Описание
Grails framework Remote Code Execution via Data Binding
Impact
A vulnerability has been discovered in the Grails data-binding logic which allows for Remote Code Execution in a Grails application. This exploit requires the application to be running on Java 8, either deployed as a WAR to a servlet container, or an executable JAR.
Patches
Grails framework versions 5.2.1, 5.1.9, 4.1.1, and 3.3.15
References
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35912 https://grails.org/blog/2022-07-18-rce-vulnerability.html
For more information
If you have any questions or comments about this advisory:
- https://grails.org/blog/2022-07-18-rce-vulnerability.html
- https://github.com/grails/grails-core/issues/12626
- Email us at info@grails.org
Credit
This vulnerability was discovered by meizjm3i and codeplutos of AntGroup FG Security Lab
Пакеты
org.grails:grails-databinding
>= 3.3.10, < 3.3.15
3.3.15
org.grails:grails-databinding
>= 4.0.0, < 4.1.1
4.1.1
org.grails:grails-databinding
>= 5.0.0, < 5.1.9
5.1.9
org.grails:grails-databinding
= 5.2.0
5.2.1
Связанные уязвимости
In grails-databinding in Grails before 3.3.15, 4.x before 4.1.1, 5.x before 5.1.9, and 5.2.x before 5.2.1 (at least when certain Java 8 configurations are used), data binding allows a remote attacker to execute code by gaining access to the class loader.
In grails-databinding in Grails before 3.3.15, 4.x before 4.1.1, 5.x b ...