CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50380 – Apache Ambari: authenticated users could perform XXE to read arbitrary files on the server
https://notcve.org/view.php?id=CVE-2023-50380
27 Feb 2024 — XML External Entity injection in apache ambari versions <= 2.7.7, Users are recommended to upgrade to version 2.7.8, which fixes this issue. More Details: Oozie Workflow Scheduler had a vulnerability that allowed for root-level file reading and privilege escalation from low-privilege users. The vulnerability was caused through lack of proper user input validation. This vulnerability is known as an XML External Entity (XXE) injection attack. Attackers can exploit XXE vulnerabilities to read arbitrary files o... • http://www.openwall.com/lists/oss-security/2024/02/27/6 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21742 – Apache James Mime4J: Mime4J DOM header injection
https://notcve.org/view.php?id=CVE-2024-21742
27 Feb 2024 — Improper input validation allows for header injection in MIME4J library when using MIME4J DOM for composing message. This can be exploited by an attacker to add unintended headers to MIME messages. La validación de entrada incorrecta permite la inyección de encabezado en la librería MIME4J cuando se usa MIME4J DOM para redactar mensajes. Un atacante puede aprovechar esto para agregar encabezados no deseados a los mensajes MIME. Improper input validation allows for header injection in MIME4J library when usi... • http://www.openwall.com/lists/oss-security/2024/02/27/5 • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27905 – Apache Aurora: padding oracle can allow construction an authentication cookie
https://notcve.org/view.php?id=CVE-2024-27905
27 Feb 2024 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Aurora. An endpoint exposing internals to unauthenticated users can be used as a "padding oracle" allowing an anonymous attacker to construct a valid authentication cookie. Potentially this could be combined with vulnerabilities in other components to achieve remote code execution. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict ac... • http://www.openwall.com/lists/oss-security/2024/02/27/3 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-51747 – SMTP smuggling in Apache James
https://notcve.org/view.php?id=CVE-2023-51747
27 Feb 2024 — Apache James prior to versions 3.8.1 and 3.7.5 is vulnerable to SMTP smuggling. A lenient behaviour in line delimiter handling might create a difference of interpretation between the sender and the receiver which can be exploited by an attacker to forge an SMTP envelop, allowing for instance to bypass SPF checks. The patch implies enforcement of CRLF as a line delimiter as part of the DATA transaction. We recommend James users to upgrade to non vulnerable versions. Apache James anterior a las versiones 3.8.... • http://www.openwall.com/lists/oss-security/2024/02/27/4 • CWE-20: Improper Input Validation CWE-290: Authentication Bypass by Spoofing CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-51518 – Apache James server: Privilege escalation via JMX pre-authentication deserialisation
https://notcve.org/view.php?id=CVE-2023-51518
27 Feb 2024 — Apache James prior to version 3.7.5 and 3.8.0 exposes a JMX endpoint on localhost subject to pre-authentication deserialisation of untrusted data. Given a deserialisation gadjet, this could be leveraged as part of an exploit chain that could result in privilege escalation. Note that by default JMX endpoint is only bound locally. We recommend users to: - Upgrade to a non-vulnerable Apache James version - Run Apache James isolated from other processes (docker - dedicated virtual machine) - If possible turn of... • https://github.com/mbadanoiu/CVE-2023-51518 • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50379 – Apache Ambari: authenticated users could perform command injection to perform RCE
https://notcve.org/view.php?id=CVE-2023-50379
27 Feb 2024 — Malicious code injection in Apache Ambari in prior to 2.7.8. Users are recommended to upgrade to version 2.7.8, which fixes this issue. Impact: A Cluster Operator can manipulate the request by adding a malicious code injection and gain a root over the cluster main host. Inyección de código malicioso en Apache Ambari en versiones anteriores a 2.7.8. Se recomienda a los usuarios actualizar a la versión 2.7.8, que soluciona este problema. • http://www.openwall.com/lists/oss-security/2024/02/27/1 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 2.9EPSS: 0%CPEs: 4EXPL: 0CVE-2024-22371 – Apache Camel issue on ExchangeCreatedEvent
https://notcve.org/view.php?id=CVE-2024-22371
26 Feb 2024 — Exposure of sensitive data by by crafting a malicious EventFactory and providing a custom ExchangeCreatedEvent that exposes sensitive data. Vulnerability in Apache Camel.This issue affects Apache Camel: from 3.21.X through 3.21.3, from 3.22.X through 3.22.0, from 4.0.X through 4.0.3, from 4.X through 4.3.0. Users are recommended to upgrade to version 3.21.4, 3.22.1, 4.0.4 or 4.4.0, which fixes the issue. Exposición de datos confidenciales mediante la creación de un EventFactory malicioso y proporcionando un... • https://camel.apache.org/security/CVE-2024-22371.html • CWE-201: Insertion of Sensitive Information Into Sent Data CWE-922: Insecure Storage of Sensitive Information •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23320 – Apache DolphinScheduler: Arbitrary js execution as root for authenticated users
https://notcve.org/view.php?id=CVE-2024-23320
23 Feb 2024 — Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can cause arbitrary, unsandboxed javascript to be executed on the server. This issue is a legacy of CVE-2023-49299. We didn't fix it completely in CVE-2023-49299, and we added one more patch to fix it. This issue affects Apache DolphinScheduler: until 3.2.1. • http://www.openwall.com/lists/oss-security/2024/02/23/3 • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 6%CPEs: 1EXPL: 1CVE-2024-22393 – Apache Answer: Pixel Flood Attack by uploading the large pixel file
https://notcve.org/view.php?id=CVE-2024-22393
22 Feb 2024 — Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. Pixel Flood Attack by uploading large pixel files will cause server out of memory. A logged-in user can cause such an attack by uploading an image when posting content. Users are recommended to upgrade to version [1.2.5], which fixes the issue. Carga sin restricciones de archivos con vulnerabilidad de tipo peligroso en Apache Answer. Este problema afecta a Apache Answer: hasta 1.2.... • https://github.com/omranisecurity/CVE-2024-22393 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23349 – Apache Answer: XSS vulnerability when submitting summary
https://notcve.org/view.php?id=CVE-2024-23349
22 Feb 2024 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Answer.This issue affects Apache Answer: through 1.2.1. XSS attack when user enters summary. A logged-in user, when modifying their own submitted question, can input malicious code in the summary to create such an attack. Users are recommended to upgrade to version [1.2.5], which fixes the issue. Neutralización inadecuada de la entrada durante la vulnerabilidad de generación de páginas web ('cross-si... • http://www.openwall.com/lists/oss-security/2024/02/22/2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •