Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-36518 PoC — FasterXML jackson-databind 缓冲区错误漏洞

Source
https://github.com/ghillert/boot-jackson-cve
Associated Vulnerability
Title:FasterXML jackson-databind 缓冲区错误漏洞 (CVE-2020-36518)
Description:FasterXML jackson-databind是一个基于JAVA可以将XML和JSON等数据格式与JAVA对象进行转换的库。Jackson可以轻松的将Java对象转换成json对象和xml文档,同样也可以将json、xml转换成Java对象。 FasterXML jackson-databind 2.13.0之前版本中存在安全漏洞,该漏洞源于软件中存在Java的栈溢出异常,攻击者可以通过大量嵌套对象利用该漏洞实现拒绝服务攻击。
Description
Reproduction of CVE-2020-36518 in Spring Boot 2.5.10
Readme
# Reproduction of CVE-2020-36518 in Spring Boot 2.5.10

Execute:

```bash
./mvnw clean verify
```

It will fail with:

```
[ERROR] Failed to execute goal org.owasp:dependency-check-maven:7.0.0:check (default) on project jackson-demo:
[ERROR]
[ERROR] One or more dependencies were identified with vulnerabilities that have a CVSS score greater than or equal to '7.0':
[ERROR]
[ERROR] jackson-databind-2.12.6.jar: CVE-2020-36518(7.5)
[ERROR]
[ERROR] See the dependency-check report for more details.
[ERROR]
```
File Snapshot

 [4.0K]  /data/pocs/25546891949b9501be8b58d749cab145eb5faeeb
├── [ 10K]  mvnw
├── [6.6K]  mvnw.cmd
├── [1.6K]  pom.xml
├── [ 510]  README.md
└── [4.0K]  src
    ├── [4.0K]  main
    │   ├── [4.0K]  java
    │   │   └── [4.0K]  com
    │   │       └── [4.0K]  hillert
    │   │           └── [4.0K]  boot
    │   │               └── [4.0K]  jackson
    │   │                   └── [ 327]  JacksonDemoApplication.java
    │   └── [4.0K]  resources
    │       └── [   1]  application.properties
    └── [4.0K]  test
        └── [4.0K]  java
            └── [4.0K]  com
                └── [4.0K]  hillert
                    └── [4.0K]  boot
                        └── [4.0K]  jackson
                            └── [ 221]  JacksonDemoApplicationTests.java

14 directories, 7 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.