Vulnerability Description
Netflix Titus, all versions prior to version v0.1.1-rc.274, uses Java Bean Validation (JSR 380) custom constraint validators. When building custom constraint violation error messages, different types of interpolation are supported, including Java EL expressions. If an attacker can inject arbitrary data in the error message template being passed to ConstraintValidatorContext.buildConstraintViolationWithTemplate() argument, they will be able to run arbitrary Java code.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netflix | Titus | <= 0.1.0 |
Related Weaknesses (CWE)
References
- https://github.com/Netflix/security-bulletins/blob/master/advisories/nflx-2020-0PatchThird Party Advisory
- https://github.com/Netflix/security-bulletins/blob/master/advisories/nflx-2020-0PatchThird Party Advisory
FAQ
What is CVE-2020-9297?
CVE-2020-9297 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Netflix Titus, all versions prior to version v0.1.1-rc.274, uses Java Bean Validation (JSR 380) custom constraint validators. When building custom constraint violation error messages, different types ...
How severe is CVE-2020-9297?
CVE-2020-9297 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2020-9297?
Check the references section above for vendor advisories and patch information. Affected products include: Netflix Titus.