CVE-2020-14297 – wildfly: Some EJB transaction objects may get accumulated causing Denial of Service
https://notcve.org/view.php?id=CVE-2020-14297
A flaw was discovered in Wildfly's EJB Client as shipped with Red Hat JBoss EAP 7, where some specific EJB transaction objects may get accumulated over the time and can cause services to slow down and eventaully unavailable. An attacker can take advantage and cause denial of service attack and make services unavailable. Se detectó un fallo en Wildfly's EJB Client que se incluyó con Red Hat JBoss EAP 7, donde algunos objetos de transacción EJB específicos pueden ser acumulados con el tiempo y pueden causar que los servicios se ralenticen y eventualmente no estén disponibles. Un atacante puede tomar ventaja y causar un ataque de denegación de servicio y hacer que los servicios no estén disponibles A flaw was found in Wildfly's EJB Client, where the accumulation of specific EJB transaction objects over time can cause services to slow down and eventually become unavailable. This flaw allows an attacker to cause a denial of service. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14297 https://access.redhat.com/security/cve/CVE-2020-14297 https://bugzilla.redhat.com/show_bug.cgi?id=1853595 • CWE-400: Uncontrolled Resource Consumption •
CVE-2020-14307 – wildfly: EJB SessionOpenInvocations may not be removed properly after a response is received causing Denial of Service
https://notcve.org/view.php?id=CVE-2020-14307
A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable. Se encontró una vulnerabilidad en Wildfly's Enterprise Java Beans (EJB) versiones incluidas con Red Hat JBoss EAP 7, donde SessionOpenInvocations nunca es eliminada del InvocationTracker remoto después que una respuesta es recibida en el EJB Client, así como en el servidor. Este fallo permite a un atacante diseñar un ataque de denegación de servicio para hacer que el servicio no esté disponible A vulnerability was found in Wildfly's Enterprise Java Beans (EJB), where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-14307 https://access.redhat.com/security/cve/CVE-2020-14307 https://bugzilla.redhat.com/show_bug.cgi?id=1851327 • CWE-404: Improper Resource Shutdown or Release •
CVE-2019-14900 – hibernate: SQL injection issue in Hibernate ORM
https://notcve.org/view.php?id=CVE-2019-14900
A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. Se encontró un fallo en Hibernate ORM en versiones anteriores a 5.3.18, 5.4.18 y 5.5.0.Beta1. Una inyección SQL en la implementación de la API JPA Criteria puede permitir literales no saneados cuando es usado un literal en las partes de la consulta SELECT o GROUP BY. • https://bugzilla.redhat.com/show_bug.cgi?id=1666499 https://lists.apache.org/thread.html/r833c1276e41334fa675848a08daf0c61f39009f9f9a400d9f7006d44%40%3Cdev.turbine.apache.org%3E https://security.netapp.com/advisory/ntap-20220210-0020 https://access.redhat.com/security/cve/CVE-2019-14900 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2020-1757 – undertow: servletPath is normalized incorrectly leading to dangerous application mapping which could result in security bypass
https://notcve.org/view.php?id=CVE-2020-1757
A flaw was found in all undertow-2.x.x SP1 versions prior to undertow-2.0.30.SP1, all undertow-1.x.x and undertow-2.x.x versions prior to undertow-2.1.0.Final, where the Servlet container causes servletPath to normalize incorrectly by truncating the path after semicolon which may lead to an application mapping resulting in the security bypass. Se encontró un fallo en todas las versiones undertow-2.x.x SP1 anteriores a undertow-2.0.30.SP1, en todas las versiones undertow-1.x.x y versiones undertow-2.x.x anteriores a undertow-2.1.0.Final, donde el contenedor de servlets causa que servletPath se normalice incorrectamente al truncar la ruta después del punto y coma, lo que puede conllevar a un mapeo de la aplicación resultando en la omisión de la seguridad. A flaw was found in Undertow, where the servlet container causes the servletPath to normalize incorrectly by truncating the path after the semicolon. The flaw may lead to application mapping, resulting in a security bypass. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1757 https://access.redhat.com/security/cve/CVE-2020-1757 https://bugzilla.redhat.com/show_bug.cgi?id=1752770 • CWE-20: Improper Input Validation CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2019-14888 – undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS
https://notcve.org/view.php?id=CVE-2019-14888
A vulnerability was found in the Undertow HTTP server in versions before 2.0.28.SP1 when listening on HTTPS. An attacker can target the HTTPS port to carry out a Denial Of Service (DOS) to make the service unavailable on SSL. Se detectó una vulnerabilidad en el servidor HTTP Undertow en versiones anteriores a 2.0.28.SP1, al escuchar sobre HTTPS. Un atacante puede apuntar al puerto HTTPS para llevar a cabo una Denegación de Servicio (DOS) para hacer que el servicio no esté disponible en SSL. A vulnerability was found in the Undertow HTTP server listening on HTTPS. • https://access.redhat.com/errata/RHSA-2020:0729 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14888 https://security.netapp.com/advisory/ntap-20220211-0001 https://access.redhat.com/security/cve/CVE-2019-14888 https://bugzilla.redhat.com/show_bug.cgi?id=1772464 • CWE-400: Uncontrolled Resource Consumption •