CVSS: 8.8EPSS: 40%CPEs: 54EXPL: 0CVE-2020-10672 – jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution
https://notcve.org/view.php?id=CVE-2020-10672
18 Mar 2020 — FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). FasterXML jackson-databind versiones 2.x anteriores a 2.9.10.4, maneja inapropiadamente la interacción entre los gadgets de serialización y escritura, relacionados con org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (también se conoce como aries.transaction.jms). A fl... • https://github.com/FasterXML/jackson-databind/issues/2659 • CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') CWE-502: Deserialization of Untrusted Data •
CVSS: 8.8EPSS: 20%CPEs: 55EXPL: 2CVE-2020-10673 – jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution
https://notcve.org/view.php?id=CVE-2020-10673
18 Mar 2020 — FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus). FasterXML jackson-databind versiones 2.x anteriores a 2.9.10.4, maneja inapropiadamente la interacción entre los gadgets de serialización y escritura, relacionada con com.caucho.config.types.ResourceRef (también se conoce como caucho-quercus). A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.4. FasterXML j... • https://github.com/Al1ex/CVE-2020-10673 • CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 2%CPEs: 59EXPL: 0CVE-2020-9546 – jackson-databind: Serialization gadgets in shaded-hikari-config
https://notcve.org/view.php?id=CVE-2020-9546
02 Mar 2020 — FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config). FasterXML jackson-databind versiones 2.x anteriores a 2.9.10.4 maneja inapropiadamente la interacción entre la serialización de gadgets y el tipeo, relacionada a org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (también se conoce como shaded hikari-config). A flaw was found in jackson-databind... • https://github.com/FasterXML/jackson-databind/issues/2631 • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 94%CPEs: 38EXPL: 40CVE-2020-1938 – Apache Tomcat Improper Privilege Management Vulnerability
https://notcve.org/view.php?id=CVE-2020-1938
24 Feb 2020 — When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising. In Apache Tomcat 9.0.0.M1 to 9.0.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99, Tomcat shipped with an AJP Connector enabled by default that listened on all configured IP addresses. It was expected... • https://packetstorm.news/files/id/180825 • CWE-285: Improper Authorization •
CVSS: 6.5EPSS: 1%CPEs: 429EXPL: 0CVE-2019-10219 – hibernate-validator: safeHTML validator allows XSS
https://notcve.org/view.php?id=CVE-2019-10219
08 Nov 2019 — A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack. Una vulnerabilidad fue encontrada en Hibernate-Validator. La anotación del validador SafeHtml no puede sanear apropiadamente las cargas útiles que consisten en código potencialmente malicioso en los comentarios e instrucciones HTML. • https://access.redhat.com/errata/RHSA-2020:0159 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.1EPSS: 41%CPEs: 12EXPL: 0CVE-2019-10082 – httpd: read-after-free in h2 connection shutdown
https://notcve.org/view.php?id=CVE-2019-10082
27 Aug 2019 — In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown. En Apache HTTP Server versiones 2.4.18 hasta 2.4.39, usando la entrada de red difusa, el manejo de la sesión http/2 podría ser hecha para leer la memoria después de ser liberada, durante el apagado de la conexión. A read-after-free vulnerability was discovered in Apache httpd, in mod_http2. A specially crafted http/2 client session could cau... • https://httpd.apache.org/security/vulnerabilities_24.html • CWE-416: Use After Free •
CVSS: 6.1EPSS: 84%CPEs: 26EXPL: 4CVE-2019-10092 – Apache Httpd mod_proxy - Error Page Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2019-10092
27 Aug 2019 — In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed. En Apache HTTP Server versiones 2.4.0 hasta 2.4.39, se reportó un problema de cross-site scripting limitado que afecta la ... • https://www.exploit-db.com/exploits/47688 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 35%CPEs: 20EXPL: 0CVE-2019-10097 – httpd: null-pointer dereference in mod_remoteip
https://notcve.org/view.php?id=CVE-2019-10097
27 Aug 2019 — In Apache HTTP Server 2.4.32-2.4.39, when mod_remoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted proxy and not by untrusted HTTP clients. En Apache HTTP Server versiones 2.4.32 hasta 2.4.39, cuando mod_remoteip se configuró para usar un servidor proxy intermediario de confianza que utiliza el protocolo "PROXY", u... • https://access.redhat.com/errata/RHSA-2019:4126 • CWE-416: Use After Free CWE-476: NULL Pointer Dereference CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 4%CPEs: 43EXPL: 0CVE-2019-9517 – Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service
https://notcve.org/view.php?id=CVE-2019-9517
13 Aug 2019 — Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both. Algunas implementaciones HT... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00004.html • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.3EPSS: 1%CPEs: 55EXPL: 0CVE-2019-10246
https://notcve.org/view.php?id=CVE-2019-10246
22 Apr 2019 — In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server running on Windows is vulnerable to exposure of the fully qualified Base Resource directory name on Windows to a remote client when it is configured for showing a Listing of directory contents. This information reveal is restricted to only the content in the configured base resource directories. En Eclipse Jetty versión 9.2.27, versión 9.3.26 y versión 9.4.16 , el servidor que es ejecutado en Windows es vulnerable a la exposición del nombre del... • https://bugs.eclipse.org/bugs/show_bug.cgi?id=546576 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-213: Exposure of Sensitive Information Due to Incompatible Policies •