Page 13 of 71 results (0.008 seconds)

CVSS: 8.6EPSS: 1%CPEs: 37EXPL: 2

CVE-2021-21349 – A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host

https://notcve.org/view.php?id=CVE-2021-21349

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.16. XStream es una biblioteca de Java para serializar objetos a XML y viceversa. • https://github.com/s-index/CVE-2021-21349 http://x-stream.github.io/changes.html#1.4.16 https://github.com/x-stream/xstream/security/advisories/GHSA-f6hm-88x3-mfjv https://lists.apache.org/thread.html/r8244fd0831db894d5e89911ded9c72196d395a90ae655414d23ed0dd%40%3Cusers.activemq.apache.org%3E https://lists.apache.org/thread.html/r9ac71b047767205aa22e3a08cb33f3e0586de6b2fac48b425c6e16b0%40%3Cdev.jmeter.apache.org%3E https://lists.debian.org/debian-lts-announce/2021/04/msg00002.html https://lists.fedoraproject.org/archives • CWE-502: Deserialization of Untrusted Data CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 2

CVE-2021-27290 – nodejs-ssri: Regular expression DoS (ReDoS) when parsing malicious SRI in strict mode

https://notcve.org/view.php?id=CVE-2021-27290

ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial of service. This issue only affects consumers using the strict option. ssri versión 5.2.2-8.0.0, corregido en versión 8.0.1, procesa los SRI usando una expresión regular que es vulnerable a una denegación de servicio. Los SRI maliciosos pueden tardar mucho en procesarse, conllevando a una denegación del servicio. Este problema solo afecta a consumidores que usan la opción estricta A flaw was found in ssri package. • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://doyensec.com/resources/Doyensec_Advisory_ssri_redos.pdf https://github.com/yetingli/SaveResults/blob/main/pdf/ssri-redos.pdf https://npmjs.com https://www.oracle.com/security-alerts/cpuoct2021.html https://access.redhat.com/security/cve/CVE-2021-27290 https://bugzilla.redhat.com/show_bug.cgi?id=1941471 • CWE-770: Allocation of Resources Without Limits or Throttling •

CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0

CVE-2021-22883 – nodejs: HTTP2 'unknownProtocol' cause DoS by resource exhaustion

https://notcve.org/view.php?id=CVE-2021-22883

Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the system, then the server is unable to accept new connections and prevent the process also from opening, e.g. a file. If no file descriptor limit is configured, then this lead to an excessive memory usage and cause the system to run out of memory. Node.js versiones anteriores a 10.24.0, 12.21.0, 14.16.0 y 15.10.0, es vulnerable a un ataque de denegación de servicio cuando son establecidos demasiados intentos de conexión con un "unknownProtocol". • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://hackerone.com/reports/1043360 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4FRS5ZVK4ZQ7XIJQNGIKUXG2DJFHLO7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F45Y7TXSU33MTKB6AGL2Q5V5ZOCNPKOG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSYFUGKFUSZ27M5TEZ3FKILWTWFJTFAZ https://nodejs.org/en/blog/vulnerability/february-2021-security-releases& • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 1

CVE-2021-22884 – nodejs: DNS rebinding in --inspect

https://notcve.org/view.php?id=CVE-2021-22884

Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over network. If the attacker controls the victim's DNS server or can spoof its responses, the DNS rebinding protection can be bypassed by using the “localhost6” domain. As long as the attacker uses the “localhost6” domain, they can still apply the attack described in CVE-2018-7160. Node.js versiones anteriores a 10.24.0, 12.21.0, 14.16.0 y 15.10.0, es vulnerable a unos ataques de reenlace de DNS, ya que la lista blanca incluye “localhost6”. • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://hackerone.com/reports/1069487 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4FRS5ZVK4ZQ7XIJQNGIKUXG2DJFHLO7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F45Y7TXSU33MTKB6AGL2Q5V5ZOCNPKOG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSYFUGKFUSZ27M5TEZ3FKILWTWFJTFAZ https://nodejs.org/en/blog/vulnerability/february-2021-security-releases& • CWE-20: Improper Input Validation CWE-350: Reliance on Reverse DNS Resolution for a Security-Critical Action •

CVSS: 5.9EPSS: 0%CPEs: 38EXPL: 0

CVE-2021-23841 – Null pointer deref in X509_issuer_and_serial_hash()

https://notcve.org/view.php?id=CVE-2021-23841

The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. • http://seclists.org/fulldisclosure/2021/May/67 http://seclists.org/fulldisclosure/2021/May/68 http://seclists.org/fulldisclosure/2021/May/70 https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846 https://security.gentoo.org/gls • CWE-476: NULL Pointer Dereference •