CVSS: 6.4EPSS: 0%CPEs: 6EXPL: 0CVE-2019-10214 – containers/image: not enforcing TLS when sending username+password credentials to token servers leading to credential disclosure
https://notcve.org/view.php?id=CVE-2019-10214
24 Sep 2019 — The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launch a MiTM attack and steal login credentials or bearer tokens. La biblioteca de containers/image utilizada por las herramientas de contenedores Podman, Buildah y Skopeo en Red Hat Enterprise Linux versión 8 y CRI-O e... • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00035.html • CWE-522: Insufficiently Protected Credentials •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2019-10213 – openshift: Secret data written to pod logs when operator set at Debug level or higher
https://notcve.org/view.php?id=CVE-2019-10213
17 Sep 2019 — OpenShift Container Platform, versions 4.1 and 4.2, does not sanitize secret data written to pod logs when the log level in a given operator is set to Debug or higher. A low privileged user could read pod logs to discover secret material if the log level has already been modified in an operator by a privileged user. OpenShift Container Platform, versiones 4.1 y 4.2, no sanea los datos secretos escritos en los registros de pod cuando el nivel de registro en un operador dado se establece en Debug o superior. ... • https://access.redhat.com/errata/RHSA-2019:4082 • CWE-117: Improper Output Neutralization for Logs CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.3EPSS: 0%CPEs: 29EXPL: 1CVE-2019-15718 – systemd: systemd-resolved allows unprivileged users to configure DNS
https://notcve.org/view.php?id=CVE-2019-15718
03 Sep 2019 — In systemd 240, bus_open_system_watch_bind_with_description in shared/bus-util.c (as used by systemd-resolved to connect to the system D-Bus instance), calls sd_bus_set_trusted, which disables access controls for incoming D-Bus messages. An unprivileged user can exploit this by executing D-Bus methods that should be restricted to privileged users, in order to change the system's DNS resolver settings. En systemd versión 240, la función bus_open_system_watch_bind_with_description en el archivo shared/bus-uti... • http://www.openwall.com/lists/oss-security/2019/09/03/1 • CWE-285: Improper Authorization •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 1CVE-2019-14817 – ghostscript: Safer mode bypass by .forceput exposure in .pdfexectoken and other procedures (701450)
https://notcve.org/view.php?id=CVE-2019-14817
02 Sep 2019 — A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands. Se detecto un error en ghostscript en versiones anteriores a la 9.50, en el .pdfexectoken y en otros procedimientos en los que no aseguraba adecuadamente sus llamada... • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=cd1b1cacadac2479e291efe611979bdc1b3bdb19 • CWE-648: Incorrect Use of Privileged APIs CWE-863: Incorrect Authorization •
CVSS: 9.8EPSS: 14%CPEs: 19EXPL: 0CVE-2019-14813 – ghostscript: Safer mode bypass by .forceput exposure in setsystemparams (701443)
https://notcve.org/view.php?id=CVE-2019-14813
02 Sep 2019 — A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands. Se detectó un fallo en ghostscript, versiones 9.x versiones anteriores a la 9.50, en el procedimiento setsystemparams donde no aseguraba apropiadamente sus llamadas privile... • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=885444fcbe10dc42787ecb76686c8ee4dd33bf33 • CWE-648: Incorrect Use of Privileged APIs CWE-863: Incorrect Authorization •
CVSS: 6.5EPSS: 1%CPEs: 10EXPL: 0CVE-2019-11250 – Kubernetes client-go logs authorization headers at debug verbosity levels
https://notcve.org/view.php?id=CVE-2019-11250
29 Aug 2019 — The Kubernetes client-go library logs request headers at verbosity levels of 7 or higher. This can disclose credentials to unauthorized users via logs or command output. Kubernetes components (such as kube-apiserver) prior to v1.16.0, which make use of basic or bearer token authentication, and run at high verbosity levels, are affected. La biblioteca de servicio de cliente de Kubernetes registra los encabezados de solicitud en niveles de detalle de 7 o superior. Esto puede revelar las credenciales a los usu... • http://www.openwall.com/lists/oss-security/2020/10/16/2 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 6.5EPSS: 3%CPEs: 9EXPL: 0CVE-2019-11249 – kubectl cp allows symlink directory traversal
https://notcve.org/view.php?id=CVE-2019-11249
29 Aug 2019 — The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system permissions ... • https://access.redhat.com/errata/RHBA-2019:2794 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-61: UNIX Symbolic Link (Symlink) Following •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 1CVE-2019-14811 – ghostscript: Safer mode bypass by .forceput exposure in .pdf_hook_DSC_Creator (701445)
https://notcve.org/view.php?id=CVE-2019-14811
29 Aug 2019 — A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands. Se detecto un defecto en, ghostscript en versiones anteriores a la 9.50, en el procedimiento .pdf_hook_DSC_Creator donde no aseguró adecuadamente sus llamadas privilegi... • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00088.html • CWE-648: Incorrect Use of Privileged APIs CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-10384 – jenkins: CSRF protection tokens for anonymous users did not expire in some circumstances (SECURITY-1491)
https://notcve.org/view.php?id=CVE-2019-10384
28 Aug 2019 — Jenkins 2.191 and earlier, LTS 2.176.2 and earlier allowed users to obtain CSRF tokens without an associated web session ID, resulting in CSRF tokens that did not expire and could be used to bypass CSRF protection for the anonymous user. Jenkins 2.191 y anteriores, LTS 2.176.2 y anteriores permitieron a los usuarios obtener tokens CSRF sin un ID de sesión web asociado, lo que resultó en tokens CSRF que no caducaron y podrían usarse para omitir la protección CSRF para el usuario anónimo. A flaw was found in ... • http://www.openwall.com/lists/oss-security/2019/08/28/4 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 4.8EPSS: 1%CPEs: 5EXPL: 0CVE-2019-10383 – jenkins: stored cross-site scripting in update center web pages (SECURITY-1453)
https://notcve.org/view.php?id=CVE-2019-10383
28 Aug 2019 — A stored cross-site scripting vulnerability in Jenkins 2.191 and earlier, LTS 2.176.2 and earlier allowed attackers with Overall/Administer permission to configure the update site URL to inject arbitrary HTML and JavaScript in update center web pages. Una vulnerabilidad de secuencias de comandos entre sitios almacenada en Jenkins 2.191 y anteriores, LTS 2.176.2 y anteriores permitía a los atacantes con permiso General / Administrar configurar la URL del sitio de actualización para inyectar HTML y JavaScript... • http://www.openwall.com/lists/oss-security/2019/08/28/4 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •