CVSS: 7.8EPSS: 2%CPEs: 4EXPL: 0CVE-2023-23969 – python-django: Potential denial-of-service via Accept-Language headers
https://notcve.org/view.php?id=CVE-2023-23969
01 Feb 2023 — In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very large. A flaw was found in python-django. The parsed values of the Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial of service vector via excessive memory usage i... • https://docs.djangoproject.com/en/4.1/releases/security • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2020-36659
https://notcve.org/view.php?id=CVE-2020-36659
27 Jan 2023 — In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix. En Apache::Session::Browseable anterior a 1.3.6, la validez del certificado X.509 no se verifica de forma predeterminada cuando se conecta a backends LDAP remotos, porque se usa la configuración predetermina... • https://github.com/LemonLDAPNG/Apache-Session-Browseable/commit/fdf393235140b293cae5578ef136055a78f3574f • CWE-295: Improper Certificate Validation •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 0CVE-2020-36658 – Ubuntu Security Notice USN-6596-1
https://notcve.org/view.php?id=CVE-2020-36658
27 Jan 2023 — In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix. En Apache::Session::LDAP anterior a 0.5, la validez del certificado X.509 no se verifica de forma predeterminada cuando se conecta a backends LDAP remotos, porque se usa la configuración predeterminada del módulo Ne... • https://github.com/LemonLDAPNG/Apache-Session-LDAP/commit/490722b71eed1ed1ab33d58c78578f23e043561f • CWE-295: Improper Certificate Validation •
CVSS: 7.7EPSS: 0%CPEs: 8EXPL: 1CVE-2022-47951 – openstack: Arbitrary file access through custom VMDK flat descriptor
https://notcve.org/view.php?id=CVE-2022-47951
26 Jan 2023 — An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file's contents from the server, resulting in unauthorized access to potentially sensitive data. Se descubrió un problema en OpenStack Cinder antes ... • https://launchpad.net/bugs/1996188 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-552: Files or Directories Accessible to External Parties •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-0412 – SUSE Security Advisory - SUSE-SU-2023:0343-1
https://notcve.org/view.php?id=CVE-2023-0412
24 Jan 2023 — TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0 to 3.6.10 and allows denial of service via packet injection or crafted capture file El disector TIPC falla en Wireshark para las versiones de la 4.0.0 a la 4.0.2 y de la 3.6.0 a la 3.6.10 y permite la denegación de servicio mediante inyección de paquetes o archivo de captura manipulado. An update that solves 7 vulnerabilities and has one errata is now available. This update for wireshark fixes the following issues. Fixed a memory leak in the NFS dis... • https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0412.json • CWE-404: Improper Resource Shutdown or Release •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-48281 – libtiff: heap-based buffer overflow in processCropSelections() in tools/tiffcrop.c
https://notcve.org/view.php?id=CVE-2022-48281
23 Jan 2023 — processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow (e.g., "WRITE of size 307203") via a crafted TIFF image. A vulnerability was found in libtiff. This vulnerability occurs due to an issue in processCropSelections in the tools/tiffcrop.c function in LibTIFF that has a heap-based buffer overflow (for example, "WRITE of size 307203") via a crafted TIFF image. It was discovered that LibTIFF could be made to write out of bounds when processing certain malformed im... • https://gitlab.com/libtiff/libtiff/-/commit/d1b6b9c1b3cae2d9e37754506c1ad8f4f7b646b5 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-24038 – Debian Security Advisory 5339-1
https://notcve.org/view.php?id=CVE-2023-24038
21 Jan 2023 — The HTML-StripScripts module through 1.06 for Perl allows _hss_attval_style ReDoS because of catastrophic backtracking for HTML content with certain style attributes. El módulo HTML-StripScripts hasta la versión 1.06 para Perl permite _hss_attval_style ReDoS debido al retroceso catastrófico del contenido HTML con ciertos atributos de estilo. Ikeda Soji reported that libhtml-stripscripts-perl, a Perl module for removing scripts from HTML, is prone to a regular expression denial of service, due to catastrophi... • https://github.com/clintongormley/perl-html-stripscripts/issues/3 • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-24021 – modsecurity: lacking the complete content in FILES_TMP_CONTENT leads to web application firewall bypass
https://notcve.org/view.php?id=CVE-2023-24021
20 Jan 2023 — Incorrect handling of '\0' bytes in file uploads in ModSecurity before 2.9.7 may allow for Web Application Firewall bypasses and buffer over-reads on the Web Application Firewall when executing rules that read the FILES_TMP_CONTENT collection. El manejo incorrecto de los bytes '\0' en las cargas de archivos en ModSecurity anteriores a 2.9.7 puede permitir omisiones del Firewall de aplicaciones web y sobrelecturas del búfer en el Firewall de aplicaciones web al ejecutar reglas que leen la colección FILES_TMP... • https://github.com/SpiderLabs/ModSecurity/pull/2857 • CWE-170: Improper Null Termination CWE-402: Transmission of Private Resources into a New Sphere ('Resource Leak') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-48279 – mod_security: incorrect parsing of HTTP multipart requests leads to web application firewall bypass
https://notcve.org/view.php?id=CVE-2022-48279
20 Jan 2023 — In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed and could bypass the Web Application Firewall. NOTE: this is related to CVE-2022-39956 but can be considered independent changes to the ModSecurity (C language) codebase. En ModSecurity anterior a 2.9.6 y 3.x anterior a 3.0.8, las solicitudes HTTP multiparte se analizaban incorrectamente y podían omitir el Firewall de aplicaciones web. NOTA: esto está relacionado con CVE-2022-39956, pero puede considerarse camb... • https://coreruleset.org/20220919/crs-version-3-3-3-and-3-2-2-covering-several-cves • CWE-436: Interpretation Conflict CWE-1389: Incorrect Parsing of Numbers with Different Radices •
CVSS: 7.7EPSS: 0%CPEs: 4EXPL: 1CVE-2022-47950 – openstack-swift: Arbitrary file access through custom S3 XML entities
https://notcve.org/view.php?id=CVE-2022-47950
18 Jan 2023 — An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By supplying crafted XML files, an authenticated user may coerce the S3 API into returning arbitrary file contents from the host server, resulting in unauthorized read access to potentially sensitive data. This impacts both s3api deployments (Rocky or later), and swift3 deployments (Queens and earlier, no longer actively developed). Se descubrió un problema en OpenStack Swift anterior a 2.28.1, 2.29.x anterior a 2.29... • https://launchpad.net/bugs/1998625 • CWE-552: Files or Directories Accessible to External Parties •