CVE-2019-1010238 – pango: pango_log2vis_get_embedding_levels() heap-based buffer overflow
https://notcve.org/view.php?id=CVE-2019-1010238
Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize. Pango versión 1.42 y posterior de Gnome, está afectada por: Desbordamiento de Búfer. • https://access.redhat.com/errata/RHBA-2019:2824 https://access.redhat.com/errata/RHSA-2019:2571 https://access.redhat.com/errata/RHSA-2019:2582 https://access.redhat.com/errata/RHSA-2019:2594 https://access.redhat.com/errata/RHSA-2019:3234 https://gitlab.gnome.org/GNOME/pango/-/commits/main/pango/pango-bidi-type.c https://gitlab.gnome.org/GNOME/pango/-/issues/342 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D6HWAHXJ2ZXINYMANHPFDD • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVE-2019-10354 – jenkins: Unauthorized view fragment access (SECURITY-534)
https://notcve.org/view.php?id=CVE-2019-10354
A vulnerability in the Stapler web framework used in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier allowed attackers to access view fragments directly, bypassing permission checks and possibly obtain sensitive information. Una vulnerabilidad en el framework web Stapler usado en Jenkins versiones 2.185 y anteriores, LTS versiones 2.176.1 y anteriores, ha permitido a los atacantes acceder directamente a los fragmentos de visualización, omitiendo las comprobaciones de permisos y posiblemente obtener información confidencial. • http://www.openwall.com/lists/oss-security/2019/07/17/2 http://www.securityfocus.com/bid/109373 https://access.redhat.com/errata/RHSA-2019:2503 https://access.redhat.com/errata/RHSA-2019:2548 https://jenkins.io/security/advisory/2019-07-17/#SECURITY-534 https://access.redhat.com/security/cve/CVE-2019-10354 https://bugzilla.redhat.com/show_bug.cgi?id=1730869 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •
CVE-2019-3889 – atomic-openshift: reflected XSS in authentication flow
https://notcve.org/view.php?id=CVE-2019-3889
A reflected XSS vulnerability exists in authorization flow of OpenShift Container Platform versions: openshift-online-3, openshift-enterprise-3.4 through 3.7 and openshift-enterprise-3.9 through 3.11. An attacker could use this flaw to steal authorization data by getting them to click on a malicious link. Se presenta una vulnerabilidad de tipo XSS reflejada en el flujo de autorización de OpenShift Container Platform versiones: openshift-online- versión 3, openshift-enterprise- versiones 3.4 hasta 3.7 y openshift-enterprise- versiones 3.9 hasta 3.11. Un atacante podría utilizar este defecto para robar datos de autorización logrando que hagan clic en un enlace malicioso. A reflected XSS vulnerability exists in the authentication flow of the OpenShift Container Platform. • https://access.redhat.com/errata/RHSA-2019:3722 https://access.redhat.com/errata/RHSA-2019:3770 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3889 https://access.redhat.com/security/cve/CVE-2019-3889 https://bugzilla.redhat.com/show_bug.cgi?id=1693499 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2019-10165 – openshift: OAuth access tokens written in plaintext to API server audit logs
https://notcve.org/view.php?id=CVE-2019-10165
OpenShift Container Platform before version 4.1.3 writes OAuth tokens in plaintext to the audit logs for the Kubernetes API server and OpenShift API server. A user with sufficient privileges could recover OAuth tokens from these audit logs and use them to access other resources. OpenShift Container Platform anterior a versión 4.1.3, escribe tokens OAuth en texto plano en los registros de auditoría para el servidor de la API Kubernetes y el servidor de la API OpenShift. Un usuario con privilegios suficientes podría recuperar tokens OAuth de estos registros de auditoría y usarlos para acceder a otros recursos. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10165 https://github.com/openshift/cluster-kube-apiserver-operator/pull/499 https://github.com/openshift/cluster-openshift-apiserver-operator/pull/205 https://access.redhat.com/security/cve/CVE-2019-10165 https://bugzilla.redhat.com/show_bug.cgi?id=1719092 • CWE-532: Insertion of Sensitive Information into Log File •
CVE-2019-10150 – atomic-openshift: OpenShift builds don't verify SSH Host Keys for the git repository
https://notcve.org/view.php?id=CVE-2019-10150
It was found that OpenShift Container Platform versions 3.6.x - 4.6.0 does not perform SSH Host Key checking when using ssh key authentication during builds. An attacker, with the ability to redirect network traffic, could use this to alter the resulting build output. Se encontró que OpenShift Container Platform versiones 3.6.x hasta 4.6.0, no realizan la comprobación de clave del host SSH cuando es usada la autenticación de la clave ssh durante las compilaciones. Un atacante, con la capacidad de redireccionar el tráfico de la red, podría usar esto para alterar la salida de compilación resultante. It was found that OpenShift Container Platform does not perform SSH Host Key checking when using ssh key authentication during builds. • https://access.redhat.com/errata/RHSA-2019:2989 https://access.redhat.com/errata/RHSA-2019:3007 https://access.redhat.com/errata/RHSA-2019:3143 https://access.redhat.com/errata/RHSA-2019:3811 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10150 https://docs.openshift.com/container-platform/3.11/dev_guide/builds/build_inputs.html#source-secrets-ssh-key-authentication https://access.redhat.com/security/cve/CVE-2019-10150 https://bugzilla.redhat.com/show_bug.cgi?id=1713433 • CWE-287: Improper Authentication •