CVE-2020-11987 – batik: SSRF due to improper input validation by the NodePickerPanel
https://notcve.org/view.php?id=CVE-2020-11987
Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. Apache Batik versión 1.13 es vulnerable a un ataque de tipo server-side request forgery, causada por una comprobación de entrada inapropiada por parte de NodePickerPanel. Al usar un argumento especialmente diseñado, un atacante podría explotar esta vulnerabilidad para causar que el servidor subyacente lleve a cabo peticiones GET arbitrarias • https://lists.apache.org/thread.html/r2877ae10e8be56a3c52d03e373512ddd32f16b863f24c2e22f5a5ba2%40%3Cdev.poi.apache.org%3E https://lists.apache.org/thread.html/r588d05a0790b40a0eb81088252e1e8c1efb99706631421f17038eb05%40%3Cdev.poi.apache.org%3E https://lists.debian.org/debian-lts-announce/2023/10/msg00021.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JEDID4DAVPECE6O4QQCSIS75BLLBUUAM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W7EAYO5XIHD6OIEA3HPK64UDDBSLNAC5 https: • CWE-20: Improper Input Validation CWE-918: Server-Side Request Forgery (SSRF) •
CVE-2021-27568 – json-smart: uncaught exception may lead to crash or information disclosure
https://notcve.org/view.php?id=CVE-2021-27568
An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. An exception is thrown from a function, but it is not caught, as demonstrated by NumberFormatException. When it is not caught, it may cause programs using the library to crash or expose sensitive information. Se detectó un problema en netplex json-smart-v1 hasta el 23-10-2015 y json-smart-v2 hasta 2.4. Una excepción es lanzada desde una función, pero no es detectada, como es demostrado por la función NumberFormatException. • https://github.com/netplex/json-smart-v1/issues/7 https://github.com/netplex/json-smart-v2/issues/60 https://lists.apache.org/thread.html/rb6287f5aa628c8d9af52b5401ec6cc51b6fc28ab20d318943453e396%40%3Ccommits.druid.apache.org%3E https://lists.apache.org/thread.html/re237267da268c690df5e1c6ea6a38a7fc11617725e8049490f58a6fa%40%3Ccommits.druid.apache.org%3E https://lists.apache.org/thread.html/rf70210b4d63191c0bfb2a0d5745e104484e71703bf5ad9cb01c980c6%40%3Ccommits.druid.apache.org%3E https://www.oracle.com//security-alerts/cpujul2021.html https:/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVE-2020-28491 – Denial of Service (DoS)
https://notcve.org/view.php?id=CVE-2020-28491
This affects the package com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 0 and before 2.11.4, from 2.12.0-rc1 and before 2.12.1. Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception. Esto afecta al paquete com.fasterxml.jackson.dataformat:jackson-dataformat-cbor versiones desde 0 y anteriores a 2.11.4, versiones desde 2.12.0-rc1 y anteriores a 2.12.1. Una asignación no comprobada de búfer de bytes puede causar una excepción de java.lang.OutOfMemoryError • https://github.com/FasterXML/jackson-dataformats-binary/commit/de072d314af8f5f269c8abec6930652af67bc8e6 https://github.com/FasterXML/jackson-dataformats-binary/issues/186 https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONDATAFORMAT-1047329 https://www.oracle.com/security-alerts/cpujul2022.html https://access.redhat.com/security/cve/CVE-2020-28491 https://bugzilla.redhat.com/show_bug.cgi?id=1930423 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2021-2109 – Oracle WebLogic Server 14.1.1.0 - RCE (Authenticated)
https://notcve.org/view.php?id=CVE-2021-2109
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). • https://www.exploit-db.com/exploits/49461 https://github.com/Al1ex/CVE-2021-2109 https://github.com/rabbitsafe/CVE-2021-2109 https://github.com/Vulnmachines/oracle-weblogic-CVE-2021-2109 https://github.com/dinosn/CVE-2021-2109 https://github.com/coco0x0a/CVE-2021-2109 http://packetstormsecurity.com/files/161053/Oracle-WebLogic-Server-14.1.1.0-Remote-Code-Execution.html https://www.oracle.com/security-alerts/cpujan2021.html •
CVE-2021-2075
https://notcve.org/view.php?id=CVE-2021-2075
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Samples). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). • https://www.oracle.com/security-alerts/cpujan2021.html •