Page 2 of 22 results (0.017 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

Firely/Incendi Spark before 1.5.5-r4 lacks Content-Disposition headers in certain situations, which may cause crafted files to be delivered to clients such that they are rendered directly in a victim's web browser. Firely/Incendi Spark versiones anteriores a 1.5.5-r4, carece de encabezados Content-Disposition en determinadas situaciones, lo que puede causar a unos archivos diseñados ser enviados a clientes de manera que son procesados directamente en el navegador web de la víctima • https://github.com/FirelyTeam/spark/commit/9c79320059f92d8aa4fbd6cc4fa8f9d5d6ba9941 https://github.com/FirelyTeam/spark/compare/v1.5.4-r4...v1.5.5-r4 https://github.com/FirelyTeam/spark/releases/tag/v1.5.5-r4 • CWE-706: Use of Incorrectly-Resolved Name or Reference •

CVSS: 5.8EPSS: 1%CPEs: 27EXPL: 0

In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. The attacker will not see any data but may inject data into the body of the subsequent request. En Eclipse Jetty versión 9.4.0.RC0 hasta 9.4.34.v20201102, 10.0.0.alpha0 hasta 10.0.0.beta2 y 11.0.0.alpha0 hasta 11.0.0.beta2, si la inflación del cuerpo de la petición GZIP está habilitada y solicita de diferentes clientes se multiplexan en una sola conexión, y si un atacante puede enviar una petición con un cuerpo que es recibido por completo pero no consumido por la aplicación, entonces una petición posterior en la misma conexión verá ese cuerpo antepuesto a su cuerpo. El atacante no verá ningún dato, pero puede inyectar datos en el cuerpo de la petición posterior • https://bugs.eclipse.org/bugs/show_bug.cgi?id=568892 https://github.com/eclipse/jetty.project/security/advisories/GHSA-86wm-rrjm-8wh8 https://lists.apache.org/thread.html/r00858fe27ee35ac8fa0e1549d67e0efb789d63b791b5300390bd8480%40%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r01806ad8c9cb0590584baf5b1a60237ad92e4ad5bba082ca04d98179%40%3Creviews.spark.apache.org%3E https://lists.apache.org/thread.html/r05b7ffde2b8c180709e14bc9ca036407bea3ed9f09b32c4705d23a4a%40%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r078c120 • CWE-226: Sensitive Information in Resource Not Removed Before Reuse •

CVSS: 9.8EPSS: 3%CPEs: 2EXPL: 1

In Apache Spark 2.4.5 and earlier, a standalone resource manager's master may be configured to require authentication (spark.authenticate) via a shared secret. When enabled, however, a specially-crafted RPC to the master can succeed in starting an application's resources on the Spark cluster, even without the shared key. This can be leveraged to execute shell commands on the host machine. This does not affect Spark clusters using other resource managers (YARN, Mesos, etc). En Apache Spark versión 2.4.5 y versiones anteriores, el maestro de un administrador de recursos independiente puede ser configurado para requerir autenticación (spark.authenticate) por medio de un secreto compartido. • https://github.com/XiaoShaYu617/CVE-2020-9480 https://lists.apache.org/thread.html/r03ad9fe7c07d6039fba9f2152d345274473cb0af3d8a4794a6645f4b%40%3Cuser.spark.apache.org%3E https://lists.apache.org/thread.html/ra0e62a18ad080c4ce6df5e0202a27eaada75222761efc3f7238b5a3b%40%3Ccommits.doris.apache.org%3E https://lists.apache.org/thread.html/rb3956440747e41940d552d377d50b144b60085e7ff727adb0e575d8d%40%3Ccommits.submarine.apache.org%3E https://lists.apache.org/thread.html/ree9e87aae81852330290a478692e36ea6db47a52a694545c7d66e3e2%40%3Cdev.spark.apache.org%3E https://spark.apache.org&#x • CWE-306: Missing Authentication for Critical Function •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1

An issue was discovered in Ignite Realtime Spark 2.8.3 (and the ROAR plugin for it) on Windows. A chat message can include an IMG element with a SRC attribute referencing an external host's IP address. Upon access to this external host, the (NT)LM hashes of the user are sent with the HTTP request. This allows an attacker to collect these hashes, crack them, and potentially compromise the computer. (ROAR can be configured for automatic access. • https://github.com/theart42/cves/blob/master/cve-2020-12772/CVE-2020-12772.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

The Spark application through 2.0.2 for Android allows XSS via an event attribute and arbitrary file loading via a src attribute, if the application has the READ_EXTERNAL_STORAGE permission. La aplicación Spark versiones hasta 2.0.2 para Android, permite un ataque de tipo XSS por medio de un atributo de evento y una carga de archivos arbitraria mediante un atributo src, si la aplicación presenta el permiso READ_EXTERNAL_STORAGE. • https://gubello.me https://sparkmailapp.com https://www.gubello.me/blog/javascript-injection-in-six-android-mail-clients • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •