CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23321 – Apache RocketMQ: Unauthorized Exposure of Sensitive Data
https://notcve.org/view.php?id=CVE-2024-23321
22 Jul 2024 — For RocketMQ versions 5.2.0 and below, under certain conditions, there is a risk of exposure of sensitive Information to an unauthorized actor even if RocketMQ is enabled with authentication and authorization functions. An attacker, possessing regular user privileges or listed in the IP whitelist, could potentially acquire the administrator's account and password through specific interfaces. Such an action would grant them full control over RocketMQ, provided they have access to the broker IP address list. ... • http://www.openwall.com/lists/oss-security/2024/07/22/1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.1EPSS: 93%CPEs: 2EXPL: 1CVE-2024-41107 – Apache CloudStack: SAML Signature Exclusion
https://notcve.org/view.php?id=CVE-2024-41107
19 Jul 2024 — The CloudStack SAML authentication (disabled by default) does not enforce signature check. In CloudStack environments where SAML authentication is enabled, an attacker that initiates CloudStack SAML single sign-on authentication can bypass SAML authentication by submitting a spoofed SAML response with no signature and known or guessed username and other user details of a SAML-enabled CloudStack user-account. In such environments, this can result in a complete compromise of the resources owned and/or accessi... • https://github.com/d0rb/CVE-2024-41107 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.8EPSS: 3%CPEs: 2EXPL: 0CVE-2024-41172 – Apache CXF: Unrestricted memory consumption in CXF HTTP clients
https://notcve.org/view.php?id=CVE-2024-41172
19 Jul 2024 — In versions of Apache CXF before 3.6.4 and 4.0.5 (3.5.x and lower versions are not impacted), a CXF HTTP client conduit may prevent HTTPClient instances from being garbage collected and it is possible that memory consumption will continue to increase, eventually causing the application to run out of memory En las versiones de Apache CXF anteriores a 3.6.4 y 4.0.5 (las versiones 3.5.x y inferiores no se ven afectadas), un conducto de cliente HTTP de CXF puede impedir que las instancias de HTTPClient se recop... • https://lists.apache.org/thread/n2hvbrgwpdtcqdccod8by28ynnolybl6 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-32007 – Apache CXF Denial of Service vulnerability in JOSE
https://notcve.org/view.php?id=CVE-2024-32007
19 Jul 2024 — An improper input validation of the p2c parameter in the Apache CXF JOSE code before 4.0.5, 3.6.4 and 3.5.9 allows an attacker to perform a denial of service attack by specifying a large value for this parameter in a token. Una validación de entrada incorrecta del parámetro p2c en el código Apache CXF JOSE anterior a 4.0.5, 3.6.4 y 3.5.9 permite a un atacante realizar un ataque de denegación de servicio especificando un valor grande para este parámetro en un token. An improper input validation vulnerability... • https://lists.apache.org/thread/stwrgsr1llb73nkl16klv9vjqgmmx633 • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-29736 – Apache CXF: SSRF vulnerability via WADL stylesheet parameter
https://notcve.org/view.php?id=CVE-2024-29736
19 Jul 2024 — A SSRF vulnerability in WADL service description in versions of Apache CXF before 4.0.5, 3.6.4 and 3.5.9 allows an attacker to perform SSRF style attacks on REST webservices. The attack only applies if a custom stylesheet parameter is configured. Una vulnerabilidad SSRF en la descripción del servicio WADL en versiones de Apache CXF anteriores a 4.0.5, 3.6.4 y 3.5.9 permite a un atacante realizar ataques de estilo SSRF en servicios web REST. El ataque sólo se aplica si se configura un parámetro de hoja de es... • https://lists.apache.org/thread/4jtpsswn2r6xommol54p5mg263ysgdw2 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 9.0EPSS: 1%CPEs: 1EXPL: 0CVE-2024-29178 – Apache StreamPark: FreeMarker SSTI RCE Vulnerability
https://notcve.org/view.php?id=CVE-2024-29178
18 Jul 2024 — On versions before 2.1.4, a user could log in and perform a template injection attack resulting in Remote Code Execution on the server, The attacker must successfully log into the system to launch an attack, so this is a moderate-impact vulnerability. Mitigation: all users should upgrade to 2.1.4 En versiones anteriores a la 2.1.4, un usuario podía iniciar sesión y realizar un ataque de inyección de plantilla que generaba una ejecución remota de código en el servidor. El atacante debía iniciar sesión correc... • http://www.openwall.com/lists/oss-security/2024/07/18/1 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.3EPSS: 30%CPEs: 1EXPL: 4CVE-2024-40725 – Apache HTTP Server: source code disclosure with handlers configured via AddType
https://notcve.org/view.php?id=CVE-2024-40725
18 Jul 2024 — A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted. Users are recommended to upgrade to version 2.4.62, which fixes this issue. Una solución parcial para CVE-2024-39884 en el núcleo de Apache HTTP Se... • https://packetstorm.news/files/id/183252 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 4CVE-2024-40898 – Apache HTTP Server: SSRF with mod_rewrite in server/vhost context on Windows
https://notcve.org/view.php?id=CVE-2024-40898
18 Jul 2024 — SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue. SSRF en el servidor Apache HTTP en Windows con mod_rewrite en el contexto de servidor/vhost, permite potencialmente filtrar hashes NTML a un servidor malicioso a través de SSRF y solicitudes maliciosas. Se recomienda a los usuarios actualizar a la versión 2.4.62,... • https://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29120 – Apache StreamPark: Information leakage vulnerability
https://notcve.org/view.php?id=CVE-2024-29120
17 Jul 2024 — In Streampark (version < 2.1.4), when a user logged in successfully, the Backend service would return "Authorization" as the front-end authentication credential. User can use this credential to request other users' information, including the administrator's username, password, salt value, etc. Mitigation: all users should upgrade to 2.1.4 En Streampark (versión <2.1.4), cuando un usuario iniciaba sesión correctamente, el servicio backend devolvía "Autorización" como credencial de autenticación de front-e... • http://www.openwall.com/lists/oss-security/2024/07/17/4 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer CWE-922: Insecure Storage of Sensitive Information •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31411 – Apache StreamPipes: Potential remote code execution (RCE) via file upload
https://notcve.org/view.php?id=CVE-2024-31411
17 Jul 2024 — Unrestricted Upload of File with dangerous type vulnerability in Apache StreamPipes. Such a dangerous type might be an executable file that may lead to a remote code execution (RCE). The unrestricted upload is only possible for authenticated and authorized users. This issue affects Apache StreamPipes: through 0.93.0. Users are recommended to upgrade to version 0.95.0, which fixes the issue. Unrestricted Upload of File with dangerous type vulnerability in Apache StreamPipes. Such a dangerous type might be an... • https://lists.apache.org/thread/b0657okbwzg5xxs11hphvc9qrd9s70mt • CWE-434: Unrestricted Upload of File with Dangerous Type •