CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-28363
https://notcve.org/view.php?id=CVE-2021-28363
The urllib3 library 1.26.x before 1.26.4 for Python omits SSL certificate validation in some cases involving HTTPS to HTTPS proxies. The initial connection to the HTTPS proxy (if an SSLContext isn't given via proxy_config) doesn't verify the hostname of the certificate. This means certificates for different servers that still validate properly with the default urllib3 SSLContext will be silently accepted. La biblioteca urllib3 versiones 1.26.x anteriores a 1.26.4 para Python, omite una comprobación del certificado SSL en algunos casos que involucran HTTPS a proxies HTTPS. La conexión inicial al proxy HTTPS (si no se proporciona un SSLContext por medio de proxy_config) no verifica el nombre de host del certificado. • https://github.com/urllib3/urllib3/commit/8d65ea1ecf6e2cdc27d42124e587c1b83a3118b0 https://github.com/urllib3/urllib3/commits/main https://github.com/urllib3/urllib3/security/advisories/GHSA-5phf-pp7p-vc2r https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4S65ZQVZ2ODGB52IC7VJDBUK4M5INCXL https://pypi.org/project/urllib3/1.26.4 https://security.gentoo.org/glsa/202107-36 https://security.gentoo.org/glsa/202305-02 https://security.netapp.com/advisory/ntap-20240621-0007 htt • CWE-295: Improper Certificate Validation •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2021-22883 – nodejs: HTTP2 'unknownProtocol' cause DoS by resource exhaustion
https://notcve.org/view.php?id=CVE-2021-22883
Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the system, then the server is unable to accept new connections and prevent the process also from opening, e.g. a file. If no file descriptor limit is configured, then this lead to an excessive memory usage and cause the system to run out of memory. Node.js versiones anteriores a 10.24.0, 12.21.0, 14.16.0 y 15.10.0, es vulnerable a un ataque de denegación de servicio cuando son establecidos demasiados intentos de conexión con un "unknownProtocol". • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://hackerone.com/reports/1043360 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4FRS5ZVK4ZQ7XIJQNGIKUXG2DJFHLO7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F45Y7TXSU33MTKB6AGL2Q5V5ZOCNPKOG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSYFUGKFUSZ27M5TEZ3FKILWTWFJTFAZ https://nodejs.org/en/blog/vulnerability/february-2021-security-releases& • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 1CVE-2021-22884 – nodejs: DNS rebinding in --inspect
https://notcve.org/view.php?id=CVE-2021-22884
Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over network. If the attacker controls the victim's DNS server or can spoof its responses, the DNS rebinding protection can be bypassed by using the “localhost6” domain. As long as the attacker uses the “localhost6” domain, they can still apply the attack described in CVE-2018-7160. Node.js versiones anteriores a 10.24.0, 12.21.0, 14.16.0 y 15.10.0, es vulnerable a unos ataques de reenlace de DNS, ya que la lista blanca incluye “localhost6”. • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://hackerone.com/reports/1069487 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4FRS5ZVK4ZQ7XIJQNGIKUXG2DJFHLO7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F45Y7TXSU33MTKB6AGL2Q5V5ZOCNPKOG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSYFUGKFUSZ27M5TEZ3FKILWTWFJTFAZ https://nodejs.org/en/blog/vulnerability/february-2021-security-releases& • CWE-20: Improper Input Validation CWE-350: Reliance on Reverse DNS Resolution for a Security-Critical Action •
CVSS: 5.9EPSS: 1%CPEs: 13EXPL: 2CVE-2021-27568 – json-smart: uncaught exception may lead to crash or information disclosure
https://notcve.org/view.php?id=CVE-2021-27568
An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. An exception is thrown from a function, but it is not caught, as demonstrated by NumberFormatException. When it is not caught, it may cause programs using the library to crash or expose sensitive information. Se detectó un problema en netplex json-smart-v1 hasta el 23-10-2015 y json-smart-v2 hasta 2.4. Una excepción es lanzada desde una función, pero no es detectada, como es demostrado por la función NumberFormatException. • https://github.com/netplex/json-smart-v1/issues/7 https://github.com/netplex/json-smart-v2/issues/60 https://lists.apache.org/thread.html/rb6287f5aa628c8d9af52b5401ec6cc51b6fc28ab20d318943453e396%40%3Ccommits.druid.apache.org%3E https://lists.apache.org/thread.html/re237267da268c690df5e1c6ea6a38a7fc11617725e8049490f58a6fa%40%3Ccommits.druid.apache.org%3E https://lists.apache.org/thread.html/rf70210b4d63191c0bfb2a0d5745e104484e71703bf5ad9cb01c980c6%40%3Ccommits.druid.apache.org%3E https://www.oracle.com//security-alerts/cpujul2021.html https:/&# • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 5.9EPSS: 0%CPEs: 38EXPL: 0CVE-2021-23841 – Null pointer deref in X509_issuer_and_serial_hash()
https://notcve.org/view.php?id=CVE-2021-23841
The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. • http://seclists.org/fulldisclosure/2021/May/67 http://seclists.org/fulldisclosure/2021/May/68 http://seclists.org/fulldisclosure/2021/May/70 https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=122a19ab48091c657f7cb1fb3af9fc07bd557bbf https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846 https://security.gentoo.org/gls • CWE-476: NULL Pointer Dereference •