CVSS: 8.1EPSS: 0%CPEs: 6EXPL: 1CVE-2023-43804 – `Cookie` HTTP header isn't stripped on cross-origin redirects
https://notcve.org/view.php?id=CVE-2023-43804
urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the `Cookie` HTTP header special or provide any helpers for managing cookies over HTTP, that is the responsibility of the user. However, it is possible for a user to specify a `Cookie` header and unknowingly leak information via HTTP redirects to a different origin if that user doesn't disable redirects explicitly. This issue has been patched in urllib3 version 1.26.17 or 2.0.5. urllib3 es una librería cliente HTTP fácil de usar para Python. urllib3 no trata el encabezado HTTP "Cookie" de manera especial ni proporciona ayuda para administrar las cookies a través de HTTP, eso es responsabilidad del usuario. Sin embargo, es posible que un usuario especifique un encabezado "Cookie" y, sin saberlo, filtre información a través de redireccionamientos HTTP a un origen diferente si ese usuario no deshabilita los redireccionamientos explícitamente. Este problema se solucionó en urllib3 versión 1.26.17 o 2.0.5. • https://github.com/JawadPy/CVE-2023-43804-Exploit https://github.com/urllib3/urllib3/commit/01220354d389cd05474713f8c982d05c9b17aafb https://github.com/urllib3/urllib3/commit/644124ecd0b6e417c527191f866daa05a5a2056d https://github.com/urllib3/urllib3/security/advisories/GHSA-v845-jxx5-vc9f https://lists.debian.org/debian-lts-announce/2023/10/msg00012.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5F5CUBAN5XMEBVBZPHFITBLMJV5FIJJ5 https://lists.fedoraproject.org/archives/list/package-announc • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-44488 – libvpx: crash related to VP9 encoding in libvpx
https://notcve.org/view.php?id=CVE-2023-44488
VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding. VP9 en libvpx anterior a 1.13.1 maneja mal las anchuras, lo que provoca un bloqueo relacionado con la codificación. A heap-based buffer overflow flaw was found in libvpx, a library used to process VP9 video codecs data. This issue occurs when processing certain specially formatted video data via a crafted HTML page, allowing an attacker to crash or remotely execute arbitrary code in an application, such as a web browser that is compiled with this library. • http://www.openwall.com/lists/oss-security/2023/09/30/4 https://bugzilla.redhat.com/show_bug.cgi?id=2241806 https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937 https://github.com/webmproject/libvpx/compare/v1.13.0...v1.13.1 https://github.com/webmproject/libvpx/releases/tag/v1.13.1 https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html https://lists.fedoraproject.org&#x • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-5187
https://notcve.org/view.php?id=CVE-2023-5187
Use after free in Extensions in Google Chrome prior to 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) El use after free en Extensiones de Google Chrome anteriores a 117.0.5938.132 permitió a un atacante convencer a un usuario de instalar una extensión maliciosa para explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html https://crbug.com/1475798 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I https://security.gentoo.org/glsa/202401-34 https://www& • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-5186
https://notcve.org/view.php?id=CVE-2023-5186
Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: High) El use after free en Contraseñas en Google Chrome anterior a 117.0.5938.132 permitía a un atacante remoto convencer a un usuario de participar en una interacción de interfaz de usuario específica para explotar potencialmente la corrupción del montón a través de una interacción de interfaz de usuario manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html https://crbug.com/1478889 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MFWDFJSSIFKWKNOCTQCFUNZWAXUCSS4 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWEJYS5NC7KVFYU3OAMPKQDYN6JQGVK6 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I https://security.gentoo.org/glsa/202401-34 https://www& • CWE-416: Use After Free •
CVSS: 8.8EPSS: 30%CPEs: 25EXPL: 0CVE-2023-5217 – Google Chromium libvpx Heap Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-5217
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) El desbordamiento del búfer en la codificación vp8 en libvpx en Google Chrome anterior a 117.0.5938.132 y libvpx 1.13.1 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) A heap-based buffer overflow flaw was found in the way libvpx, a library used to process VP8 and VP9 video codecs data, processes certain specially formatted video data via a crafted HTML page. This flaw allows an attacker to crash or remotely execute arbitrary code in an application, such as a web browser that is compiled with this library. Google Chromium libvpx contains a heap buffer overflow vulnerability in vp8 encoding that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. • http://seclists.org/fulldisclosure/2023/Oct/12 http://seclists.org/fulldisclosure/2023/Oct/16 http://www.openwall.com/lists/oss-security/2023/09/28/5 http://www.openwall.com/lists/oss-security/2023/09/28/6 http://www.openwall.com/lists/oss-security/2023/09/29/1 http://www.openwall.com/lists/oss-security/2023/09/29/11 http://www.openwall.com/lists/oss-security/2023/09/29/12 http://www.openwall.com/lists/oss-security/2023/09/29/14 http://ww • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •