CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-4812 – Katello: potential cross-site scripting exploit in ui
https://notcve.org/view.php?id=CVE-2024-4812
A flaw was found in the Katello plugin for Foreman, where it is possible to store malicious JavaScript code in the "Description" field of a user. This code can be executed when opening certain pages, for example, Host Collections. Se encontró una falla en el complemento Katello para Foreman, donde es posible almacenar código JavaScript malicioso en el campo "Descripción" de un usuario. Este código se puede ejecutar al abrir determinadas páginas, por ejemplo, Colecciones de hosts. • https://access.redhat.com/security/cve/CVE-2024-4812 https://bugzilla.redhat.com/show_bug.cgi?id=2280187 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-3716 – Foreman-installer: candlepin database password being leaked to local users via the process list
https://notcve.org/view.php?id=CVE-2024-3716
A flaw was found in foreman-installer when puppet-candlepin is invoked cpdb with the --password parameter. This issue leaks the password in the process list and allows an attacker to take advantage and obtain the password. Se encontró una falla en Foreman-installer cuando se invoca a Puppet-candlepin cpdb con el parámetro --password. Este problema filtra la contraseña en la lista de procesos y permite que un atacante aproveche y obtenga la contraseña. • https://access.redhat.com/security/cve/CVE-2024-3716 https://bugzilla.redhat.com/show_bug.cgi?id=2274755 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4320 – Satellite: arithmetic overflow in satellite
https://notcve.org/view.php?id=CVE-2023-4320
An arithmetic overflow flaw was found in Satellite when creating a new personal access token. This flaw allows an attacker who uses this arithmetic overflow to create personal access tokens that are valid indefinitely, resulting in damage to the system's integrity. Se encontró una falla de desbordamiento aritmético en Satellite al crear un nuevo token de acceso personal. Esta falla permite a un atacante que utiliza este desbordamiento aritmético crear tokens de acceso personal que son válidos indefinidamente, lo que daña la integridad del sistema. • https://access.redhat.com/errata/RHSA-2024:2010 https://access.redhat.com/security/cve/CVE-2023-4320 https://bugzilla.redhat.com/show_bug.cgi?id=2231814 • CWE-613: Insufficient Session Expiration •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-5189 – Hub: insecure galaxy-importer tarfile extraction
https://notcve.org/view.php?id=CVE-2023-5189
A path traversal vulnerability exists in Ansible when extracting tarballs. An attacker could craft a malicious tarball so that when using the galaxy importer of Ansible Automation Hub, a symlink could be dropped on the disk, resulting in files being overwritten. Existe una vulnerabilidad de path traversal en Ansible al extraer archivos comprimidos. Un atacante podría crear un tarball malicioso para que, al utilizar el importador galaxy de Ansible Automation Hub, se pueda colocar un enlace simbólico en el disco, lo que provocaría la sobrescritura de los archivos. • https://access.redhat.com/errata/RHSA-2023:7773 https://access.redhat.com/errata/RHSA-2024:1536 https://access.redhat.com/errata/RHSA-2024:2010 https://access.redhat.com/security/cve/CVE-2023-5189 https://bugzilla.redhat.com/show_bug.cgi?id=2234387 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 81%CPEs: 444EXPL: 7CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability
https://notcve.org/view.php?id=CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. • https://github.com/imabee101/CVE-2023-44487 https://github.com/studiogangster/CVE-2023-44487 https://github.com/bcdannyboy/CVE-2023-44487 https://github.com/sigridou/CVE-2023-44487- https://github.com/ByteHackr/CVE-2023-44487 https://github.com/ReToCode/golang-CVE-2023-44487 http://www.openwall.com/lists/oss-security/2023/10/13/4 http://www.openwall.com/lists/oss-security/2023/10/13/9 http://www.openwall.com/lists/oss-security/2023/10/18/4 http://www. • CWE-400: Uncontrolled Resource Consumption •