCVE-0-2022-31193)
Vulnerability from nvd – Published: 2022-08-01 20:25 – Updated: 2025-04-23 17:55
VLAI?
Title
URL Redirection to Untrusted Site in Dspace JSPUI
Summary
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI controlled vocabulary servlet is vulnerable to an open redirect attack, where an attacker can craft a malicious URL that looks like a legitimate DSpace/repository URL. When that URL is clicked by the target, it redirects them to a site of the attacker's choice. This issue has been patched in versions 5.11 and 6.4. Users are advised to upgrade. There are no known workaround for this vulnerability.
Severity ?
7.1 (High)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:11:39.618Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-763j-q7wv-vf3m"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/5f72424a478f59061dcc516b866dcc687bc3f9de"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/f7758457b7ec3489d525e39aa753cc70809d9ad9"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31193",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:02:45.414422Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:55:36.024Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DSpace",
"vendor": "DSpace",
"versions": [
{
"status": "affected",
"version": "\u003e= 6.0, \u003c 6.4"
},
{
"status": "affected",
"version": "\u003e= 4.0, \u003c 5.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI controlled vocabulary servlet is vulnerable to an open redirect attack, where an attacker can craft a malicious URL that looks like a legitimate DSpace/repository URL. When that URL is clicked by the target, it redirects them to a site of the attacker\u0027s choice. This issue has been patched in versions 5.11 and 6.4. Users are advised to upgrade. There are no known workaround for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T20:25:12.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-763j-q7wv-vf3m"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/5f72424a478f59061dcc516b866dcc687bc3f9de"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/f7758457b7ec3489d525e39aa753cc70809d9ad9"
}
],
"source": {
"advisory": "GHSA-763j-q7wv-vf3m",
"discovery": "UNKNOWN"
},
"title": "URL Redirection to Untrusted Site in Dspace JSPUI",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31193",
"STATE": "PUBLIC",
"TITLE": "URL Redirection to Untrusted Site in Dspace JSPUI"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DSpace",
"version": {
"version_data": [
{
"version_value": "\u003e= 6.0, \u003c 6.4"
},
{
"version_value": "\u003e= 4.0, \u003c 5.11"
}
]
}
}
]
},
"vendor_name": "DSpace"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI controlled vocabulary servlet is vulnerable to an open redirect attack, where an attacker can craft a malicious URL that looks like a legitimate DSpace/repository URL. When that URL is clicked by the target, it redirects them to a site of the attacker\u0027s choice. This issue has been patched in versions 5.11 and 6.4. Users are advised to upgrade. There are no known workaround for this vulnerability."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/DSpace/DSpace/security/advisories/GHSA-763j-q7wv-vf3m",
"refsource": "CONFIRM",
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-763j-q7wv-vf3m"
},
{
"name": "https://github.com/DSpace/DSpace/commit/5f72424a478f59061dcc516b866dcc687bc3f9de",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/5f72424a478f59061dcc516b866dcc687bc3f9de"
},
{
"name": "https://github.com/DSpace/DSpace/commit/f7758457b7ec3489d525e39aa753cc70809d9ad9",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/f7758457b7ec3489d525e39aa753cc70809d9ad9"
}
]
},
"source": {
"advisory": "GHSA-763j-q7wv-vf3m",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-31193",
"datePublished": "2022-08-01T20:25:12.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:55:36.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31189 (GCVE-0-2022-31189)
Vulnerability from nvd – Published: 2022-08-01 20:20 – Updated: 2025-04-23 17:55
VLAI?
Title
"Internal System Error" page in DSpace JSPUI prints exceptions and stack traces without sanitization
Summary
DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. When an "Internal System Error" occurs in the JSPUI, then entire exception (including stack trace) is available. Information in this stacktrace may be useful to an attacker in launching a more sophisticated attack. This vulnerability only impacts the JSPUI. This issue has been fixed in version 6.4. users are advised to upgrade. Users unable to upgrade should disable the display of error messages in their internal.jsp file.
Severity ?
5.3 (Medium)
CWE
- CWE-209 - Generation of Error Message Containing Sensitive Information
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:11:39.664Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-c2j7-66m3-r4ff"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/afcc6c3389729b85d5c7b0230cbf9aaf7452f31a"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31189",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T15:52:52.394445Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:55:41.782Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DSpace",
"vendor": "DSpace",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.0, \u003c 6.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. When an \"Internal System Error\" occurs in the JSPUI, then entire exception (including stack trace) is available. Information in this stacktrace may be useful to an attacker in launching a more sophisticated attack. This vulnerability only impacts the JSPUI. This issue has been fixed in version 6.4. users are advised to upgrade. Users unable to upgrade should disable the display of error messages in their internal.jsp file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "CWE-209: Generation of Error Message Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T20:20:11.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-c2j7-66m3-r4ff"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/afcc6c3389729b85d5c7b0230cbf9aaf7452f31a"
}
],
"source": {
"advisory": "GHSA-c2j7-66m3-r4ff",
"discovery": "UNKNOWN"
},
"title": "\"Internal System Error\" page in DSpace JSPUI prints exceptions and stack traces without sanitization",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31189",
"STATE": "PUBLIC",
"TITLE": "\"Internal System Error\" page in DSpace JSPUI prints exceptions and stack traces without sanitization"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DSpace",
"version": {
"version_data": [
{
"version_value": "\u003e= 4.0, \u003c 6.4"
}
]
}
}
]
},
"vendor_name": "DSpace"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. When an \"Internal System Error\" occurs in the JSPUI, then entire exception (including stack trace) is available. Information in this stacktrace may be useful to an attacker in launching a more sophisticated attack. This vulnerability only impacts the JSPUI. This issue has been fixed in version 6.4. users are advised to upgrade. Users unable to upgrade should disable the display of error messages in their internal.jsp file."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-209: Generation of Error Message Containing Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/DSpace/DSpace/security/advisories/GHSA-c2j7-66m3-r4ff",
"refsource": "CONFIRM",
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-c2j7-66m3-r4ff"
},
{
"name": "https://github.com/DSpace/DSpace/commit/afcc6c3389729b85d5c7b0230cbf9aaf7452f31a",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/afcc6c3389729b85d5c7b0230cbf9aaf7452f31a"
}
]
},
"source": {
"advisory": "GHSA-c2j7-66m3-r4ff",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-31189",
"datePublished": "2022-08-01T20:20:11.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:55:41.782Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31190 (GCVE-0-2022-31190)
Vulnerability from nvd – Published: 2022-08-01 20:10 – Updated: 2025-04-23 17:55
VLAI?
Title
Metadata of withdrawn Items is exposed to anonymous users in DSpace XMLUI
Summary
DSpace open source software is a repository application which provides durable access to digital resources. dspace-xmlui is a UI component for DSpace. In affected versions metadata on a withdrawn Item is exposed via the XMLUI "mets.xml" object, as long as you know the handle/URL of the withdrawn Item. This vulnerability only impacts the XMLUI. Users are advised to upgrade to version 6.4 or newer.
Severity ?
5.3 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:11:39.629Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-7w85-pp86-p4pq"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/pull/2451"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/574e25496a40173653ae7d0a49a19ed8e3458606.patch"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31190",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T15:52:56.353881Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T17:55:48.589Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DSpace",
"vendor": "DSpace",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.0, \u003c 6.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-xmlui is a UI component for DSpace. In affected versions metadata on a withdrawn Item is exposed via the XMLUI \"mets.xml\" object, as long as you know the handle/URL of the withdrawn Item. This vulnerability only impacts the XMLUI. Users are advised to upgrade to version 6.4 or newer."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-01T20:10:11.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-7w85-pp86-p4pq"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/pull/2451"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/574e25496a40173653ae7d0a49a19ed8e3458606.patch"
}
],
"source": {
"advisory": "GHSA-7w85-pp86-p4pq",
"discovery": "UNKNOWN"
},
"title": "Metadata of withdrawn Items is exposed to anonymous users in DSpace XMLUI",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31190",
"STATE": "PUBLIC",
"TITLE": "Metadata of withdrawn Items is exposed to anonymous users in DSpace XMLUI"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DSpace",
"version": {
"version_data": [
{
"version_value": "\u003e= 4.0, \u003c 6.4"
}
]
}
}
]
},
"vendor_name": "DSpace"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DSpace open source software is a repository application which provides durable access to digital resources. dspace-xmlui is a UI component for DSpace. In affected versions metadata on a withdrawn Item is exposed via the XMLUI \"mets.xml\" object, as long as you know the handle/URL of the withdrawn Item. This vulnerability only impacts the XMLUI. Users are advised to upgrade to version 6.4 or newer."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/DSpace/DSpace/security/advisories/GHSA-7w85-pp86-p4pq",
"refsource": "CONFIRM",
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-7w85-pp86-p4pq"
},
{
"name": "https://github.com/DSpace/DSpace/pull/2451",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/pull/2451"
},
{
"name": "https://github.com/DSpace/DSpace/commit/574e25496a40173653ae7d0a49a19ed8e3458606.patch",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/574e25496a40173653ae7d0a49a19ed8e3458606.patch"
}
]
},
"source": {
"advisory": "GHSA-7w85-pp86-p4pq",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-31190",
"datePublished": "2022-08-01T20:10:11.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T17:55:48.589Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41189 (GCVE-0-2021-41189)
Vulnerability from nvd – Published: 2021-10-29 17:25 – Updated: 2024-08-04 03:08
VLAI?
Title
Communities and collections administrators can escalate their privilege up to system administrator
Summary
DSpace is an open source turnkey repository application. In version 7.0, any community or collection administrator can escalate their permission up to become system administrator. This vulnerability only exists in 7.0 and does not impact 6.x or below. This issue is patched in version 7.1. As a workaround, users of 7.0 may temporarily disable the ability for community or collection administrators to manage permissions or workflows settings.
Severity ?
7.2 (High)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:08:31.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-cf2j-vf36-c6w8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/issues/7928"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/277b499a5cd3a4f5eb2370513a1b7e4ec2a6e041"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/commit/c3bea16ab911606e15ae96c97a1575e1ffb14f8a"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DSpace",
"vendor": "DSpace",
"versions": [
{
"status": "affected",
"version": "\u003e= 7.0, \u003c 7.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DSpace is an open source turnkey repository application. In version 7.0, any community or collection administrator can escalate their permission up to become system administrator. This vulnerability only exists in 7.0 and does not impact 6.x or below. This issue is patched in version 7.1. As a workaround, users of 7.0 may temporarily disable the ability for community or collection administrators to manage permissions or workflows settings."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-29T17:25:10",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-cf2j-vf36-c6w8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/issues/7928"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/277b499a5cd3a4f5eb2370513a1b7e4ec2a6e041"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/commit/c3bea16ab911606e15ae96c97a1575e1ffb14f8a"
}
],
"source": {
"advisory": "GHSA-cf2j-vf36-c6w8",
"discovery": "UNKNOWN"
},
"title": "Communities and collections administrators can escalate their privilege up to system administrator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-41189",
"STATE": "PUBLIC",
"TITLE": "Communities and collections administrators can escalate their privilege up to system administrator"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DSpace",
"version": {
"version_data": [
{
"version_value": "\u003e= 7.0, \u003c 7.1"
}
]
}
}
]
},
"vendor_name": "DSpace"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DSpace is an open source turnkey repository application. In version 7.0, any community or collection administrator can escalate their permission up to become system administrator. This vulnerability only exists in 7.0 and does not impact 6.x or below. This issue is patched in version 7.1. As a workaround, users of 7.0 may temporarily disable the ability for community or collection administrators to manage permissions or workflows settings."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863: Incorrect Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/DSpace/DSpace/security/advisories/GHSA-cf2j-vf36-c6w8",
"refsource": "CONFIRM",
"url": "https://github.com/DSpace/DSpace/security/advisories/GHSA-cf2j-vf36-c6w8"
},
{
"name": "https://github.com/DSpace/DSpace/issues/7928",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/issues/7928"
},
{
"name": "https://github.com/DSpace/DSpace/commit/277b499a5cd3a4f5eb2370513a1b7e4ec2a6e041",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/277b499a5cd3a4f5eb2370513a1b7e4ec2a6e041"
},
{
"name": "https://github.com/DSpace/DSpace/commit/c3bea16ab911606e15ae96c97a1575e1ffb14f8a",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/commit/c3bea16ab911606e15ae96c97a1575e1ffb14f8a"
}
]
},
"source": {
"advisory": "GHSA-cf2j-vf36-c6w8",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-41189",
"datePublished": "2021-10-29T17:25:10",
"dateReserved": "2021-09-15T00:00:00",
"dateUpdated": "2024-08-04T03:08:31.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-10726 (GCVE-0-2016-10726)
Vulnerability from nvd – Published: 2018-07-10 11:00 – Updated: 2024-08-06 03:30
VLAI?
Summary
The XMLUI feature in DSpace before 3.6, 4.x before 4.5, and 5.x before 5.5 allows directory traversal via the themes/ path in an attack with two or more arbitrary characters and a colon before a pathname, as demonstrated by a themes/Reference/aa:etc/passwd URI.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:30:20.173Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/DSpace/DSpace/releases/tag/dspace-5.5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.duraspace.org/display/DSDOC5x/Release+Notes"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jira.duraspace.org/browse/DS-3094"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-07-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The XMLUI feature in DSpace before 3.6, 4.x before 4.5, and 5.x before 5.5 allows directory traversal via the themes/ path in an attack with two or more arbitrary characters and a colon before a pathname, as demonstrated by a themes/Reference/aa:etc/passwd URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-10T11:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/DSpace/DSpace/releases/tag/dspace-5.5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.duraspace.org/display/DSDOC5x/Release+Notes"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jira.duraspace.org/browse/DS-3094"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10726",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The XMLUI feature in DSpace before 3.6, 4.x before 4.5, and 5.x before 5.5 allows directory traversal via the themes/ path in an attack with two or more arbitrary characters and a colon before a pathname, as demonstrated by a themes/Reference/aa:etc/passwd URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/DSpace/DSpace/releases/tag/dspace-5.5",
"refsource": "MISC",
"url": "https://github.com/DSpace/DSpace/releases/tag/dspace-5.5"
},
{
"name": "https://wiki.duraspace.org/display/DSDOC5x/Release+Notes",
"refsource": "MISC",
"url": "https://wiki.duraspace.org/display/DSDOC5x/Release+Notes"
},
{
"name": "https://jira.duraspace.org/browse/DS-3094",
"refsource": "MISC",
"url": "https://jira.duraspace.org/browse/DS-3094"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-10726",
"datePublished": "2018-07-10T11:00:00",
"dateReserved": "2018-07-10T00:00:00",
"dateUpdated": "2024-08-06T03:30:20.173Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}