CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 1CVE-2020-24659 – gnutls: Heap buffer overflow in handshake with no_renegotiation alert sent
https://notcve.org/view.php?id=CVE-2020-24659
An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake failure. Se detectó un problema en GnuTLS versiones anteriores a 3.6.15. Un servidor puede desencadenar una desreferencia del puntero NULL en un cliente TLS versión 1.3, si una alerta no_renegotiation es enviada con una sincronización no prevista y luego se produce un segundo protocolo de enlace no válido. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00054.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00060.html https://gitlab.com/gnutls/gnutls/-/issues/1071 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62BUAI4FQQLG6VTKRT7SUZPGJJ4NASQ3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AWN56FDLQQXT2D2YHNI4TYH432TDMQ7N https://security.gentoo.org/glsa/202009-01 https://security.netapp.com/adviso • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0CVE-2020-24654
https://notcve.org/view.php?id=CVE-2020-24654
In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory. En KDE Ark versiones anteriores a 20.08.1, un archivo TAR diseñado con enlaces simbólicos puede instalar archivos fuera del directorio de extracción, como es demostrado mediante una operación de escritura en el directorio de inicio del usuario • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00001.html https://bugzilla.suse.com/show_bug.cgi?id=1175857 https://github.com/KDE/ark/commit/8bf8c5ef07b0ac5e914d752681e470dea403a5bd https://kde.org/info/security/advisory-20200827-1.txt https://lists.debian.org/debian-lts-announce/2022/05/msg00026.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LXMMXNJDYOCJRZTESIUGHG6CS4RJKECX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2020-24584
https://notcve.org/view.php?id=CVE-2020-24584
An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). The intermediate-level directories of the filesystem cache had the system's standard umask rather than 0o077. Se detectó un problema en Django versiones 2.2 anteriores a 2.2.16, versiones 3.0 anteriores a 3.0.10 y versiones 3.1 anteriores a 3.1.1 (cuando es usado Python 3.7+). Los directorios de nivel intermedio de la caché del sistema de archivos tenían la umask estándar del sistema en lugar de 0o077 • https://docs.djangoproject.com/en/dev/releases/security https://groups.google.com/forum/#%21topic/django-announce/Gdqn58RqIDM https://groups.google.com/forum/#%21topic/django-announce/zFCMdgUnutU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2ZHO3GZCJMP3DDTXCNVFV6ED3W64NAU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OLGFFLMF3X6USMJD7V5F5P4K2WVUTO3T https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/m • CWE-276: Incorrect Default Permissions •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2020-24583
https://notcve.org/view.php?id=CVE-2020-24583
An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level collected static directories when using the collectstatic management command. Se detectó un problema en Django versiones 2.2 anteriores a 2.2.16, versiones 3.0 anteriores a 3.0.10 y versiones 3.1 anteriores a 3.1.1 (cuando es usado Python 3.7+). El modo FILE_UPLOAD_DIRECTORY_PERMISSIONS no fue aplicado a los directorios de nivel intermedio creados en el proceso de carga de archivos. • https://docs.djangoproject.com/en/dev/releases/security https://groups.google.com/forum/#%21topic/django-announce/Gdqn58RqIDM https://groups.google.com/forum/#%21topic/django-announce/zFCMdgUnutU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2ZHO3GZCJMP3DDTXCNVFV6ED3W64NAU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OLGFFLMF3X6USMJD7V5F5P4K2WVUTO3T https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/m • CWE-276: Incorrect Default Permissions •
CVSS: 5.0EPSS: 0%CPEs: 15EXPL: 2CVE-2020-14364 – QEMU: usb: out-of-bounds r/w access issue while processing usb packets
https://notcve.org/view.php?id=CVE-2020-14364
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host. Se encontró un fallo de acceso de lectura/escritura fuera de límites en el emulador USB de QEMU en versiones anteriores a la 5.2.0. Este problema ocurre mientras se procesan paquetes USB de un invitado cuando USBDevice "setup_len" excede su "data_buf [4096]" en las rutinas do_token_in, do_token_out. • https://github.com/gejian-iscas/CVE-2020-14364 https://github.com/y-f00l/CVE-2020-14364 http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00024.html https://bugzilla.redhat.com/show_bug.cgi?id=1869201 https://lists.debian.org/debian-lts-announce/2020/09/msg00013.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JTZQUQ6ZBPMFMNAUQBVJFELYNMUZLL6P https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M52WIRMZL6T • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •