CVSS: 6.5EPSS: 0%CPEs: 17EXPL: 0CVE-2021-3979 – ceph: Ceph volume does not honour osd_dmcrypt_key_size
https://notcve.org/view.php?id=CVE-2021-3979
A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed in an encryption algorithm to create a non random key, which is weaker and can be exploited for loss of confidentiality and integrity on encrypted disks. Se ha encontrado un fallo de longitud de clave en Red Hat Ceph Storage. Un atacante puede explotar el hecho de que la longitud de la clave se pasa incorrectamente en un algoritmo de cifrado para crear una clave no aleatoria, que es más débil y puede ser explotada para la pérdida de confidencialidad e integridad en los discos cifrados. • https://access.redhat.com/security/cve/CVE-2021-3979 https://bugzilla.redhat.com/show_bug.cgi?id=2024788 https://github.com/ceph/ceph/commit/47c33179f9a15ae95cc1579a421be89378602656 https://github.com/ceph/ceph/pull/44765 https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPOK44BESMIFW6BIOGCN452AKKOIIT6Q https://tracker.ceph.com/issues/54006 • CWE-287: Improper Authentication CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-4112 – ansible-tower: Privilege escalation via job isolation escape
https://notcve.org/view.php?id=CVE-2021-4112
A flaw was found in ansible-tower where the default installation is vulnerable to job isolation escape. This flaw allows an attacker to elevate the privilege from a low privileged user to an AWX user from outside the isolated environment. Se ha encontrado un fallo en ansible-tower en el que la instalación por defecto es vulnerable al escape de aislamiento de trabajos. Este fallo permite a un atacante elevar el privilegio de un usuario con pocos privilegios a un usuario AWX desde fuera del entorno aislado. • https://access.redhat.com/security/cve/CVE-2021-4112 https://bugzilla.redhat.com/show_bug.cgi?id=2028121 • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 7.5EPSS: 15%CPEs: 72EXPL: 0CVE-2021-4104 – Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2
https://notcve.org/view.php?id=CVE-2021-4104
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228. Note this issue only affects Log4j 1.2 when specifically configured to use JMSAppender, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. • http://www.openwall.com/lists/oss-security/2022/01/18/3 https://access.redhat.com/security/cve/CVE-2021-4104 https://github.com/apache/logging-log4j2/pull/608#issuecomment-990494126 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0033 https://security.gentoo.org/glsa/202209-02 https://security.gentoo.org/glsa/202310-16 https://security.gentoo.org/glsa/202312-02 https://security.gentoo.org/glsa/202312-04 https://security.netapp.com/advisory/ntap-20211223-0007 https&# • CWE-20: Improper Input Validation CWE-502: Deserialization of Untrusted Data •
CVSS: 9.1EPSS: 0%CPEs: 17EXPL: 0CVE-2021-4048 – lapack: Out-of-bounds read in *larrv
https://notcve.org/view.php?id=CVE-2021-4048
An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before version 0.3.18. Specially crafted inputs passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory. Se ha encontrado un fallo de lectura fuera de límites en las funciones CLARRV, DLARRV, SLARRV y ZLARRV de lapack versiones hasta 3.10.0, usadas también en OpenBLAS versiones anteriores a 0.3.18. Las entradas especialmente diseñadas que se pasan a estas funciones podrían causar que una aplicación que use lapack se bloquee o posiblemente revele partes de su memoria An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack and OpenBLAS. A specially crafted input passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory. • https://github.com/JuliaLang/julia/issues/42415 https://github.com/Reference-LAPACK/lapack/commit/38f3eeee3108b18158409ca2a100e6fe03754781 https://github.com/Reference-LAPACK/lapack/pull/625 https://github.com/xianyi/OpenBLAS/commit/2be5ee3cca97a597f2ee2118808a2d5eacea050c https://github.com/xianyi/OpenBLAS/commit/337b65133df174796794871b3988cd03426e6d41 https://github.com/xianyi/OpenBLAS/commit/ddb0ff5353637bb5f5ad060c9620e334c143e3d7 https://github.com/xianyi/OpenBLAS/commit/fe497efa0510466fd93578aaf9da1ad8ed4edbe7 https://lists.fedoraproject.org/archives/li • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 43EXPL: 0CVE-2016-2124 – samba: SMB1 client connections can be downgraded to plaintext authentication
https://notcve.org/view.php?id=CVE-2016-2124
A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required. Se ha encontrado un fallo en la forma en que Samba implementa la autenticación SMB1. Un atacante podría usar este fallo para recuperar la contraseña en texto plano enviada a través del cable, incluso si es requerida la autenticación Kerberos • https://bugzilla.redhat.com/show_bug.cgi?id=2019660 https://lists.debian.org/debian-lts-announce/2023/09/msg00013.html https://security.gentoo.org/glsa/202309-06 https://www.samba.org/samba/security/CVE-2016-2124.html https://access.redhat.com/security/cve/CVE-2016-2124 • CWE-287: Improper Authentication •