CVSS: 6.1EPSS: 0%CPEs: 24EXPL: 0CVE-2020-1927 – httpd: mod_rewrite configurations vulnerable to open redirect
https://notcve.org/view.php?id=CVE-2020-1927
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL. En Apache HTTP Server versiones 2.4.0 hasta 2.4.41, los redireccionamientos configurados con mod_rewrite que pretendían ser autorreferenciales podrían ser engañados por nuevas líneas codificadas y redireccionadas en lugar de una URL inesperada dentro de la URL de petición. A flaw was found in Apache HTTP Server (httpd) versions 2.4.0 to 2.4.41. Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirected instead to an unexpected URL within the request URL. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html http://www.openwall.com/lists/oss-security/2020/04/03/1 http://www.openwall.com/lists/oss-security/2020/04/04/1 https://httpd.apache.org/security/vulnerabilities_24.html https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 5.3EPSS: 0%CPEs: 15EXPL: 0CVE-2020-1954 – cxf: JMX integration is vulnerable to a MITM attack
https://notcve.org/view.php?id=CVE-2020-1954
Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the ‘createMBServerConnectorFactory‘ property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX. Apache CXF posee la capacidad de integrarse con JMX mediante el registro de una extensión InstrumentationManager con el bus CXF. • http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1&modificationDate=1585730169000&api=v2 https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E https://security.netapp.com/advisory/ntap-20220210-0001 https://www. • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 21EXPL: 0CVE-2020-1934 – httpd: mod_proxy_ftp use of uninitialized value
https://notcve.org/view.php?id=CVE-2020-1934
In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server. En Apache HTTP Server versiones 2.4.0 hasta 2.4.41, mod_proxy_ftp puede usar memoria no inicializada cuando al enviar un proxy hacia un servidor FTP malicioso. A flaw was found in Apache's HTTP server (httpd) .The mod_proxy_ftp module may use uninitialized memory with proxying to a malicious FTP server. The highest threat from this vulnerability is to data confidentiality. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html https://httpd.apache.org/security/vulnerabilities_24.html https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r09bb998baee74a2c316446bd1a41ae7f8d7049d09d9ff991471e8775%40%3Ccvs.httpd.apache.org%3E https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac%40%3Cdev.httpd.apache.org%3E https://lists.apache.org/thread.html/r26706d75f6b9080ca6a29955aeb8 • CWE-456: Missing Initialization of a Variable CWE-908: Use of Uninitialized Resource •
CVSS: 8.8EPSS: 0%CPEs: 42EXPL: 0CVE-2020-11111 – jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory
https://notcve.org/view.php?id=CVE-2020-11111
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms). FasterXML jackson-databind versiones 2.x anteriores a 2.9.10.4, maneja inapropiadamente la interacción entre los gadgets de serialización y la escritura, relacionado con org.apache.activemq.* (también se conoce como activemq-jms, activemq-core, activemq-pool, y activemq-pool-jms). A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • https://github.com/FasterXML/jackson-databind/issues/2664 https://lists.debian.org/debian-lts-announce/2020/04/msg00012.html https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 https://security.netapp.com/advisory/ntap-20200403-0002 https://www.oracle.com/security-alerts/cpujan2021.html https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/security-alerts/cpuoct2020.html https://www.oracle.com/security-alerts/cpuoct2021 • CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') CWE-502: Deserialization of Untrusted Data •
CVSS: 8.8EPSS: 0%CPEs: 54EXPL: 0CVE-2020-11112 – jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider
https://notcve.org/view.php?id=CVE-2020-11112
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy). FasterXML jackson-databind versiones 2.x anteriores a 2.9.10.4, maneja inapropiadamente la interacción entre los gadgets de serialización y la escritura, relacionado con org.apache.commons.proxy.provider.remoting.RmiProvider (también se conoce como apache/commons-proxy). A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • https://github.com/FasterXML/jackson-databind/issues/2666 https://lists.debian.org/debian-lts-announce/2020/04/msg00012.html https://medium.com/%40cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 https://security.netapp.com/advisory/ntap-20200403-0002 https://www.oracle.com/security-alerts/cpujan2021.html https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/security-alerts/cpuoct2020.html https://www.oracle.com/security-alerts/cpuoct2021 • CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') CWE-502: Deserialization of Untrusted Data •