CVSS: 8.8EPSS: 0%CPEs: 22EXPL: 0CVE-2021-3518 – libxml2: Use-after-free in xmlXIncludeDoProcess() in xinclude.c
https://notcve.org/view.php?id=CVE-2021-3518
There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability. Se presenta un fallo en libxml2 en versiones anteriores a 2.9.11. Un atacante que pueda enviar un archivo diseñado para que sea procesado por una aplicación vinculada con libxml2 podría desencadenar un uso de la memoria previamente liberada. • http://seclists.org/fulldisclosure/2021/Jul/54 http://seclists.org/fulldisclosure/2021/Jul/55 http://seclists.org/fulldisclosure/2021/Jul/58 http://seclists.org/fulldisclosure/2021/Jul/59 https://bugzilla.redhat.com/show_bug.cgi?id=1954242 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/d • CWE-416: Use After Free •
CVSS: 7.5EPSS: 1%CPEs: 25EXPL: 0CVE-2021-3537 – libxml2: NULL pointer dereference when post-validating mixed content parsed in recovery mode
https://notcve.org/view.php?id=CVE-2021-3537
A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability. Una vulnerabilidad encontrada en libxml2 en versiones anteriores a 2.9.11 muestra que no propagó errores al analizar el contenido mixto XML, causando una desreferencia de NULL. Si un documento XML que no es confiable fue analizado en modo de recuperación y pos-comprobado, el fallo podría usarse para bloquear la aplicación. • https://bugzilla.redhat.com/show_bug.cgi?id=1956522 https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV https://security.gentoo.org/glsa/202107-05 https://security.netapp.com/advisory/ntap-20210625-0002 https://www.oracle.com/security-alerts/cpuapr2022.html • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-25680 – httpd: allow connecting via SSL to a backend worker when the backend keystore file's ID is 'unknown'
https://notcve.org/view.php?id=CVE-2020-25680
A flaw was found in JBCS httpd in version 2.4.37 SP3, where it uses a back-end worker SSL certificate with the keystore file's ID is 'unknown'. The validation of the certificate whether CN and hostname are matching stopped working and allow connecting to the back-end work. The highest threat from this vulnerability is to data integrity. Se encontró un fallo en JBCS httpd en versión 2.4.37 SP3, donde usa un certificado SSL del operador del back-end con el ID del archivo del almacén de claves es "unknown". La comprobación del certificado si CN y el nombre de host coinciden dejó de funcionar y permiten conectarse al trabajo del back-end. • https://bugzilla.redhat.com/show_bug.cgi?id=1892703 https://access.redhat.com/security/cve/CVE-2020-25680 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 2%CPEs: 9EXPL: 0CVE-2020-25710 – openldap: assertion failure in CSN normalization with invalid input
https://notcve.org/view.php?id=CVE-2020-25710
A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability. Se encontró un fallo en OpenLDAP en versiones anteriores a 2.4.56. Este fallo permite a un atacante que envía un paquete malicioso procesado por OpenLDAP forzar una afirmación fallida en la función csnNormalize23(). • https://bugzilla.redhat.com/show_bug.cgi?id=1899678 https://git.openldap.org/openldap/openldap/-/commit/ab3915154e69920d480205b4bf5ccb2b391a0a1f#a2feb6ed0257c21c6672793ee2f94eaadc10c72c https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2020/12/msg00008.html https://security.netapp.com/advisory/ntap-20210716- • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 1%CPEs: 23EXPL: 0CVE-2020-25709 – openldap: assertion failure in Certificate List syntax validation
https://notcve.org/view.php?id=CVE-2020-25709
A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability. Se encontró un fallo en OpenLDAP. Este fallo permite a un atacante que puede enviar un paquete malicioso a ser procesado por el servidor slapd de OpenLDAP, para desencadenar un fallo de aserción. • http://seclists.org/fulldisclosure/2021/Feb/14 https://bugzilla.redhat.com/show_bug.cgi?id=1899675 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E https://lists.debian.org/debian-lts-announce/2020/12/msg00008.html https://security.netapp.com/advisory/ntap-20210716-0003 https://support.apple.com/kb/HT212147 https:// • CWE-617: Reachable Assertion •