CVE-2022-21434 – OpenJDK: Improper object-to-string conversion in AnnotationInvocationHandler (Libraries, 8277672)
https://notcve.org/view.php?id=CVE-2022-21434
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. • https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html https://security.netapp.com/advisory/ntap-20220429-0006 https://security.netapp.com/advisory/ntap-20240621-0006 https://www.debian.org/security/2022/dsa-5128 https://www.debian.org/security/2022/dsa-5131 https://www.oracle.com/security-alerts/cpuapr2022.html https://access.redhat.com/security/cve/CVE-2022-21434 https://bugzilla.redhat.com/show_bug.cgi?id=2075836 • CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') •
CVE-2022-21426 – OpenJDK: Unbounded memory allocation when compiling crafted XPath expressions (JAXP, 8270504)
https://notcve.org/view.php?id=CVE-2022-21426
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. • https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html https://security.netapp.com/advisory/ntap-20220429-0006 https://www.debian.org/security/2022/dsa-5128 https://www.debian.org/security/2022/dsa-5131 https://www.oracle.com/security-alerts/cpuapr2022.html https://access.redhat.com/security/cve/CVE-2022-21426 https://bugzilla.redhat.com/show_bug.cgi?id=2075788 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2021-44533 – nodejs: Incorrect handling of certificate subject and issuer fields
https://notcve.org/view.php?id=CVE-2021-44533
Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in order to inject a Common Name that would allow bypassing the certificate subject verification.Affected versions of Node.js that do not accept multi-value Relative Distinguished Names and are thus not vulnerable to such attacks themselves. However, third-party code that uses node's ambiguous presentation of certificate subjects may be vulnerable. Node.js versiones anteriores a 12.22.9, versiones anteriores a 14.18.3, versiones anteriores a 16.13.2, y versiones anteriores a 17.3.1, no manejaba correctamente los Nombres Distinguidos Relativos de varios valores. Los atacantes podrían diseñar sujetos de certificados que contengan un Nombre Distinguido Relativo de un solo valor que sería interpretado como un Nombre Distinguido Relativo de varios valores, por ejemplo, para inyectar un Nombre Común que permitiría omitir la verificación del sujeto del certificado. • https://hackerone.com/reports/1429694 https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases https://security.netapp.com/advisory/ntap-20220325-0007 https://www.debian.org/security/2022/dsa-5170 https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2021-44533 https://bugzilla.redhat.com/show_bug.cgi?id=2040856 • CWE-295: Improper Certificate Validation •
CVE-2021-44532 – nodejs: Certificate Verification Bypass via String Injection
https://notcve.org/view.php?id=CVE-2021-44532
Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 converts SANs (Subject Alternative Names) to a string format. It uses this string to check peer certificates against hostnames when validating connections. The string format was subject to an injection vulnerability when name constraints were used within a certificate chain, allowing the bypass of these name constraints.Versions of Node.js with the fix for this escape SANs containing the problematic characters in order to prevent the injection. This behavior can be reverted through the --security-revert command-line option. Node.js versiones anteriores a 12.22.9, versiones anteriores a 14.18.3, versiones anteriores a 16.13.2 y versiones anteriores a 17.3.1, convierte los SAN (Subject Alternative Names) a un formato de cadena. usa esta cadena para comprobar los certificados de los compañeros con los nombres de host cuando comprueba las conexiones. • https://hackerone.com/reports/1429694 https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases https://security.netapp.com/advisory/ntap-20220325-0007 https://www.debian.org/security/2022/dsa-5170 https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2021-44532 https://bugzilla.redhat.com/show_bug.cgi?id=2040846 • CWE-295: Improper Certificate Validation CWE-296: Improper Following of a Certificate's Chain of Trust •
CVE-2021-44531 – nodejs: Improper handling of URI Subject Alternative Names
https://notcve.org/view.php?id=CVE-2021-44531
Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 was accepting URI SAN types, which PKIs are often not defined to use. Additionally, when a protocol allows URI SANs, Node.js did not match the URI correctly.Versions of Node.js with the fix for this disable the URI SAN type when checking a certificate against a hostname. This behavior can be reverted through the --security-revert command-line option. Aceptar tipos de nombres alternativos de sujeto (SAN) arbitrarios, a menos que una PKI esté definida específicamente para usar un tipo de SAN concreto, puede resultar en una omisión de los intermediarios con restricción de nombre. • https://hackerone.com/reports/1429694 https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases https://security.netapp.com/advisory/ntap-20220325-0007 https://www.debian.org/security/2022/dsa-5170 https://www.oracle.com/security-alerts/cpuapr2022.html https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2021-44531 https://bugzilla.redhat.com/show_bug.cgi?id=2040839 • CWE-295: Improper Certificate Validation •