grails-databinding Scan Result Analysis
Log In or Register to download the BES file, and more.

0 Votes

Description

Learn more about this analysis online: https://bigfix.me/cdb/analysis/2998672

This is Community Content. When you use these solutions, it is incumbent on your organization to test any solutions provided across the broadest available system base including various OS, storage solutions, and application inventory.

Please see the Community Solution Testing Statement

This Analysis retrieves results of a filesystem scan to attempt detecting Grails Databinding versions that may be vulnerable to the following vulnerabilty reported in July 2022:

 

 

https://nvd.nist.gov/vuln/detail/CVE-2022-35912

https://github.com/grails/grails-core/security/advisories/GHSA-6rh6-x8ww-9h97

 

This Analysis attempts to detect the presence and versions of Grails databinding, without distinction between vulnerable or updated versions.  These results should be considered only a starting point in determining whether a system is actually vulnerable, along with other information such as the version of Java Virtual Machine and specific application or code configurations as referenced in the security bulletins above.


Property Details

ID2998675
StatusAlpha - Code that was just developed
Titlegrails-databinding Scan Result Analysis
DomainBESC
Keywordsgrails, grails-databinding, jar, scan, file search, CVE-2022-35912
Added by on 7/20/2022 9:14:30 AM
Last Modified by on 7/20/2022 9:14:30 AM
Counters 157 Views / 2 Downloads
User Rating 1 star 2 star 3 star 4 star 5 star * Average over 0 ratings. ** Log In or Register to add your rating.

Properties

All grails-databinding Detections
Period 30 minutes
 
  * Results in a true/false
Show indented relevance
(if exists property "locked lines" then locked lines of it else lines of it) whose (it does not start with "::") of files "grails-databinding-scan.txt" of folders "Scans" of folders ((if (version of client >= "9" as version) then (pathname of parent folder of data folder of client) else (pathname of parent folder of parent folder of client folder of site "actionsite")))
Number of grails-databinding Detections
Period 30 minutes
 
  * Results in a true/false
Show indented relevance
number of (if exists property "locked lines" then locked lines of it else lines of it) whose (it does not start with "::") of files "grails-databinding-scan.txt" of folders "Scans" of folders ((if (version of client >= "9" as version) then (pathname of parent folder of data folder of client) else (pathname of parent folder of parent folder of client folder of site "actionsite")))
Unique grails-databinding Versions Found
Period 30 minutes
 
  * Results in a true/false
Show indented relevance
unique values of (unique value of following texts of lasts "-" of preceding texts of lasts ".jar" of (it as lowercase) | "unknown") of lines whose (it does not start with "::") of files "grails-databinding-scan.txt" of folders "Scans" of folders ((if (version of client >= "9" as version) then (pathname of parent folder of data folder of client) else (pathname of parent folder of parent folder of client folder of site "actionsite")))

Relevance

Used in 30 fixlets and 16 analyses   * Results in a true/false
Show indented relevance
if exists property "in proxy agent context" then not in proxy agent context else true
Used in 1 analsis   * Results in a true/false
Show indented relevance
exists files "grails-databinding-scan.txt" of folders "Scans" of folders ((if (version of client >= "9" as version) then (pathname of parent folder of data folder of client) else (pathname of parent folder of parent folder of client folder of site "actionsite")))

Sharing

Social Media:
Share this page on Yammer

Comments

Log In or Register to leave comments!