CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-21275 – CSRF in MediaWiki Report extension
https://notcve.org/view.php?id=CVE-2021-21275
25 Jan 2021 — The MediaWiki "Report" extension has a Cross-Site Request Forgery (CSRF) vulnerability. Before fixed version, there was no protection against CSRF checks on Special:Report, so requests to report a revision could be forged. The problem has been fixed in commit f828dc6 by making use of MediaWiki edit tokens. La extensión "Report" de MediaWiki presenta una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF). Antes de la versión corregida, no había protección contra las comprobaciones de CSRF en Special:Re... • https://github.com/Kenny2github/Report/commit/f828dc6f73cdfaea5639edbf8ac7b326eeefb117 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.3EPSS: 30%CPEs: 4EXPL: 6CVE-2020-8554 – Kubernetes man in the middle using LoadBalancer or ExternalIPs
https://notcve.org/view.php?id=CVE-2020-8554
20 Jan 2021 — Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect. El servidor de la API de Kubernetes en todas las versiones permite a un atacante que puede crear un s... • https://github.com/jrmurray000/CVE-2020-8554 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-283: Unverified Ownership •
CVSS: 8.1EPSS: 5%CPEs: 39EXPL: 3CVE-2020-28052 – bouncycastle: password bypass in OpenBSDBCrypt.checkPassword utility possible
https://notcve.org/view.php?id=CVE-2020-28052
18 Dec 2020 — An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password, allowing incorrect passwords to indicate they were matching with previously hashed ones that were different. Se detectó un problema en Legion of the Bouncy Castle BC Java versiones 1.65 y 1.66. El método de la utilidad OpenBSDBCrypt.checkPassword comparó datos incorrectos al comprobar la contraseña, permitiendo a unas contraseña... • https://github.com/madstap/bouncy-castle-generative-test-poc • CWE-287: Improper Authentication •
CVSS: 3.3EPSS: 0%CPEs: 23EXPL: 1CVE-2020-8908 – Temp directory permission issue in Guava
https://notcve.org/view.php?id=CVE-2020-8908
10 Dec 2020 — A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choo... • https://github.com/google/guava/commit/fec0dbc4634006a6162cfd4d0d09c962073ddf40 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-378: Creation of Temporary File With Insecure Permissions CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.8EPSS: 2%CPEs: 53EXPL: 0CVE-2019-20330 – jackson-databind: lacks certain net.sf.ehcache blocking
https://notcve.org/view.php?id=CVE-2019-20330
03 Jan 2020 — FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking. FasterXML jackson-databind versiones 2.x anteriores a la versión 2.9.10.2, carece de cierto bloqueo de net.sf.ehcache. Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire ... • https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.10.1...jackson-databind-2.9.10.2 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2019-0205 – thrift: Endless loop when feed with specific input data
https://notcve.org/view.php?id=CVE-2019-0205
28 Oct 2019 — In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings. En Apache Thrift, todas las versiones hasta 0.12.0 incluyéndola, un servidor o cliente pueden correr en un bucle sin fin cuando es alimentado con datos de entrada específicos. Debido a que el problema ya se había soluciona... • http://mail-archives.apache.org/mod_mbox/thrift-dev/201910.mbox/%3CVI1PR0101MB2142E0EA19F582429C3AEBCBB1920%40VI1PR0101MB2142.eurprd01.prod.exchangelabs.com%3E • CWE-400: Uncontrolled Resource Consumption CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2019-0210 – thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol
https://notcve.org/view.php?id=CVE-2019-0210
28 Oct 2019 — In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data. En Apache Thrift versiones 0.9.3 hasta 0.12.0, un servidor implementado en Go usando TJSONProtocol o TSimpleJSONProtocol puede entrar en pánico cuando es alimentado con datos de entrada no válidos. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterpris... • http://mail-archives.apache.org/mod_mbox/thrift-dev/201910.mbox/%3C277A46CA87494176B1BBCF5D72624A2A%40HAGGIS%3E • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 1%CPEs: 51EXPL: 0CVE-2019-17531 – jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*
https://notcve.org/view.php?id=CVE-2019-17531
12 Oct 2019 — A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload. Se detectó un problema de escritura polimórfica en FasterXML jackson-databind versiones 2.0.0 hasta 2.9... • https://access.redhat.com/errata/RHSA-2019:4192 • CWE-20: Improper Input Validation CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 1%CPEs: 62EXPL: 0CVE-2019-16943 – jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource
https://notcve.org/view.php?id=CVE-2019-16943
01 Oct 2019 — A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling. Se descubrió un problema de escritura poli... • https://access.redhat.com/errata/RHSA-2020:0159 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 0%CPEs: 65EXPL: 0CVE-2019-16942 – jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*
https://notcve.org/view.php?id=CVE-2019-16942
01 Oct 2019 — A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp... • https://access.redhat.com/errata/RHSA-2019:3901 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-502: Deserialization of Untrusted Data •