CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-28688
https://notcve.org/view.php?id=CVE-2021-28688
The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup would result in leaking persistent grants. The leak in turn would prevent fully cleaning up after a respective guest has died, leaving around zombie domains. All Linux versions having the fix for XSA-365 applied are vulnerable. • https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html https://xenbits.xenproject.org/xsa/advisory-371.txt • CWE-665: Improper Initialization •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2021-28658 – django: potential directory-traversal via uploaded files
https://notcve.org/view.php?id=CVE-2021-28658
In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability. En Django versiones 2.2 anteriores a 2.2.20, versiones 3.0 anteriores a 3.0.14 y versiones 3.1 anteriores a 3.1.8, MultiPartParser permitía un salto de directorio por medio de archivos cargados con nombres de archivo adecuadamente diseñados. Los controladores de carga integrados no están afectados por esta vulnerabilidad A flaw was found in Django. This flaw allows an attacker to upload specially-named files and exploit a flaw in the `MultiPartParser()` function to traverse directories. • https://docs.djangoproject.com/en/3.1/releases/security https://groups.google.com/g/django-announce/c/ePr5j-ngdPU https://lists.debian.org/debian-lts-announce/2021/04/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZVKYPHR3TKR2ESWXBPOJEKRO2OSJRZUE https://security.netapp.com/advisory/ntap-20210528-0001 https://www.djangoproject.com/weblog/2021/apr/06/security-releases https://access.redhat.com/security/cve/CVE-2021-28658 https://bugzilla. • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-30163
https://notcve.org/view.php?id=CVE-2021-30163
Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to discover the names of private projects if issue-journal details exist that have changes to project_id values. Redmine versiones anteriores a 4.0.8 y versiones 4.1.x anteriores a 4.1.2, permite a atacantes detectar los nombres de proyectos privados si se presentan detalles del diario de problemas que poseen cambios en unos valores de project_id • https://lists.debian.org/debian-lts-announce/2021/05/msg00013.html https://www.redmine.org/projects/redmine/wiki/Security_Advisories •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2020-36306
https://notcve.org/view.php?id=CVE-2020-36306
Redmine before 4.0.7 and 4.1.x before 4.1.1 has XSS via the back_url field. Redmine versiones anteriores a 4.0.7 y versiones 4.1.x anteriores a 4.1.1, presenta un ataque de tipo XSS por medio del campo back_url • https://lists.debian.org/debian-lts-announce/2021/05/msg00013.html https://www.redmine.org/projects/redmine/wiki/Security_Advisories • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2020-36307
https://notcve.org/view.php?id=CVE-2020-36307
Redmine before 4.0.7 and 4.1.x before 4.1.1 has stored XSS via textile inline links. Redmine versiones anteriores a 4.0.7 y versiones 4.1.x anteriores a 4.1.1, presenta un ataque de tipo XSS almacenado por medio de enlaces en línea de textile • https://lists.debian.org/debian-lts-announce/2021/05/msg00013.html https://www.redmine.org/projects/redmine/wiki/Security_Advisories • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •