CVSS: 8.6EPSS: 0%CPEs: 4EXPL: 0CVE-2019-10185 – icedtea-web: directory traversal in the nested jar auto-extraction leading to arbitrary file overwrite
https://notcve.org/view.php?id=CVE-2019-10185
It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary locations. This could also be used to replace the main running application and, possibly, break out of the sandbox. Se descubrió que icedtea-web hasta 1.7.2 y 1.8.2 inclusive, era vulnerable para un ataque zip slip durante la extracción automática de un archivo JAR. Un atacante podría usar este defecto para escribir archivos a localizaciones arbitrarias. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00045.html http://packetstormsecurity.com/files/154748/IcedTeaWeb-Validation-Bypass-Directory-Traversal-Code-Execution.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10185 https://github.com/AdoptOpenJDK/IcedTea-Web/issues/327 https://github.com/AdoptOpenJDK/IcedTea-Web/pull/344 https://lists.debian.org/debian-lts-announce/2019/09/msg00008.html https://seclists.org/bugtraq/2019/Oct/5 https://security.gentoo.org/glsa/2021 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-10152 – podman: Improper symlink resolution allows access to host files when executing `podman cp` on running containers
https://notcve.org/view.php?id=CVE-2019-10152
A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. An attacker who has compromised an existing container can cause arbitrary files on the host filesystem to be read/written when an administrator tries to copy a file from/to the container. Se detectó una vulnerabilidad de salto de ruta (path) en podman anterior a versión 1.4.0, en la manera en que se manejan los enlaces simbólicos dentro de los contenedores. Un atacante que ha comprometido un contenedor existente puede causar que se lean/escriban archivos arbitrarios en el sistema de archivos del host cuando un administrador intenta copiar un archivo desde y hacia el contenedor. A path traversal vulnerability has been discovered in podman in the way it handles symlinks inside containers. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00001.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10152 https://github.com/containers/libpod/blob/master/RELEASE_NOTES.md#140 https://github.com/containers/libpod/issues/3211 https://github.com/containers/libpod/pull/3214 https://access.redhat.com/security/cve/CVE-2019-10152 https://bugzilla.redhat.com/show_bug.cgi?id=1715667 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2019-14275
https://notcve.org/view.php?id=CVE-2019-14275
Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c. Xfig fig2dev versión 3.2.7a presenta un Desbordamiento de Búfer en la Región Stack de la Memoria en la función calc_arrow function en archivo bound.c. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00043.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00019.html https://lists.debian.org/debian-lts-announce/2020/01/msg00018.html https://sourceforge.net/p/mcj/tickets/52 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2019-14274
https://notcve.org/view.php?id=CVE-2019-14274
MCPP 2.7.2 has a heap-based buffer overflow in the do_msg() function in support.c. MCPP versión 2.7.2, presenta un desbordamiento de búfer en la región heap de la memoria en la función do_msg() en el archivo support.c. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00038.html https://security.gentoo.org/glsa/202208-04 https://sourceforge.net/p/mcpp/bugs/13 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 1CVE-2019-13050 – GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack which leads to persistent DoS
https://notcve.org/view.php?id=CVE-2019-13050
Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack. La interacción entre el código sks-keyserver hasta versión 1.2.0 de la red SKS keyserver, y GnuPG hasta la versión 2.2.16, hace arriesgado tener una línea de configuración keyserver de GnuPG que se refiera a un host en la red SKS keyserver. La recuperación de datos de esta red puede causar una denegación de servicio persistente, debido a un Ataque de Spamming de Certificado. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00039.html https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E https://lists.fedoraproject.org/archives/list/pack • CWE-295: Improper Certificate Validation CWE-297: Improper Validation of Certificate with Host Mismatch •