CVSS: 4.3EPSS: 0%CPEs: 11EXPL: 0CVE-2021-22096 – springframework: malicious input leads to insertion of additional log entries
https://notcve.org/view.php?id=CVE-2021-22096
In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries. En Spring Framework versiones 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, y en versiones anteriores no soportadas, es posible para un usuario proporcionar una entrada maliciosa para causar una inserción de entradas de registro adicionales • https://security.netapp.com/advisory/ntap-20211125-0005 https://tanzu.vmware.com/security/cve-2021-22096 https://www.oracle.com/security-alerts/cpuapr2022.html https://access.redhat.com/security/cve/CVE-2021-22096 https://bugzilla.redhat.com/show_bug.cgi?id=2034584 • CWE-117: Improper Output Neutralization for Logs •
CVSS: 7.5EPSS: 1%CPEs: 72EXPL: 0CVE-2021-36090 – Apache Commons Compress 1.0 to 1.20 denial of service vulnerability
https://notcve.org/view.php?id=CVE-2021-36090
When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' zip package. Al leer un archivo ZIP especialmente diseñado, Compress puede asignar grandes cantidades de memoria que finalmente conllevan a un error de falta de memoria incluso para entradas muy pequeñas. Esto podría ser usado para montar un ataque de denegación de servicio contra los servicios que usan el paquete zip de Compress A flaw was found in apache-commons-compress. When reading a specially crafted ZIP archive, Compress can allocate large amounts of memory that leads to an out-of-memory error for small inputs. • http://www.openwall.com/lists/oss-security/2021/07/13/4 http://www.openwall.com/lists/oss-security/2021/07/13/6 https://commons.apache.org/proper/commons-compress/security-reports.html https://lists.apache.org/thread.html/r0e87177f8e78b4ee453cd4d3d8f4ddec6f10d2c27707dd71e12cafc9%40%3Cannounce.apache.org%3E https://lists.apache.org/thread.html/r25f4c44616045085bc3cf901bb7e68e445eee53d1966fc08998fc456%40%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/r3227b1287e5bd8db6523b862c22676b046ad8f4fc96433225f46a2bd%40%3Cissues.drill.apache • CWE-130: Improper Handling of Length Parameter Inconsistency CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 3.6EPSS: 0%CPEs: 19EXPL: 0CVE-2021-34428 – jetty: SessionListener can prevent a session from being invalidated breaking logout
https://notcve.org/view.php?id=CVE-2021-34428
For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can result in a session not being invalidated. This can result in an application used on a shared computer being left logged in. Para Eclipse Jetty versiones anteriores a 9.4.40 incluyéndola, versiones anteriores a 10.0.2 incluyéndola, versiones anteriores a 11.0.2 incluyéndola, si es lanzada una excepción desde el método SessionListener#sessionDestroyed(), el ID de sesión no es invalidado en el administrador de ID de sesión. En despliegues con sesiones agrupadas y múltiples contextos esto puede resultar en que una sesión no sea invalidada. • https://github.com/eclipse/jetty.project/security/advisories/GHSA-m6cp-vxjx-65j6 https://lists.apache.org/thread.html/r67c4f90658fde875521c949448c54c98517beecdc7f618f902c620ec%40%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r8a1a332899a1f92c8118b0895b144b27a78e3f25b9d58a34dd5eb084%40%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rbefa055282d52d6b58d29a79fbb0be65ab0a38d25f00bd29eaf5e6fd%40%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rddbb4f8d5db23265bb63d14ef4b3723b438abc1589f877db11d35450%40%3Cissues.zo • CWE-613: Insufficient Session Expiration •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2021-30468 – Apache CXF Denial of service vulnerability in parsing JSON via JsonMapObjectReaderWriter
https://notcve.org/view.php?id=CVE-2021-30468
A vulnerability in the JsonMapObjectReaderWriter of Apache CXF allows an attacker to submit malformed JSON to a web service, which results in the thread getting stuck in an infinite loop, consuming CPU indefinitely. This issue affects Apache CXF versions prior to 3.4.4; Apache CXF versions prior to 3.3.11. Una vulnerabilidad en la función JsonMapObjectReaderWriter de Apache CXF permite a un atacante enviar un JSON malformado hacia un servicio web, lo que hace que el subproceso se quede atascado en un bucle infinito, consumiendo CPU indefinidamente. Este problema afecta a Apache CXF versiones anteriores a 3.4.4 y Apache CXF versiones anteriores a 3.3.11 • http://cxf.apache.org/security-advisories.data/CVE-2021-30468.txt.asc http://www.openwall.com/lists/oss-security/2021/06/16/2 https://lists.apache.org/thread.html/r3f46ae38e4a6e80c069cdb320e0ce831b0a21a12ef0cc92c0943f34a%40%3Ccommits.tomee.apache.org%3E https://lists.apache.org/thread.html/r4771084730c4cf6e59eda60b4407122c86f174eb750b24f610ba9ff4%40%3Ccommits.tomee.apache.org%3E https://lists.apache.org/thread.html/r4a4b6bc0520b69c18d2a59daa6af84ae49f0c22164dccb8538794459%40%3Cannounce.apache.org%3E https://lists.apache.org/thread.html/r4a4b6bc0520b6 • CWE-400: Uncontrolled Resource Consumption CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.3EPSS: 0%CPEs: 12EXPL: 0CVE-2021-28169 – jetty: requests to the ConcatServlet and WelcomeFilter are able to access protected resources within the WEB-INF directory
https://notcve.org/view.php?id=CVE-2021-28169
For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory. For example a request to `/concat?/%2557EB-INF/web.xml` can retrieve the web.xml file. This can reveal sensitive information regarding the implementation of a web application. Para Eclipse Jetty versiones anteriores a 9.4.40 incluyéndola, versiones anteriores a 10.0.2 incluyéndola, versiones anteriores a 11.0.2 incluyéndola, es posible que las peticiónes al ConcatServlet con una ruta doblemente codificada acceder a recursos protegidos dentro del directorio WEB-INF. • https://github.com/eclipse/jetty.project/security/advisories/GHSA-gwcr-j4wh-j3cq https://lists.apache.org/thread.html/r04a4b4553a23aff26f42635a6ae388c3b162aab30a88d12e59d05168%40%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r234f6452297065636356f43654cdacef565b8f9ceb0e0c07ffb8c73b%40%3Cdev.kafka.apache.org%3E https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe%40%3Cusers.kafka.apache.org%3E https://lists.apache.org/thread.html/r284de9c5399486dfff12ab9e7323ca720dd7019a9a3e11c8510a7140%40%3Cjira.kafka.apache.org%3E • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •