CVE-2020-14352 – librepo: missing path validation in repomd.xml may lead to directory traversal
https://notcve.org/view.php?id=CVE-2020-14352
A flaw was found in librepo in versions before 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository metadata. An attacker controlling a remote repository may be able to copy files outside of the destination directory on the targeted system via path traversal. This flaw could potentially result in system compromise via the overwriting of critical system files. The highest threat from this flaw is to users that make use of untrusted third-party repositories. • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00072.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00055.html https://bugzilla.redhat.com/show_bug.cgi?id=1866498 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33RX4P5R5YL4NZSFSE4NOX37X6YCXAS4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OOMDEQBRJ7SO2QWL7H23G3VV2VSCUYOY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2020-24972
https://notcve.org/view.php?id=CVE-2020-24972
The Kleopatra component before 3.1.12 (and before 20.07.80) for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line option can be used to load an arbitrary DLL. El componente Kleopatra versiones anteriores a 3.1.12 (y versiones anteriores a 20.07.80) para GnuPG, permite a atacantes remotos ejecutar código arbitrario porque las URL openpgp4fpr: son compatibles sin un manejo seguro de las opciones de la línea de comandos. La opción de línea de comando Qt platformpluginpath puede ser usada para cargar una DLL arbitraria • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00053.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00064.html https://dev.gnupg.org/rKLEOPATRAb4bd63c1739900d94c04da03045e9445a5a5f54b https://dev.gnupg.org/source/kleo/browse/master/CMakeLists.txt https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IRIPL72WMXTVWS2M7WYV5SNPETYJ2YI7 https://security.gentoo.org/glsa/202008-21 • CWE-116: Improper Encoding or Escaping of Output •
CVE-2020-6562 – chromium-browser: Insufficient policy enforcement in Blink
https://notcve.org/view.php?id=CVE-2020-6562
Insufficient policy enforcement in Blink in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Una aplicación insuficiente de la política en Blink en Google Chrome versiones anteriores a 85.0.4183.83, permitía a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00072.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html https://chromereleases.googleblog.com/2020/08/stable-channel-update-for-desktop_25.html https://crbug.com/1086845 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EE7XWIZBME7JAY7N6CGPET4CLNHHEIVT https://security.gentoo.org/glsa/202101-30 https:/ • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-6571 – chromium-browser: Incorrect security UI in Omnibox
https://notcve.org/view.php?id=CVE-2020-6571
Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. Una comprobación insuficiente de datos en Omnibox en Google Chrome versiones anteriores a 85.0.4183.83, permitía a un atacante remoto llevar a cabo una suplantación de dominio por medio de homógrafos de IDN mediante un nombre de dominio diseñado • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00072.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html https://chromereleases.googleblog.com/2020/08/stable-channel-update-for-desktop_25.html https://crbug.com/1085315 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EE7XWIZBME7JAY7N6CGPET4CLNHHEIVT https://security.gentoo.org/glsa/202101-30 https:/ • CWE-20: Improper Input Validation •
CVE-2020-6569 – chromium-browser: Integer overflow in WebUSB
https://notcve.org/view.php?id=CVE-2020-6569
Integer overflow in WebUSB in Google Chrome prior to 85.0.4183.83 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento de enteros en WebUSB en Google Chrome versiones anteriores a 85.0.4183.83, permitía a un atacante remoto que había comprometido el proceso del renderizador potencialmente explotar una corrupción de la pila por medio de una página HTML diseñada • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00072.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00078.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00081.html https://chromereleases.googleblog.com/2020/08/stable-channel-update-for-desktop_25.html https://crbug.com/995732 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EE7XWIZBME7JAY7N6CGPET4CLNHHEIVT https://security.gentoo.org/glsa/202101-30 https:/ • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •