CVE-2020-8492 – python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS
https://notcve.org/view.php?id=CVE-2020-8492
Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking. Python versiones 2.7 hasta 2.7.17, versiones 3.5 hasta 3.5.9, versiones 3.6 hasta 3.6.10, versiones 3.7 hasta 3.7.6 y versiones 3.8 hasta 3.8.1, permiten a un servidor HTTP conducir ataques de Denegación de Servicio de Expresión Regular (ReDoS) contra un cliente debido a un backtracking catastrófico de la clase urllib.request.AbstractBasicAuthHandler. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html https://bugs.python.org/issue39503 https://github.com/python/cpython/pull/18284 https://lists.apache.org/thread.html/rdb31a608dd6758c6093fd645aea3fbf022dd25b37109b6aaea5bc0b5%40%3Ccommits.cassandra.apache.org%3E https://lists.apache.org/thread.html/rfec113c733162b39633fd86a2d0f34bf42ac35f711b3ec1835c774da%40%3Ccommits.cassandra.apache.org%3E https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html https://lists.debian.org/debian-lts-announce/2023/05& • CWE-400: Uncontrolled Resource Consumption •
CVE-2019-15795 – python-apt uses MD5 for validation
https://notcve.org/view.php?id=CVE-2019-15795
python-apt only checks the MD5 sums of downloaded files in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py in version 1.9.0ubuntu1 and earlier. This allows a man-in-the-middle attack which could potentially be used to install altered packages and has been fixed in versions 1.9.0ubuntu1.2, 1.6.5ubuntu0.1, 1.1.0~beta1ubuntu0.16.04.7, 0.9.3.5ubuntu3+esm2, and 0.8.3ubuntu7.5. Python-apt solo comprueba las cantidades MD5 de los archivos descargados en las funciones "Version.fetch_binary()" y "Version.fetch_source()" del archivo apt/package.py en la versión 1.9.0ubuntu1 y anteriores. Esto permite un ataque de tipo man-in-the-middle que podría ser usado para instalar paquetes alterados y ha sido corregido en las versiones 1.9.0ubuntu1.2, 1.6.5ubuntu0.1, 1.1.0~beta1ubuntu0.16.04.7, 0.9. 3.5ubuntu3+esm2, y 0.8.3ubuntu7.5. • https://usn.ubuntu.com/4247-1 https://usn.ubuntu.com/4247-3 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVE-2019-15796 – python-apt downloads from untrusted sources
https://notcve.org/view.php?id=CVE-2019-15796
Python-apt doesn't check if hashes are signed in `Version.fetch_binary()` and `Version.fetch_source()` of apt/package.py or in `_fetch_archives()` of apt/cache.py in version 1.9.3ubuntu2 and earlier. This allows downloads from unsigned repositories which shouldn't be allowed and has been fixed in verisions 1.9.5, 1.9.0ubuntu1.2, 1.6.5ubuntu0.1, 1.1.0~beta1ubuntu0.16.04.7, 0.9.3.5ubuntu3+esm2, and 0.8.3ubuntu7.5. Python-apt no comprueba si los hashes están firmados en las funciones "Version.fetch_binary()" y "Version.fetch_source()" del archivo apt/package.py o en la función "_fetch_archives()" del archivo apt/cache.py en versión 1.9. 3ubuntu2 y anteriores. Esto permite descargas desde repositorios no firmados que no deberían ser permitidos y ha sido corregido en las versiones 1.9.5, 1.9.0ubuntu1.2, 1.6.5ubuntu0.1, 1.1.0~beta1ubuntu0.16.04.7, 0.9.3.5ubuntu3+esm2 y 0.8.3ubuntu7.5. • https://usn.ubuntu.com/4247-1 https://usn.ubuntu.com/4247-3 • CWE-287: Improper Authentication CWE-347: Improper Verification of Cryptographic Signature •
CVE-2020-7595 – libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations
https://notcve.org/view.php?id=CVE-2020-7595
xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. La función xmlStringLenDecodeEntities en el archivo parser.c en libxml2 versión 2.9.10, presenta un bucle infinito en una determinada situación de fin del archivo. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00047.html https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c89076 https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI https://lists& • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2019-20367
https://notcve.org/view.php?id=CVE-2019-20367
nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab). El archivo nlist.c en libbsd versiones anteriores a la versión 0.10.0, tiene una lectura fuera de límites durante una comparación de un nombre de símbolo de la tabla de cadenas (strtab). • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00043.html https://gitlab.freedesktop.org/libbsd/libbsd/commit/9d917aad37778a9f4a96ba358415f077f3f36f3b https://lists.apache.org/thread.html/r0e913668380f59bcbd14fdd8ae8d24f95f99995e290cd18a7822c6e5%40%3Cdev.tomee.apache.org%3E https://lists.apache.org/thread.html/ra781e51cf1ec40381c98cddc073b3576fb56c3978f4564d2fa431550%40%3Cdev.tomee.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/02/msg00027.html https://lists.freedesktop.org/archives/libbsd/2019-August/000229.html http • CWE-125: Out-of-bounds Read •