CVE-2020-10758 – keycloak: DoS by sending multiple simultaneous requests with a Content-Length header value greater than actual byte count of request body
https://notcve.org/view.php?id=CVE-2020-10758
A vulnerability was found in Keycloak before 11.0.1 where DoS attack is possible by sending twenty requests simultaneously to the specified keycloak server, all with a Content-Length header value that exceeds the actual byte count of the request body. Se encontró una vulnerabilidad en Keycloak versiones anteriores a 11.0.1, donde el ataque de DoS es posible mediante el envío de veinte peticiones simultáneamente hacia el servidor de keycloak especificado, todas con un valor de encabezado Content-Length que excede el conteo de bytes real del cuerpo de la petición A flaw was found in Keycloak. This flaw allows an attacker to perform a denial of service attack by sending multiple simultaneous requests with a Content-Length header value greater than the actual byte count of the request body. The highest threat from this vulnerability is to system availability. • https://bugzilla.redhat.com/show_bug.cgi?id=1843849 https://github.com/keycloak/keycloak/commit/bee4ca89897766c4b68856eafe14f1a3dad34251 https://access.redhat.com/security/cve/CVE-2020-10758 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2020-10687 – Undertow: Incomplete fix for CVE-2017-2666 due to permitting invalid characters in HTTP requests
https://notcve.org/view.php?id=CVE-2020-10687
A flaw was discovered in all versions of Undertow before Undertow 2.2.0.Final, where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. Se detectó un fallo en todas las versiones de Undertow versiones anteriores a Undertow 2.2.0.Final, donde el tráfico malicioso de peticiones HTTP relacionado a CVE-2017-2666, es posible contra HTTP/1.x y HTTP/2 debido a que permite caracteres no válidos en una petición HTTP. Este fallo permite a un atacante envenenar una caché web, llevar a cabo un ataque de tipo XSS y obtener información confidencial de una petición distinta a la suya A flaw was discovered in Undertow where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. • https://bugzilla.redhat.com/show_bug.cgi?id=1785049 https://lists.apache.org/thread.html/r6603513ea8afbf6857fd77ca5888ec8385d0af493baa4250e28c351c%40%3Cdev.cxf.apache.org%3E https://security.netapp.com/advisory/ntap-20220210-0015 https://access.redhat.com/security/cve/CVE-2020-10687 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVE-2020-14297 – wildfly: Some EJB transaction objects may get accumulated causing Denial of Service
https://notcve.org/view.php?id=CVE-2020-14297
A flaw was discovered in Wildfly's EJB Client as shipped with Red Hat JBoss EAP 7, where some specific EJB transaction objects may get accumulated over the time and can cause services to slow down and eventaully unavailable. An attacker can take advantage and cause denial of service attack and make services unavailable. Se detectó un fallo en Wildfly's EJB Client que se incluyó con Red Hat JBoss EAP 7, donde algunos objetos de transacción EJB específicos pueden ser acumulados con el tiempo y pueden causar que los servicios se ralenticen y eventualmente no estén disponibles. Un atacante puede tomar ventaja y causar un ataque de denegación de servicio y hacer que los servicios no estén disponibles A flaw was found in Wildfly's EJB Client, where the accumulation of specific EJB transaction objects over time can cause services to slow down and eventually become unavailable. This flaw allows an attacker to cause a denial of service. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14297 https://access.redhat.com/security/cve/CVE-2020-14297 https://bugzilla.redhat.com/show_bug.cgi?id=1853595 • CWE-400: Uncontrolled Resource Consumption •
CVE-2020-14307 – wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service
https://notcve.org/view.php?id=CVE-2020-14307
A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable. Se encontró una vulnerabilidad en Wildfly's Enterprise Java Beans (EJB) versiones incluidas con Red Hat JBoss EAP 7, donde SessionOpenInvocations nunca es eliminada del InvocationTracker remoto después que una respuesta es recibida en el EJB Client, así como en el servidor. Este fallo permite a un atacante diseñar un ataque de denegación de servicio para hacer que el servicio no esté disponible A vulnerability was found in Wildfly's Enterprise Java Beans (EJB), where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14307 https://access.redhat.com/security/cve/CVE-2020-14307 https://bugzilla.redhat.com/show_bug.cgi?id=1851327 • CWE-404: Improper Resource Shutdown or Release •
CVE-2020-10748 – keycloak: top-level navigations to data URLs resulting in XSS are possible (incomplete fix of CVE-2020-1697)
https://notcve.org/view.php?id=CVE-2020-10748
A flaw was found in Keycloak's data filter, in version 10.0.1, where it allowed the processing of data URLs in some circumstances. This flaw allows an attacker to conduct cross-site scripting or further attacks. Se encontró un fallo en el filtro de datos de Keycloak, en versión 10.0.1, donde permitía el procesamiento de las URL de datos en algunas circunstancias. Este fallo permite a un atacante conducir ataques de tipo cross-site scripting o mas ataques A flaw was found in Keycloak's data filter, where it allowed the processing of data URLs in some circumstances. This flaw allows an attacker to conduct cross-site scripting or further attacks. • https://bugzilla.redhat.com/show_bug.cgi?id=1836786 https://access.redhat.com/security/cve/CVE-2020-10748 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •