CVSS: 5.3EPSS: 2%CPEs: 23EXPL: 2CVE-2020-27223 – jetty: request containing multiple Accept headers with a large number of "quality" parameters may lead to DoS
https://notcve.org/view.php?id=CVE-2020-27223
In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values. En Eclipse Jetty versiones 9.4.6.v20170531 hasta 9.4.36.v20210114 (inclusive), versiones 10.0.0 y 11.0.0, cuando Jetty maneja una petición que contiene múltiples encabezados Accept con una gran cantidad de parámetros “quality” (es decir, q), el servidor puede entrar en un estado de denegación de servicio (DoS) debido al alto uso de CPU procesando esos valores de calidad, resultando en minutos de tiempo de CPU agotados procesando esos valores de calidad • https://github.com/motikan2010/CVE-2020-27223 https://github.com/ttestoo/Jetty-CVE-2020-27223 https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128 https://github.com/eclipse/jetty.project/security/advisories/GHSA-m394-8rww-3jr7 https://lists.apache.org/thread.html/r068dfd35ce2193f6af28b74ff29ab148c2b2cacb235995576f5bea78%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r07aedcb1ece62969c406cb84c8f0e22cec7e42cdc272f3176e473320%40%3Cusers.solr.apache.org%3E https://lists.apache.org/thread.html/r0b639bd9bfaea2650221 • CWE-400: Uncontrolled Resource Consumption CWE-407: Inefficient Algorithmic Complexity •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 2CVE-2020-27224
https://notcve.org/view.php?id=CVE-2020-27224
In Eclipse Theia versions up to and including 1.2.0, the Markdown Preview (@theia/preview), can be exploited to execute arbitrary code. Eclipse Theia versiones hasta 1.2.0 incluyendo, la Markdown Preview (@theia/preview), puede ser explotado para ejecutar código arbitrario • https://github.com/eclipse-theia/theia/issues/7954 https://omespino.com/write-up-google-bug-bounty-xss-to-cloud-shell-instance-takeover-rce-as-root-5000-usd • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27222 – californium-core: DTLS - DoS vulnerability for certificate based handshakes
https://notcve.org/view.php?id=CVE-2020-27222
In Eclipse Californium version 2.3.0 to 2.6.0, the certificate based (x509 and RPK) DTLS handshakes accidentally fails, because the DTLS server side sticks to a wrong internal state. That wrong internal state is set by a previous certificate based DTLS handshake failure with TLS parameter mismatch. The DTLS server side must be restarted to recover this. This allow clients to force a DoS. En Eclipse Californium versiones 2.3.0 hasta 2.6.0, los protocolos de enlace DTLS basados ?? • https://bugs.eclipse.org/bugs/show_bug.cgi?id=570844 https://access.redhat.com/security/cve/CVE-2020-27222 https://bugzilla.redhat.com/show_bug.cgi?id=1930230 • CWE-372: Incomplete Internal State Distinction •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27221 – JDK: Stack-based buffer overflow when converting from UTF-8 characters to platform encoding
https://notcve.org/view.php?id=CVE-2020-27221
In Eclipse OpenJ9 up to and including version 0.23, there is potential for a stack-based buffer overflow when the virtual machine or JNI natives are converting from UTF-8 characters to platform encoding. En Eclipse OpenJ9 hasta la versión 0.23 incluyéndola, se presenta un potencial desbordamiento del búfer en la región stack de la memoria cuando la máquina virtual o nativas de JNI están convirtiendo caracteres UTF-8 a la codificación de plataforma • https://bugs.eclipse.org/bugs/show_bug.cgi?id=569763 https://access.redhat.com/security/cve/CVE-2020-27221 https://bugzilla.redhat.com/show_bug.cgi?id=1928555 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-35217
https://notcve.org/view.php?id=CVE-2020-35217
Vert.x-Web framework v4.0 milestone 1-4 does not perform a correct CSRF verification. Instead of comparing the CSRF token in the request with the CSRF token in the cookie, it compares the CSRF token in the cookie against a CSRF token that is stored in the session. An attacker does not even need to provide a CSRF token in the request because the framework does not consider it. The cookies are automatically sent by the browser and the verification will always succeed, leading to a successful CSRF attack. El framework Vert.x-Web versión v4.0 milestone 1-4, no lleva a cabo una comprobación de CSRF correcta. • https://github.com/vert-x3/vertx-web/pull/1613 • CWE-352: Cross-Site Request Forgery (CSRF) •