CVSS: 9.4EPSS: 0%CPEs: 34EXPL: 0CVE-2024-9355 – Golang-fips: golang fips zeroed buffer
https://notcve.org/view.php?id=CVE-2024-9355
01 Oct 2024 — A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted computed hmac sum to an untrusted input sum if an attacker can send a zeroed buffer in place of a pre-computed sum. It is also possible to force a derived key to be all zeros instead of an unpredictable value. This... • https://access.redhat.com/security/cve/CVE-2024-9355 • CWE-457: Use of Uninitialized Variable •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-8775 – Ansible-core: exposure of sensitive information in ansible vault files due to improper logging
https://notcve.org/view.php?id=CVE-2024-8775
14 Sep 2024 — A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as include_vars to load vaulted variables without setting the no_log: true parameter, resulting in sensitive data being printed in the playbook output or logs. This can lead to the unintentional disclosure of secrets like passwords or API keys, compromising security and potentially allowing unauthorized access or actions. An ... • https://access.redhat.com/security/cve/CVE-2024-8775 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.6EPSS: 0%CPEs: 4EXPL: 0CVE-2024-6840 – Automation-controller: gain access to the k8s api server via job execution with container group
https://notcve.org/view.php?id=CVE-2024-6840
12 Sep 2024 — An improper authorization flaw exists in the Ansible Automation Controller. This flaw allows an attacker using the k8S API server to send an HTTP request with a service account token mounted via `automountServiceAccountToken: true`, resulting in privilege escalation to a service account. • https://access.redhat.com/errata/RHSA-2024:6428 • CWE-285: Improper Authorization •
CVSS: 8.7EPSS: 0%CPEs: 7EXPL: 0CVE-2024-7143 – Pulpcore: rbac permissions incorrectly assigned in tasks that create objects
https://notcve.org/view.php?id=CVE-2024-7143
07 Aug 2024 — A flaw was found in the Pulp package. When a role-based access control (RBAC) object in Pulp is set to assign permissions on its creation, it uses the `AutoAddObjPermsMixin` (typically the add_roles_for_object_creator method). This method finds the object creator by checking the current authenticated user. For objects that are created within a task, this current user is set by the first user with any permissions on the task object. This means the oldest user with model/domain-level task permissions will alw... • https://access.redhat.com/security/cve/CVE-2024-7143 • CWE-277: Insecure Inherited Permissions •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-41989 – python-django: Memory exhaustion in django.utils.numberformat.floatformat()
https://notcve.org/view.php?id=CVE-2024-41989
07 Aug 2024 — An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent. A security issue was found in Django. If 'floatformat' received a string representation of a number in scientific notation with a large exponent, it could lead to significant memory consumption. To avoid this, decimals with more than 200 digits are now returned as is.... • https://docs.djangoproject.com/en/dev/releases/security • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2024-41991 – python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget
https://notcve.org/view.php?id=CVE-2024-41991
07 Aug 2024 — An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters. A flaw was found in Django. 'urlize', 'urlizetrunc', and 'AdminURLFieldWidget' may be subject to a denial of service attack via certain inputs with a very large number of Unicode characters. It was discovered that Django incorrectly handl... • https://docs.djangoproject.com/en/dev/releases/security • CWE-130: Improper Handling of Length Parameter Inconsistency CWE-400: Uncontrolled Resource Consumption •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2024-42005 – python-django: Potential SQL injection in QuerySet.values() and values_list()
https://notcve.org/view.php?id=CVE-2024-42005
07 Aug 2024 — An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. QuerySet.values() and values_list() methods on models with a JSONField are subject to SQL injection in column aliases via a crafted JSON object key as a passed *arg. A flaw was found in Django. The QuerySet.values() and QuerySet.values_list() methods on models with a JSONField were subject to SQL injection in column aliases via a crafted JSON object key as a passed *arg. It was discovered that Django incorrectly handled certain string... • https://docs.djangoproject.com/en/dev/releases/security • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-41990 – python-django: Potential denial-of-service vulnerability in django.utils.html.urlize()
https://notcve.org/view.php?id=CVE-2024-41990
07 Aug 2024 — An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize() and urlizetrunc() template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters. A flaw was found in Django. Processing very large inputs with a specific sequence of characters with the urlize and urlizetrunc functions can cause a denial of service. It was discovered that Django incorrectly handled certain strings in floatformat function. • https://docs.djangoproject.com/en/dev/releases/security • CWE-130: Improper Handling of Length Parameter Inconsistency •
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-7246 – HPACK table poisoning in gRPC C++, Python & Ruby
https://notcve.org/view.php?id=CVE-2024-7246
06 Aug 2024 — It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed requests. It's also possible to use this vulnerability to leak other clients HTTP header keys, but not values. This occurs because the error status for a misencoded header is not cleared between header reads, resulting in subsequent (incrementally indexed) added headers in the first request being poisoned until cleared from the HPACK table. Please u... • https://github.com/grpc/grpc/issues/36245 • CWE-440: Expected Behavior Violation •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2024-39329 – python-django: Username enumeration through timing difference for users with unusable passwords
https://notcve.org/view.php?id=CVE-2024-39329
10 Jul 2024 — An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. The django.contrib.auth.backends.ModelBackend.authenticate() method allows remote attackers to enumerate users via a timing attack involving login requests for users with an unusable password. Se descubrió un problema en Django 5.0 anterior a 5.0.7 y 4.2 anterior a 4.2.14. El método django.contrib.auth.backends.ModelBackend.authenticate() permite a atacantes remotos enumerar usuarios mediante un ataque de sincronización que involucra ... • https://docs.djangoproject.com/en/dev/releases/security • CWE-208: Observable Timing Discrepancy •