jar-analyzer/vulnerability.yaml at master · Test-Lab-Tenable/jar-analyzer · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
!!me.n1ar4.jar.analyzer.gui.vul.Rule
name: jar-analyzer-vulnerability-rule
vulnerabilities:
  JNDI:
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: javax/naming/Context
      methodName: lookup
      methodDesc: (Ljava/lang/String;)Ljava/lang/Object;
  Runtime.exec:
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: java/lang/Runtime
      methodName: exec
      methodDesc: null
  ProcessBuilder.start:
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: java/lang/ProcessBuilder
      methodName: start
      methodDesc: ()Ljava/lang/Process;
  SpEL.getValue:
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: org/springframework/expression/Expression
      methodName: getValue
      methodDesc: null
  readObject:
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: java/io/ObjectInputStream
      methodName: readObject
      methodDesc: ()Ljava/lang/Object;
  ScriptEngine.eval:
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: javax/script/ScriptEngine
      methodName: eval
      methodDesc: (Ljava/lang/String;)Ljava/lang/Object;
  BCEL.loadClass:
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: com/sun/org/apache/bcel/internal/util/ClassLoader
      methodName: loadClass
      methodDesc: (Ljava/lang/String;)Ljava/lang/Class;
  defineClass:
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: null
      methodName: defineClass
      methodDesc: (Ljava/lang/String;[BII)Ljava/lang/Class;
  OGNL.getValue:
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: ognl/Ognl
      methodName: getValue
      methodDesc: null
  Fastjson:
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: com/alibaba/fastjson/JSON
      methodName: parse
      methodDesc: null
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: com/alibaba/fastjson/JSON
      methodName: parseObject
      methodDesc: null
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: com/alibaba/fastjson/JSONObject
      methodName: parse
      methodDesc: null
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: com/alibaba/fastjson/JSONObject
      methodName: parseObject
      methodDesc: null
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: com/alibaba/fastjson/JSONArray
      methodName: parse
      methodDesc: null
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: com/alibaba/fastjson/JSONArray
      methodName: parseObject
      methodDesc: null
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: com/alibaba/fastjson/support/spring/FastJsonHttpMessageConverter
      methodName: <init>
      methodDesc: null
  Unzip:
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: java/util/zip/ZipInputStream
      methodName: <init>
      methodDesc: null
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: java/util/zip/ZipFile
      methodName: getInputStream
      methodDesc: null
  Hessian.readObject:
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: com/caucho/hessian/io/AbstractHessianInput
      methodName: readObject
      methodDesc: null
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: com/caucho/hessian/io/HessianInput
      methodName: readObject
      methodDesc: null
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: com/caucho/hessian/io/Hessian2Input
      methodName: readObject
      methodDesc: null
  FreeMarker:
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: freemarker/template/Template
      methodName: process
      methodDesc: null
  JEXL:
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: org/apache/commons/jexl3/JexlExpression
      methodName: evaluate
      methodDesc: null
  Rhino.eval:
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: org/mozilla/javascript/Context
      methodName: evaluateString
      methodDesc: null
  Aviator.execute:
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: com/googlecode/aviator/AviatorEvaluatorInstance
      methodName: execute
      methodDesc: null
  MVEL:
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: org/mvel2/MVEL
      methodName: eval
      methodDesc: null
  QLExpress:
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: com/ql/util/express/ExpressRunner
      methodName: execute
      methodDesc: null
  XStream:
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: com/thoughtworks/xstream/XStream
      methodName: fromXML
      methodDesc: null
  SQL.exec:
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: java/sql/PreparedStatement
      methodName: execute
      methodDesc: null
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: java/sql/PreparedStatement
      methodName: executeQuery
      methodDesc: null
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: java/sql/PreparedStatement
      methodName: executeUpdate
      methodDesc: null
  SQL.exec(no-prepare):
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: java/sql/Statement
      methodName: execute
      methodDesc: null
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: java/sql/Statement
      methodName: executeQuery
      methodDesc: null
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: java/sql/Statement
      methodName: executeUpdate
      methodDesc: null
  JDBC:
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: java/sql/DriverManager
      methodName: getConnection
      methodDesc: null
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: java/sql/DriverManager
      methodName: getDriver
      methodDesc: null
  UserCustom1:
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: UserCustom2
      methodName: test
      methodDesc: null
  UserCustom2:
    - !!me.n1ar4.jar.analyzer.engine.SearchCondition
      className: UserCustom3
      methodName: test
      methodDesc: null