CVE-2020-27783 – python-lxml: mXSS due to the use of improper parser
https://notcve.org/view.php?id=CVE-2020-27783
A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code. Se detectó una vulnerabilidad de tipo XSS en el módulo de limpieza de python-lxml. El analizador del módulo no imitaba apropiadamente los navegadores, lo que causaba comportamientos diferentes entre el sanitizador y la página del usuario. • https://advisory.checkmarx.net/advisory/CX-2020-4286 https://bugzilla.redhat.com/show_bug.cgi?id=1901633 https://lists.debian.org/debian-lts-announce/2020/12/msg00028.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JKG67GPGTV23KADT4D4GK4RMHSO4CIQL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMHVKRUT22LVWNL3TB7HPSDHJT74Q3JK https://security.netapp.com/advisory/ntap-20210521-0003 https://www.debian.org/security/2020/dsa-481 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-26575
https://notcve.org/view.php?id=CVE-2020-26575
In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement. En Wireshark versiones hasta 3.2.7, el Facebook Zero Protocol (también se conoce como FBZERO), podría entrar en un bucle infinito. Esto fue abordado en el archivo epan/dissectors/packet-fbzero.c corrigiendo la implementación del avance de compensación • https://gitlab.com/wireshark/wireshark/-/commit/3ff940652962c099b73ae3233322b8697b0d10ab https://gitlab.com/wireshark/wireshark/-/issues/16887 https://gitlab.com/wireshark/wireshark/-/merge_requests/467 https://gitlab.com/wireshark/wireshark/-/merge_requests/471 https://gitlab.com/wireshark/wireshark/-/merge_requests/472 https://gitlab.com/wireshark/wireshark/-/merge_requests/473 https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html https://lists.fedoraproject.org/archives • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2020-25863
https://notcve.org/view.php?id=CVE-2020-25863
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts. En Wireshark versiones 3.2.0 hasta 3.2.6, versiones 3.0.0 hasta 3.0.13 y versiones 2.6.0 hasta 2.6.20, el disector MIME Multipart podría bloquearse. Esto fue abordado en el archivo epan/disactors/packet-multipart.c corrigiendo la desasignación de partes MIME no válidas • http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00038.html https://gitlab.com/wireshark/wireshark/-/commit/5803c7b87b3414cdb8bf502af50bb406ca774482 https://gitlab.com/wireshark/wireshark/-/issues/16741 https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4DQHPKZFQ7W3X34RYN3FWFYCFJD4FXJW https://lists.fedoraproject.org/archives •
CVE-2020-25866
https://notcve.org/view.php?id=CVE-2020-25866
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs. En Wireshark versiones 3.2.0 hasta 3.2.6 y versiones 3.0.0 hasta 3.0.13, el disector del protocolo BLIP presenta una desreferencia del puntero NULL porque un búfer fue dimensionado para mensajes comprimidos (no sin comprimir). Esto fue abordado en el archivo epan/disactors/packet-blip.c permitiendo relaciones de compresión razonables y rechazando las bombas ZIP • http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00038.html https://gitlab.com/wireshark/wireshark/-/commit/4a948427100b6c109f4ec7b4361f0d2aec5e5c3f https://gitlab.com/wireshark/wireshark/-/issues/16866 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4DQHPKZFQ7W3X34RYN3FWFYCFJD4FXJW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IGRYKW4XLR44YDWTAH547ODYYBYPB2D • CWE-476: NULL Pointer Dereference •
CVE-2020-25862
https://notcve.org/view.php?id=CVE-2020-25862
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum. En Wireshark versiones 3.2.0 hasta 3.2.6, versiones 3.0.0 hasta 3.0.13 y versiones 2.6.0 hasta 2.6.20, el disector TCP podría bloquearse. Esto fue abordado en el archivo epan/disactors/packet-tcp.c mediante el cambio en el manejo del checksum 0xFFFF no válido • http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00038.html https://gitlab.com/wireshark/wireshark/-/commit/7f3fe6164a68b76d9988c4253b24d43f498f1753 https://gitlab.com/wireshark/wireshark/-/issues/16816 https://lists.debian.org/debian-lts-announce/2021/02/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4DQHPKZFQ7W3X34RYN3FWFYCFJD4FXJW https://lists.fedoraproject.org/archives • CWE-354: Improper Validation of Integrity Check Value •