Update EmailCheck.java by cx-sam-headrick · Pull Request #43 · cx-sam-headrick/JavaVulnerableLab-1

cx-sam-headrick · 2024-09-17T19:35:45Z

No description provided.

github-actions · 2024-09-17T19:36:15Z

Scan submitted to Checkmarx

github-actions · 2024-09-17T19:37:07Z

Checkmarx SCA - Scan Summary & Details

Cx-SCA Summary

Total Packages Identified: 24
Scan Risk Score: 9.80

0 Critical severity vulnerabilities
55 High severity vulnerabilities
31 Medium severity vulnerabilities
3 Low severity vulnerabilities
View more details on Checkmarx UI

Cx-SCA vulnerability result overview

Click to see details

Vulnerability ID	Package	Severity	CVSS score	Publish date	Current version	Recommended version	Link in CxSCA	Reference – NVD link
`CVE-2016-2170`	commons-collections:commons-collections	HIGH	9.8	2016-04-12T14:59:00	3.2.1	No Recommendations	Vulnerability Link	CVE-2016-2170
`CVE-2015-7501`	commons-collections:commons-collections	HIGH	9.8	2017-11-09T17:29:00	3.2.1	No Recommendations	Vulnerability Link	CVE-2015-7501
`CVE-2015-4852`	commons-collections:commons-collections	HIGH	9.8	2015-11-18T15:59:00	3.2.1	No Recommendations	Vulnerability Link	CVE-2015-4852
`CVE-2020-10683`	dom4j:dom4j	HIGH	9.8	2020-05-01T19:15:00	1.6.1	No Recommendations	Vulnerability Link	CVE-2020-10683
`CVE-2019-10212`	io.undertow:undertow-core	HIGH	9.8	2019-10-02T19:15:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2019-10212
`CVE-2019-3888`	io.undertow:undertow-core	HIGH	9.8	2019-06-12T14:29:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2019-3888
`CVE-2020-1745`	io.undertow:undertow-core	HIGH	9.8	2020-04-28T15:15:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2020-1745
`CVE-2020-1938`	org.apache.tomcat:tomcat-coyote	HIGH	9.8	2020-02-24T22:15:00	9.0.22	No Recommendations	Vulnerability Link	CVE-2020-1938
`CVE-2015-2575`	mysql:mysql-connector-java	HIGH	9.1	2014-12-06T00:00:00	5.1.26	No Recommendations	Vulnerability Link	CVE-2015-2575
`CVE-2018-3258`	mysql:mysql-connector-java	HIGH	8.8	2018-10-17T01:31:00	5.1.26	No Recommendations	Vulnerability Link	CVE-2018-3258
`CVE-2017-3523`	mysql:mysql-connector-java	HIGH	8.5	2017-04-24T19:59:00	5.1.26	No Recommendations	Vulnerability Link	CVE-2017-3523
`CVE-2020-1757`	io.undertow:undertow-core	HIGH	8.1	2020-04-21T17:15:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2020-1757
`CVE-2015-6420`	commons-collections:commons-collections	HIGH	7.5	2015-12-15T05:59:00	3.2.1	No Recommendations	Vulnerability Link	CVE-2015-6420
`Cx78f40514-81ff`	commons-collections:commons-collections	HIGH	7.5	2018-10-31T10:39:00	3.2.1	No Recommendations	Vulnerability Link	Cx78f40514-81ff
`CVE-2018-1000632`	dom4j:dom4j	HIGH	7.5	2018-08-20T19:31:00	1.6.1	No Recommendations	Vulnerability Link	CVE-2018-1000632
`CVE-2024-1635`	io.undertow:undertow-core	HIGH	7.5	2024-02-19T22:15:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2024-1635
`CVE-2024-7885`	io.undertow:undertow-core	HIGH	7.5	2024-08-21T14:15:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2024-7885
`CVE-2024-6162`	io.undertow:undertow-core	HIGH	7.5	2024-06-20T15:15:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2024-6162
`CVE-2024-5971`	io.undertow:undertow-core	HIGH	7.5	2024-07-08T21:15:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2024-5971
`CVE-2023-5379`	io.undertow:undertow-core	HIGH	7.5	2023-12-12T22:15:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2023-5379
`CVE-2023-3223`	io.undertow:undertow-core	HIGH	7.5	2023-09-27T15:18:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2023-3223
`CVE-2020-10705`	io.undertow:undertow-core	HIGH	7.5	2020-06-10T20:15:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2020-10705
`CVE-2023-1973`	io.undertow:undertow-core	HIGH	7.5	2024-04-05T09:44:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2023-1973
`CVE-2023-1108`	io.undertow:undertow-core	HIGH	7.5	2023-09-14T15:15:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2023-1108
`CVE-2022-4492`	io.undertow:undertow-core	HIGH	7.5	2023-02-23T20:15:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2022-4492
`CVE-2022-2053`	io.undertow:undertow-core	HIGH	7.5	2022-08-05T10:13:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2022-2053
`CVE-2022-1319`	io.undertow:undertow-core	HIGH	7.5	2022-08-31T16:15:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2022-1319
`CVE-2021-3859`	io.undertow:undertow-core	HIGH	7.5	2022-08-25T23:09:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2021-3859
`CVE-2021-3690`	io.undertow:undertow-core	HIGH	7.5	2022-08-23T17:35:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2021-3690
`CVE-2020-27782`	io.undertow:undertow-core	HIGH	7.5	2021-02-23T19:15:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2020-27782
`Cx039cb67c-ead3`	mysql:mysql-connector-java	HIGH	7.5	2015-08-16T23:00:00	5.1.26	No Recommendations	Vulnerability Link	Cx039cb67c-ead3
`Cx6f651376-312a`	mysql:mysql-connector-java	HIGH	7.5	2017-08-14T23:00:00	5.1.26	No Recommendations	Vulnerability Link	Cx6f651376-312a
`Cx7ef609d2-efb5`	mysql:mysql-connector-java	HIGH	7.5	2010-08-01T23:00:00	5.1.26	No Recommendations	Vulnerability Link	Cx7ef609d2-efb5
`CVE-2023-44487`	org.apache.tomcat:tomcat-coyote	HIGH	7.5	2023-10-10T09:17:00	9.0.22	No Recommendations	Vulnerability Link	CVE-2023-44487
`CVE-2021-41079`	org.apache.tomcat:tomcat-coyote	HIGH	7.5	2021-09-16T15:15:00	9.0.22	No Recommendations	Vulnerability Link	CVE-2021-41079
`CVE-2020-17527`	org.apache.tomcat:tomcat-coyote	HIGH	7.5	2020-12-03T19:15:00	9.0.22	No Recommendations	Vulnerability Link	CVE-2020-17527
`CVE-2021-30639`	org.apache.tomcat:tomcat-coyote	HIGH	7.5	2021-07-12T15:15:00	9.0.22	No Recommendations	Vulnerability Link	CVE-2021-30639
`CVE-2021-25122`	org.apache.tomcat:tomcat-coyote	HIGH	7.5	2021-03-01T12:15:00	9.0.22	No Recommendations	Vulnerability Link	CVE-2021-25122
`CVE-2022-42252`	org.apache.tomcat:tomcat-coyote	HIGH	7.5	2022-11-01T09:15:00	9.0.22	No Recommendations	Vulnerability Link	CVE-2022-42252
`CVE-2020-13934`	org.apache.tomcat:tomcat-coyote	HIGH	7.5	2020-07-14T15:15:00	9.0.22	No Recommendations	Vulnerability Link	CVE-2020-13934
`CVE-2024-34750`	org.apache.tomcat:tomcat-coyote	HIGH	7.5	2024-07-03T20:15:00	9.0.22	No Recommendations	Vulnerability Link	CVE-2024-34750
`CVE-2024-24549`	org.apache.tomcat:tomcat-coyote	HIGH	7.5	2024-03-13T16:15:00	9.0.22	No Recommendations	Vulnerability Link	CVE-2024-24549
`CVE-2020-11996`	org.apache.tomcat:tomcat-coyote	HIGH	7.5	2020-06-26T17:15:00	9.0.22	No Recommendations	Vulnerability Link	CVE-2020-11996
`CVE-2023-24998`	org.apache.tomcat:tomcat-coyote	HIGH	7.5	2023-02-20T16:15:00	9.0.22	No Recommendations	Vulnerability Link	CVE-2023-24998
`CVE-2023-5685`	org.jboss.xnio:xnio-api	HIGH	7.5	2024-03-22T19:15:00	3.3.8.Final	No Recommendations	Vulnerability Link	CVE-2023-5685
`CVE-2022-0084`	org.jboss.xnio:xnio-api	HIGH	7.5	2022-08-26T05:53:00	3.3.8.Final	No Recommendations	Vulnerability Link	CVE-2022-0084
`CVE-2023-5072`	org.json:json	HIGH	7.5	2023-10-12T06:16:00	20131018	No Recommendations	Vulnerability Link	CVE-2023-5072
`CVE-2022-45690`	org.json:json	HIGH	7.5	2022-12-13T15:15:00	20131018	No Recommendations	Vulnerability Link	CVE-2022-45690
`CVE-2022-45689`	org.json:json	HIGH	7.5	2022-12-13T15:15:00	20131018	No Recommendations	Vulnerability Link	CVE-2022-45689
`CVE-2022-45688`	org.json:json	HIGH	7.5	2022-12-13T15:15:00	20131018	No Recommendations	Vulnerability Link	CVE-2022-45688
`Cx08fcacc9-cb99`	org.json:json	HIGH	7.5	2017-10-30T11:27:00	20131018	No Recommendations	Vulnerability Link	Cx08fcacc9-cb99
`Cx2906ba70-607a`	org.json:json	HIGH	7.5	2017-08-18T09:31:00	20131018	No Recommendations	Vulnerability Link	Cx2906ba70-607a
`Cxdb5a1032-eda2`	org.json:json	HIGH	7.5	2019-09-17T10:37:00	20131018	No Recommendations	Vulnerability Link	Cxdb5a1032-eda2
`CVE-2016-10707`	jquery	HIGH	7.5	2018-01-18T23:29:00	1.6.4	No Recommendations	Vulnerability Link	CVE-2016-10707
`CVE-2020-25638`	org.hibernate:hibernate-core	HIGH	7.4	2020-09-22T16:32:00	4.0.1.Final	No Recommendations	Vulnerability Link	CVE-2020-25638
`CVE-2022-21363`	mysql:mysql-connector-java	MEDIUM	6.6	2022-01-19T12:15:00	5.1.26	No Recommendations	Vulnerability Link	CVE-2022-21363
`CVE-2020-10719`	io.undertow:undertow-core	MEDIUM	6.5	2020-05-26T16:15:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2020-10719
`CVE-2019-14900`	org.hibernate:hibernate-core	MEDIUM	6.5	2019-01-15T00:00:00	4.0.1.Final	No Recommendations	Vulnerability Link	CVE-2019-14900
`CVE-2017-3586`	mysql:mysql-connector-java	MEDIUM	6.4	2017-04-24T19:59:00	5.1.26	No Recommendations	Vulnerability Link	CVE-2017-3586
`CVE-2019-2692`	mysql:mysql-connector-java	MEDIUM	6.3	2019-04-23T19:32:00	5.1.26	No Recommendations	Vulnerability Link	CVE-2019-2692
`CVE-2020-11023`	jquery	MEDIUM	6.1	2020-04-29T15:45:00	1.6.4	No Recommendations	Vulnerability Link	CVE-2020-11023
`Cxf0b588a3-5c6f`	jquery	MEDIUM	6.1	2012-06-25T12:52:00	1.6.4	No Recommendations	Vulnerability Link	Cxf0b588a3-5c6f
`CVE-2020-11022`	jquery	MEDIUM	6.1	2020-04-29T22:15:00	1.6.4	No Recommendations	Vulnerability Link	CVE-2020-11022
`CVE-2019-11358`	jquery	MEDIUM	6.1	2019-04-20T00:29:00	1.6.4	No Recommendations	Vulnerability Link	CVE-2019-11358
`CVE-2015-9251`	jquery	MEDIUM	6.1	2018-01-18T23:29:00	1.6.4	No Recommendations	Vulnerability Link	CVE-2015-9251
`CVE-2012-6708`	jquery	MEDIUM	6.1	2018-01-18T23:29:00	1.6.4	No Recommendations	Vulnerability Link	CVE-2012-6708
`CVE-2020-7656`	jquery	MEDIUM	6.1	2020-05-19T21:15:00	1.6.4	No Recommendations	Vulnerability Link	CVE-2020-7656
`CVE-2021-3629`	io.undertow:undertow-core	MEDIUM	5.9	2022-05-24T19:15:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2021-3629
`CVE-2021-3597`	io.undertow:undertow-core	MEDIUM	5.9	2022-05-24T19:15:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2021-3597
`CVE-2021-2471`	mysql:mysql-connector-java	MEDIUM	5.9	2021-10-20T11:16:00	5.1.26	No Recommendations	Vulnerability Link	CVE-2021-2471
`CVE-2020-14340`	org.jboss.xnio:xnio-nio	MEDIUM	5.9	2020-07-24T09:52:00	3.3.8.Final	No Recommendations	Vulnerability Link	CVE-2020-14340
`CVE-2024-1459`	io.undertow:undertow-core	MEDIUM	5.3	2024-02-12T21:15:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2024-1459
`CVE-2024-3653`	io.undertow:undertow-core	MEDIUM	5.3	2024-07-08T22:15:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2024-3653
`CVE-2021-33037`	org.apache.tomcat:tomcat-coyote	MEDIUM	5.3	2021-07-12T15:15:00	9.0.22	No Recommendations	Vulnerability Link	CVE-2021-33037
`CVE-2023-45648`	org.apache.tomcat:tomcat-coyote	MEDIUM	5.3	2023-10-10T09:47:00	9.0.22	No Recommendations	Vulnerability Link	CVE-2023-45648
`CVE-2024-21733`	org.apache.tomcat:tomcat-coyote	MEDIUM	5.3	2024-01-19T11:15:00	9.0.22	No Recommendations	Vulnerability Link	CVE-2024-21733
`CVE-2023-42795`	org.apache.tomcat:tomcat-coyote	MEDIUM	5.3	2023-10-10T08:59:00	9.0.22	No Recommendations	Vulnerability Link	CVE-2023-42795
`CVE-2023-42795`	org.apache.tomcat:tomcat-util	MEDIUM	5.3	2023-10-10T08:59:00	9.0.22	No Recommendations	Vulnerability Link	CVE-2023-42795
`CVE-2020-2934`	mysql:mysql-connector-java	MEDIUM	5.0	2020-04-15T14:15:00	5.1.26	No Recommendations	Vulnerability Link	CVE-2020-2934
`CVE-2022-2764`	io.undertow:undertow-core	MEDIUM	4.9	2022-09-01T10:13:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2022-2764
`CVE-2020-10687`	io.undertow:undertow-core	MEDIUM	4.8	2020-09-23T13:15:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2020-10687
`CVE-2021-20220`	io.undertow:undertow-core	MEDIUM	4.8	2021-02-23T18:15:00	2.0.9.Final	No Recommendations	Vulnerability Link	CVE-2021-20220
`CVE-2020-1935`	org.apache.tomcat:tomcat-coyote	MEDIUM	4.8	2020-02-24T22:15:00	9.0.22	No Recommendations	Vulnerability Link	CVE-2020-1935
`CVE-2019-17569`	org.apache.tomcat:tomcat-coyote	MEDIUM	4.8	2020-02-24T22:15:00	9.0.22	No Recommendations	Vulnerability Link	CVE-2019-17569
`CVE-2020-2875`	mysql:mysql-connector-java	MEDIUM	4.7	2020-04-15T14:15:00	5.1.26	No Recommendations	Vulnerability Link	CVE-2020-2875
`CVE-2020-13943`	org.apache.tomcat:tomcat-coyote	MEDIUM	4.3	2020-10-12T14:15:00	9.0.22	No Recommendations	Vulnerability Link	CVE-2020-13943
`CVE-2021-43980`	org.apache.tomcat:tomcat-coyote	LOW	3.7	2022-09-28T14:15:00	9.0.22	No Recommendations	Vulnerability Link	CVE-2021-43980
`CVE-2017-3589`	mysql:mysql-connector-java	LOW	3.3	2017-04-24T19:59:00	5.1.26	No Recommendations	Vulnerability Link	CVE-2017-3589
`CVE-2020-2933`	mysql:mysql-connector-java	LOW	2.2	2020-04-15T14:15:00	5.1.26	No Recommendations	Vulnerability Link	CVE-2020-2933

cx-sam-headrick · 2024-09-17T19:38:20Z

Checkmarx One – Scan Summary & Details – 7a7c98e5-808b-44a1-8497-16bdba5d543e

Fixed Issues

Severity	Issue	Source File / Package
	SQL_Injection	/src/main/java/org/cysecurity/cspf/jvl/controller/EmailCheck.java: 44
	SQL_Injection	/src/main/java/org/cysecurity/cspf/jvl/controller/EmailCheck.java: 44
	SQL_Injection	/src/main/java/org/cysecurity/cspf/jvl/controller/EmailCheck.java: 44
	SQL_Injection	/src/main/java/org/cysecurity/cspf/jvl/controller/EmailCheck.java: 44
	Parameter_Tampering	/src/main/java/org/cysecurity/cspf/jvl/controller/EmailCheck.java: 44
	Parameter_Tampering	/src/main/java/org/cysecurity/cspf/jvl/controller/EmailCheck.java: 44
	Parameter_Tampering	/src/main/java/org/cysecurity/cspf/jvl/controller/EmailCheck.java: 44
	Parameter_Tampering	/src/main/java/org/cysecurity/cspf/jvl/controller/EmailCheck.java: 44
	Parameter_Tampering	/src/main/java/org/cysecurity/cspf/jvl/controller/EmailCheck.java: 44
	Parameter_Tampering	/src/main/java/org/cysecurity/cspf/jvl/controller/EmailCheck.java: 44

Update EmailCheck.java

b87bbc1

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update EmailCheck.java#43

Update EmailCheck.java#43
cx-sam-headrick wants to merge 1 commit intomasterfrom
SamHeadrickCx-patch-1

cx-sam-headrick commented Sep 17, 2024

Uh oh!

github-actions Bot commented Sep 17, 2024

Uh oh!

github-actions Bot commented Sep 17, 2024

Uh oh!

cx-sam-headrick commented Sep 17, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

cx-sam-headrick commented Sep 17, 2024

Uh oh!

github-actions Bot commented Sep 17, 2024

Uh oh!

github-actions Bot commented Sep 17, 2024

Cx-SCA Summary

Cx-SCA vulnerability result overview

Uh oh!

cx-sam-headrick commented Sep 17, 2024

Fixed Issues

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant