CVE-2024-3049 – Booth: specially crafted hash can lead to invalid hmac being accepted by booth server
https://notcve.org/view.php?id=CVE-2024-3049
A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server. Se encontró una falla en Booth, un administrador de tickets de clúster. Si se pasa un hash especialmente manipulado a gcry_md_get_algo_dlen(), es posible que el servidor Booth acepte un HMAC no válido. • https://github.com/truonghuuphuc/CVE-2024-30491-Poc https://access.redhat.com/errata/RHSA-2024:3657 https://access.redhat.com/errata/RHSA-2024:3658 https://access.redhat.com/errata/RHSA-2024:3659 https://access.redhat.com/errata/RHSA-2024:3660 https://access.redhat.com/errata/RHSA-2024:3661 https://access.redhat.com/errata/RHSA-2024:4400 https://access.redhat.com/errata/RHSA-2024:4411 https://access.redhat.com/security/cve/CVE-2024-3049 https://bugzilla.redhat.com/sho • CWE-345: Insufficient Verification of Data Authenticity •
CVE-2024-5037 – Openshift/telemeter: iss check during jwt authentication can be bypassed
https://notcve.org/view.php?id=CVE-2024-5037
A flaw was found in OpenShift's Telemeter. If certain conditions are in place, an attacker can use a forged token to bypass the issue ("iss") check during JSON web token (JWT) authentication. Se encontró una falla en Telemeter de OpenShift. Si se cumplen ciertas condiciones, un atacante puede usar un token falsificado para evitar la verificación del problema ("iss") durante la autenticación del token web JSON (JWT). • https://access.redhat.com/errata/RHSA-2024:4151 https://access.redhat.com/errata/RHSA-2024:4156 https://access.redhat.com/errata/RHSA-2024:4329 https://access.redhat.com/errata/RHSA-2024:4484 https://access.redhat.com/security/cve/CVE-2024-5037 https://bugzilla.redhat.com/show_bug.cgi?id=2272339 https://github.com/kubernetes/kubernetes/pull/123540 https://github.com/openshift/telemeter/blob/a9417a6062c3a31ed78c06ea3a0613a52f2029b2/pkg/authorize/jwt/client_authorizer.go#L78 https://access.r • CWE-290: Authentication Bypass by Spoofing •
CVE-2024-4812 – Katello: potential cross-site scripting exploit in ui
https://notcve.org/view.php?id=CVE-2024-4812
A flaw was found in the Katello plugin for Foreman, where it is possible to store malicious JavaScript code in the "Description" field of a user. This code can be executed when opening certain pages, for example, Host Collections. Se encontró una falla en el complemento Katello para Foreman, donde es posible almacenar código JavaScript malicioso en el campo "Descripción" de un usuario. Este código se puede ejecutar al abrir determinadas páginas, por ejemplo, Colecciones de hosts. • https://access.redhat.com/security/cve/CVE-2024-4812 https://bugzilla.redhat.com/show_bug.cgi?id=2280187 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-3716 – Foreman-installer: candlepin database password being leaked to local users via the process list
https://notcve.org/view.php?id=CVE-2024-3716
A flaw was found in foreman-installer when puppet-candlepin is invoked cpdb with the --password parameter. This issue leaks the password in the process list and allows an attacker to take advantage and obtain the password. Se encontró una falla en Foreman-installer cuando se invoca a Puppet-candlepin cpdb con el parámetro --password. Este problema filtra la contraseña en la lista de procesos y permite que un atacante aproveche y obtenga la contraseña. • https://access.redhat.com/security/cve/CVE-2024-3716 https://bugzilla.redhat.com/show_bug.cgi?id=2274755 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2024-3567 – Qemu-kvm: net: assertion failure in update_sctp_checksum()
https://notcve.org/view.php?id=CVE-2024-3567
A flaw was found in QEMU. An assertion failure was present in the update_sctp_checksum() function in hw/net/net_tx_pkt.c when trying to calculate the checksum of a short-sized fragmented packet. This flaw allows a malicious guest to crash QEMU and cause a denial of service condition. Se encontró una falla en QEMU. Se produjo un error de aserción en la función update_sctp_checksum() en hw/net/net_tx_pkt.c al intentar calcular la suma de comprobación de un paquete fragmentado de tamaño corto. • https://access.redhat.com/security/cve/CVE-2024-3567 https://bugzilla.redhat.com/show_bug.cgi?id=2274339 https://gitlab.com/qemu-project/qemu/-/issues/2273 • CWE-617: Reachable Assertion •