CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-23536 – Alertmanager can expose local files content via specially crafted config
https://notcve.org/view.php?id=CVE-2022-23536
Cortex provides multi-tenant, long term storage for Prometheus. A local file inclusion vulnerability exists in Cortex versions 1.13.0, 1.13.1 and 1.14.0, where a malicious actor could remotely read local files as a result of parsing maliciously crafted Alertmanager configurations when submitted to the Alertmanager Set Configuration API. Only users of the Alertmanager service where `-experimental.alertmanager.enable-api` or `enable_api: true` is configured are affected. Affected Cortex users are advised to upgrade to patched versions 1.13.2 or 1.14.1. However as a workaround, Cortex administrators may reject Alertmanager configurations containing the `api_key_file` setting in the `opsgenie_configs` section before sending to the Set Alertmanager Configuration API. • https://cortexmetrics.io/docs/api/#set-alertmanager-configuration https://github.com/cortexproject/cortex/releases/tag/v1.13.2 https://github.com/cortexproject/cortex/releases/tag/v1.14.1 https://github.com/cortexproject/cortex/security/advisories/GHSA-cq2g-pw6q-hf7j • CWE-73: External Control of File Name or Path CWE-184: Incomplete List of Disallowed Inputs CWE-641: Improper Restriction of Names for Files and Other Resources •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-23471 – containerd CRI stream server: Host memory exhaustion through terminal resize goroutine leak
https://notcve.org/view.php?id=CVE-2022-23471
containerd is an open source container runtime. A bug was found in containerd's CRI implementation where a user can exhaust memory on the host. In the CRI stream server, a goroutine is launched to handle terminal resize events if a TTY is requested. If the user's process fails to launch due to, for example, a faulty command, the goroutine will be stuck waiting to send without a receiver, resulting in a memory leak. Kubernetes and crictl can both be configured to use containerd's CRI implementation and the stream server is used for handling container IO. • https://github.com/containerd/containerd/commit/a05d175400b1145e5e6a735a6710579d181e7fb0 https://github.com/containerd/containerd/security/advisories/GHSA-2qjp-425j-52j9 https://security.gentoo.org/glsa/202401-31 • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 37%CPEs: 1EXPL: 2CVE-2022-46770 – qubes-mirage-firewall v0.8.3 - Denial Of Service (DoS)
https://notcve.org/view.php?id=CVE-2022-46770
qubes-mirage-firewall (aka Mirage firewall for QubesOS) 0.8.x through 0.8.3 allows guest OS users to cause a denial of service (CPU consumption and loss of forwarding) via a crafted multicast UDP packet (IP address range of 224.0.0.0 through 239.255.255.255). qubes-mirage-firewall (aka firewall Mirage para QubesOS) 0.8.x a 0.8.3 permite a los usuarios de sistemas operativos invitados provocar una Denegación de Servicio (DoS) (consumo de CPU y pérdida de reenvío) a través de un paquete UDP de multidifusión manipulado(rango de direcciones IP de 224.0. 0,0 a 239.255.255.255). Qubes Mirage Firewall versions 0.8.0 through 0.8.3 suffer from a denial of service vulnerability. • https://www.exploit-db.com/exploits/51157 http://packetstormsecurity.com/files/171610/Qubes-Mirage-Firewall-0.8.3-Denial-Of-Service.html https://github.com/mirage/qubes-mirage-firewall/issues/166 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2022-45930
https://notcve.org/view.php?id=CVE-2022-45930
A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/DomainStore.java deleteDomain function is affected for the /auth/v1/domains/ API interface. Se descubrió un problema de inyección SQL en AAA en OpenDaylight (ODL) anterior a 0.16.5. La función aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/DomainStore.java deleteDomain se ve afectada para la interfaz API /auth/v1/domains/. • https://git.opendaylight.org/gerrit/c/aaa/+/103242 https://jira.opendaylight.org/browse/AAA-240 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2022-45932
https://notcve.org/view.php?id=CVE-2022-45932
A SQL injection issue was discovered in AAA in OpenDaylight (ODL) before 0.16.5. The aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/RoleStore.java deleteRole function is affected when the API interface /auth/v1/roles/ is used. Se descubrió un problema de inyección SQL en AAA en OpenDaylight (ODL) anterior a 0.16.5. La función aaa-idm-store-h2/src/main/java/org/opendaylight/aaa/datastore/h2/RoleStore.java deleteRole se ve afectada cuando se utiliza la interfaz API /auth/v1/roles/. • https://git.opendaylight.org/gerrit/c/aaa/+/103241 https://jira.opendaylight.org/browse/AAA-239 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •