Page 21 of 1430 results (0.021 seconds)

CVSS: 9.8EPSS: 0%CPEs: 31EXPL: 0

CVE-2019-11068 – libxslt: xsltCheckRead and xsltCheckWrite routines security bypass by crafted URL

https://notcve.org/view.php?id=CVE-2019-11068

libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded. libxslt hasta la versión 1.1.33 permite omitir los mecanismos de protección debido a que los callers xsltCheckRead y xsltCheckWrite permiten acceso incluso después de recibir el código de error -1. xsltCheckRead puede devolver -1 para una URL creada que no es realmente inválida y que se carga posteriormente. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00048.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00052.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00053.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00001.html http://www.openwall.com/lists/oss-security/2019/04/22/1 http://www.openwall.com/lists/oss-security/2019/04/23/5 https • CWE-284: Improper Access Control •

CVSS: 9.0EPSS: 0%CPEs: 13EXPL: 0

CVE-2019-10906 – python-jinja2: str.format_map allows sandbox escape

https://notcve.org/view.php?id=CVE-2019-10906

In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape. En Pallets Jinja, en versiones anteriores a la 2.10.1, str.format_map permite un escape de sandbox. A flaw was found in Jinja. Python string formatting could allow an attacker to escape the sandbox. The highest threat from this vulnerability is to data confidentiality and integrity and system availability. • http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00030.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00064.html https://access.redhat.com/errata/RHSA-2019:1152 https://access.redhat.com/errata/RHSA-2019:1237 https://access.redhat.com/errata/RHSA-2019:1329 https://lists.apache.org/thread.html/09fc842ff444cd43d9d4c510756fec625ef8eb1175f14fd21de2605f%40%3Cdevnull.infra.apache.org%3E https://lists.apache.org/thread.html/2b52b9c8b9d6366a4f1b407a8bde6af28d9fc73fdb3b37695fd0d9ac%40%3Cdevnull.infra.apac • CWE-138: Improper Neutralization of Special Elements •

CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 0

CVE-2019-0217 – httpd: mod_auth_digest: access control bypass due to race condition

https://notcve.org/view.php?id=CVE-2019-0217

In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. En Apache HTTP Server 2.4 versión 2.4.38 y anteriores, una condición de carrera en mod_auth_digest cuando se ejecuta en un servidor multihilo podría permitir a un usuario con credenciales válidas autenticarse usando otro nombre de usuario, evitando las restricciones de control de acceso configuradas. A race condition was found in mod_auth_digest when the web server was running in a threaded MPM configuration. It could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html http://www.openwall.com/lists/oss-security/2019/04/02/5 http://www.securityfocus.com/bid/107668 https://access.redhat.com/errata/RHSA-2019:2343 https://access.redhat.com/errata/RHSA-2019:3436 https://access.redhat.com/errata/RHSA-2019:3932 https://access.red • CWE-284: Improper Access Control CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 9.1EPSS: 0%CPEs: 29EXPL: 1

CVE-2019-9948 – python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms

https://notcve.org/view.php?id=CVE-2019-9948

urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call. urllib en Python, en versiones 2.x hasta la 2.7.16, soporta el esquema local_file:, lo que facilita que los atacantes remotos omitan los mecanismos de protección que ponen en lista negra los URI file:, tal y como queda demostrado con una llamada urllib.urlopen('local_file:///etc/passwd'). • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00092.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00050.html http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html http://www.securityfocus.com/bid/107549 https://access.redhat.com/errata/RHSA-2019:1700 https://access.redhat.com/errata/RHSA-2019:2030 https://access.redhat.com/errata/RHSA-2019:3335 https://access.redhat.com/errata/RHSA-2019:3520 https://bugs.python.o • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-749: Exposed Dangerous Method or Function •

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2019-9924 – bash: BASH_CMD is writable in restricted bash shells

https://notcve.org/view.php?id=CVE-2019-9924

rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell. rbash en Bash • http://git.savannah.gnu.org/cgit/bash.git/tree/CHANGES?h=bash-4.4-testing#n65 http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00049.html https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1803441 https://lists.debian.org/debian-lts-announce/2019/03/msg00028.html https://security.netapp.com/advisory/ntap-20190411-0001 https://usn.ubuntu.com/4058-1 https://usn.ubuntu.com/4058-2 https://access.redhat.com/security/cve/CVE-2019-9924 https://bugzilla.r • CWE-138: Improper Neutralization of Special Elements CWE-862: Missing Authorization •