CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-1003012
https://notcve.org/view.php?id=CVE-2019-1003012
A data modification vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier in blueocean-core-js/src/js/bundleStartup.js, blueocean-core-js/src/js/fetch.ts, blueocean-core-js/src/js/i18n/i18n.js, blueocean-core-js/src/js/urlconfig.js, blueocean-rest/src/main/java/io/jenkins/blueocean/rest/APICrumbExclusion.java, blueocean-web/src/main/java/io/jenkins/blueocean/BlueOceanUI.java, blueocean-web/src/main/resources/io/jenkins/blueocean/BlueOceanUI/index.jelly that allows attackers to bypass all cross-site request forgery protection in Blue Ocean API. Existe una vulnerabilidad de modificación de datos en Jenkins Blue Ocean Plugins, en versiones 1.10.1 y anteriores, en blueocean-core-js/src/js/bundleStartup.js, blueocean-core-js/src/js/fetch.ts, blueocean-core-js/src/js/i18n/i18n.js, blueocean-core-js/src/js/urlconfig.js, blueocean-rest/src/main/java/io/jenkins/blueocean/rest/APICrumbExclusion.java, blueocean-web/src/main/java/io/jenkins/blueocean/BlueOceanUI.java y blueocean-web/src/main/resources/io/jenkins/blueocean/BlueOceanUI/index.jelly, que permite que los atacantes omitan todas las protecciones contra Cross-Site Request Forgery en la API de Blue Ocean. • https://access.redhat.com/errata/RHBA-2019:0326 https://access.redhat.com/errata/RHBA-2019:0327 https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1201 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-3818
https://notcve.org/view.php?id=CVE-2019-3818
The kube-rbac-proxy container before version 0.4.1 as used in Red Hat OpenShift Container Platform does not honor TLS configurations, allowing for use of insecure ciphers and TLS 1.0. An attacker could target traffic sent over a TLS connection with a weak configuration and potentially break the encryption. El contenedor kube-rbac-proxy, en versiones anteriores a la 0.4.1, tal y como se utiliza en Red Hat OpenShift Container Platform, no cumple con las configuraciones TLS, permitiendo la utilización de cifrados inseguros y TLS 1.0. Un atacante podría provocar que se envíe tráfico a través de una conexión TLS con una configuración débil y romper el cifrado. • http://www.securityfocus.com/bid/106744 https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/security/cve/CVE-2019-3818 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3818 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.5EPSS: 0%CPEs: 23EXPL: 0CVE-2018-20615 – haproxy: Mishandling of priority flag in short HEADERS frame by HTTP/2 decoder allows for crash
https://notcve.org/view.php?id=CVE-2018-20615
An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame. Se ha descubierto un problema de lectura fuera de límites en el decodificador del protocolo HTTP/2 en HAProxy, en versiones 1.8.x y 1.9.x hasta la 1.9.0, lo que puede resultar en un cierre inesperado. El procesamiento del flag PRIORITY en un frame HEADERS requiere 5 bytes adicionales y, aunque se omiten estos bytes, la longitud total del frame no se volvió a comprobar para asegurar que estaban presentes en la trama. A flaw was found in HAProxy, versions before 1.8.17 and 1.9.1. • http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00018.html http://www.securityfocus.com/bid/106645 https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2019:0275 https://usn.ubuntu.com/3858-1 https://www.mail-archive.com/haproxy%40formilux.org/msg32304.html https://access.redhat.com/security/cve/CVE-2018-20615 https://bugzilla.redhat.com/show_bug.cgi?id=1663060 • CWE-125: Out-of-bounds Read •
CVSS: 3.3EPSS: 0%CPEs: 7EXPL: 0CVE-2019-3815 – systemd: memory leak in journald-server.c introduced by fix for CVE-2018-16864
https://notcve.org/view.php?id=CVE-2019-3815
A memory leak was discovered in the backport of fixes for CVE-2018-16864 in Red Hat Enterprise Linux. Function dispatch_message_real() in journald-server.c does not free the memory allocated by set_iovec_field_free() to store the `_CMDLINE=` entry. A local attacker may use this flaw to make systemd-journald crash. This issue only affects versions shipped with Red Hat Enterprise since v219-62.2. Se descubrió una fuga de memoria en el "backport" de soluciones para CVE-2018-16864 en Red Hat Enterprise Linux. • http://www.securityfocus.com/bid/106632 https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2019:0201 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3815 https://lists.debian.org/debian-lts-announce/2019/03/msg00013.html https://access.redhat.com/security/cve/CVE-2019-3815 https://bugzilla.redhat.com/show_bug.cgi?id=1666690 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2019-1003003
https://notcve.org/view.php?id=CVE-2019-1003003
An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java that allows attackers with Overall/RunScripts permission to craft Remember Me cookies that would never expire, allowing e.g. to persist access to temporarily compromised user accounts. Existe una vulnerabilidad de autorización incorrecta en Jenkins, en la versión 2.158 y anteriores y con el firmware LTS 2.150.1 y anteriores, en ore/src/main/java/hudson/security/TokenBasedRememberMeServices2.java que permite a los atacantes con permisos de "Overall/RunScripts" manipular cookies "Remember Me" que no caducan, permitiendo el acceso persistente a cuentas de usuario comprometidas de manera temporal. • http://www.securityfocus.com/bid/106680 https://access.redhat.com/errata/RHBA-2019:0327 https://jenkins.io/security/advisory/2019-01-16/#SECURITY-868 •