Page 15 of 211 results (0.013 seconds)

CVSS: 9.0EPSS: 0%CPEs: 5EXPL: 0

CVE-2019-3873 – picketlink: URL injection via xinclude parameter

https://notcve.org/view.php?id=CVE-2019-3873

It was found that Picketlink as shipped with Jboss Enterprise Application Platform 7.2 would accept an xinclude parameter in SAMLresponse XML. An attacker could use this flaw to send a URL to achieve cross-site scripting or possibly conduct further attacks. Se encontró que Picketlink, tal como se distribuye con Jboss Enterprise Application Platform versión 7.2, aceptaría un parámetro xinclude en XML SAMLresponse. Un atacante podría usar esta fallo para enviar una URL para lograr cross-site scripting o posiblemente conducir más ataques. • http://www.securityfocus.com/bid/108739 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3873 https://access.redhat.com/security/cve/CVE-2019-3873 https://bugzilla.redhat.com/show_bug.cgi?id=1689014 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0

CVE-2019-3872 – picketlink: reflected XSS in SAMLRequest via RelayState parameter

https://notcve.org/view.php?id=CVE-2019-3872

It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain unauthorized information or conduct further attacks. Se encontró que un SAMLRequest que contenía un script podía ser procesado por versiones de Picketlink enviadas en Jboss Application Platform 7.2.xy 7.1.x. Un atacante podría usar esto para enviar un script malicioso para lograr scripts entre sitios y obtener información no autorizada o lleva cabo de más ataques. • http://www.securityfocus.com/bid/108732 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3872 https://access.redhat.com/security/cve/CVE-2019-3872 https://bugzilla.redhat.com/show_bug.cgi?id=1688966 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2019-3894 – wildfly: wrong SecurityIdentity for EE concurrency threads that are reused

https://notcve.org/view.php?id=CVE-2019-3894

It was discovered that the ElytronManagedThread in Wildfly's Elytron subsystem in versions from 11 to 16 stores a SecurityIdentity to run the thread as. These threads do not necessarily terminate if the keep alive time has not expired. This could allow a shared thread to use the wrong security identity when executing. Se descubrió que ElytronManagedThread del subsistemas Wildfly's Elytron en versiones desde 11 hasta la 16 almacena un SecurityIdentity para ejecutar el hilo. Estos hilos no necesariamente terminan si el tiempo de mantener activos no ha expirado. • https://access.redhat.com/errata/RHSA-2019:1106 https://access.redhat.com/errata/RHSA-2019:1107 https://access.redhat.com/errata/RHSA-2019:1108 https://access.redhat.com/errata/RHSA-2019:1140 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3894 https://security.netapp.com/advisory/ntap-20190517-0004 https://access.redhat.com/security/cve/CVE-2019-3894 https://bugzilla.redhat.com/show_bug.cgi?id=1682108 • CWE-358: Improperly Implemented Security Check for Standard •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2019-3805 – wildfly: Race condition on PID file allows for termination of arbitrary processes by local users

https://notcve.org/view.php?id=CVE-2019-3805

A flaw was discovered in wildfly versions up to 16.0.0.Final that would allow local users who are able to execute init.d script to terminate arbitrary processes on the system. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root. Fue encontrado un fallo en las versiones de wildfly hasta la 16.0.0. Final que permitiría a los usuarios locales capaces de ejecutar el script init.d conllevar a procesos arbitrarios en el sistema. Un atacante podría explotar esto modificando el archivo PID en /var/run/jboss-eap/ permitiendo que el script init.d termine cualquier proceso como root. • https://access.redhat.com/errata/RHSA-2019:1106 https://access.redhat.com/errata/RHSA-2019:1107 https://access.redhat.com/errata/RHSA-2019:1108 https://access.redhat.com/errata/RHSA-2019:1140 https://access.redhat.com/errata/RHSA-2019:2413 https://access.redhat.com/errata/RHSA-2020:0727 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3805 https://security.netapp.com/advisory/ntap-20190517-0004 https://access.redhat.com/security/cve/CVE-2019-3805 https://bugzilla • CWE-269: Improper Privilege Management CWE-364: Signal Handler Race Condition •

CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0

CVE-2018-12022 – jackson-databind: improper polymorphic deserialization of types from Jodd-db library

https://notcve.org/view.php?id=CVE-2018-12022

An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Jodd-db jar (for database access for the Jodd framework) in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload. Se ha descubierto un problema en FasterXML jackson-databind, en versiones anteriores a la 2.7.9.4, 2.8.11.2 y 2.9.6. Cuando "Default Typing" está habilitado (globalmente o para una propiedad en concreto), el servicio cuenta con el jar Jodd-db (para acceso a la base de datos del framework Jodd) en la ruta de clase; un atacante puede proporcionar un servicio LDAP para acceder y es posible hacer que el servicio ejecute una carga útil maliciosa. A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using Jodd DB connection classes when using DefaultTyping. • http://www.securityfocus.com/bid/107585 https://access.redhat.com/errata/RHBA-2019:0959 https://access.redhat.com/errata/RHSA-2019:0782 https://access.redhat.com/errata/RHSA-2019:0877 https://access.redhat.com/errata/RHSA-2019:1106 https://access.redhat.com/errata/RHSA-2019:1107 https://access.redhat.com/errata/RHSA-2019:1108 https://access.redhat.com/errata/RHSA-2019:1140 https://access.redhat.com/errata/RHSA-2019:1782 https://access.redhat.com/errata/RHSA-2019:1797& • CWE-502: Deserialization of Untrusted Data •