CVE-2019-15606 – nodejs: HTTP header values do not have trailing optional whitespace trimmed
https://notcve.org/view.php?id=CVE-2019-15606
Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons Una inclusión de espacios en blanco finales en los valores de encabezado HTTP en Nodejs versiones 10, 12 y 13, causa una omisión de autorización según las comparaciones de valores de encabezado. A flaw was found in Node.js where the HTTP(s) header values were not stripped of trailing whitespace. An attacker can use this flaw to send an HTTP(s) request which is validated by an upstream proxy server, but not by the Node.js HTTP(s) server. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00008.html https://access.redhat.com/errata/RHSA-2020:0573 https://access.redhat.com/errata/RHSA-2020:0579 https://access.redhat.com/errata/RHSA-2020:0597 https://access.redhat.com/errata/RHSA-2020:0598 https://access.redhat.com/errata/RHSA-2020:0602 https://hackerone.com/reports/730779 https://nodejs.org/en/blog/release/v10.19.0 https://nodejs.org/en/blog/release/v12.15.0 https://nodejs.org/en/b • CWE-20: Improper Input Validation CWE-138: Improper Neutralization of Special Elements •
CVE-2019-15604 – nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string
https://notcve.org/view.php?id=CVE-2019-15604
Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate Una Comprobación Inapropiada del Certificado en Node.js versiones 10, 12 y 13, causa que el proceso se aborte cuando se envía un certificado X.509 diseñado. An encoding error flaw exists in the Node.js code that is used to read a peer certificate in the TLS client authentication. An attacker can use this flaw to crash the process used to handle TLS client authentication. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00008.html https://access.redhat.com/errata/RHSA-2020:0573 https://access.redhat.com/errata/RHSA-2020:0579 https://access.redhat.com/errata/RHSA-2020:0597 https://access.redhat.com/errata/RHSA-2020:0598 https://access.redhat.com/errata/RHSA-2020:0602 https://hackerone.com/reports/746733 https://nodejs.org/en/blog/release/v10.19.0 https://nodejs.org/en/blog/release/v12.15.0 https://nodejs.org/en/b • CWE-172: Encoding Error CWE-295: Improper Certificate Validation •
CVE-2019-10746 – nodejs-mixin-deep: prototype pollution in function mixin-deep
https://notcve.org/view.php?id=CVE-2019-10746
mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and version 2.0.0. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using a constructor payload. mixin-deep es vulnerable a Prototype Pollution en versiones anteriores a 1.3.2 y 2.0.0. La función mixin-deep podría ser engañada para agregar o modificar propiedades de Object.prototype usando una carga útil del constructor. A flaw was found in Nodejs's mixin-deep prior to versions 1.3.2 and 2.0.0. The mixin-deep function could be used to add or modify properties of the Object.prototype. • https://github.com/ossf-cve-benchmark/CVE-2019-10746 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BFNIVG2XYFPZJY3DYYBJASZ7ZMKBMIJT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UXRA365KZCUNXMU3KDH5JN5BEPNIGUKC https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212 https://www.oracle.com//security-alerts/cpujul2021.html https://access.redhat.com/security/cve/CVE-2019-10746 https://bugzilla.redhat.com/show_bug.cgi?id=1795475 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') CWE-471: Modification of Assumed-Immutable Data (MAID) •
CVE-2018-15686 – systemd: reexec state injection: fgets() on overlong lines leads to line splitting
https://notcve.org/view.php?id=CVE-2018-15686
A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239. Una vulnerabilidad en unit_deserialize de systemd permite que un atacante proporcione estados arbitrarios en la reejecución de systemd mediante NotifyAccess. Esto puede emplearse para influenciar incorrectamente la ejecución de systemd y podría conducir a un escalado de privilegios root. • https://www.exploit-db.com/exploits/45714 http://www.securityfocus.com/bid/105747 https://access.redhat.com/errata/RHSA-2019:2091 https://access.redhat.com/errata/RHSA-2019:3222 https://access.redhat.com/errata/RHSA-2020:0593 https://github.com/systemd/systemd/pull/10519 https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2018/11/msg00017.html https://security.gentoo.org/gl • CWE-20: Improper Input Validation CWE-502: Deserialization of Untrusted Data •