CVSS: 5.3EPSS: 0%CPEs: 22EXPL: 1CVE-2022-2097 – AES OCB fails to encrypt some bytes
https://notcve.org/view.php?id=CVE-2022-2097
05 Jul 2022 — AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). • https://github.com/PeterThomasAwen/OpenSSLUpgrade1.1.1q-Ubuntu • CWE-325: Missing Cryptographic Step CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 10.0EPSS: 71%CPEs: 50EXPL: 1CVE-2022-2068 – The c_rehash script allows command injection
https://notcve.org/view.php?id=CVE-2022-2068
21 Jun 2022 — In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where... • https://packetstorm.news/files/id/182466 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.3EPSS: 0%CPEs: 25EXPL: 0CVE-2022-0396 – DoS from specifically crafted TCP packets
https://notcve.org/view.php?id=CVE-2022-0396
17 Mar 2022 — BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection. BIND versiones 9.16.11 posteriores a 9.16.26, versiones 9.17.0 posteriores a 9.18.0 y versiones 9.16.11-S1 posteriores a 9.16.26-S1 de BIND Supported Preview Edition. Los flujos TCP específicamente diseñados pued... • https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf • CWE-404: Improper Resource Shutdown or Release CWE-459: Incomplete Cleanup •
CVSS: 6.8EPSS: 0%CPEs: 166EXPL: 0CVE-2021-25220 – DNS forwarders - cache poisoning vulnerability
https://notcve.org/view.php?id=CVE-2021-25220
17 Mar 2022 — BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients. BIND versiones 9.11... • https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 5.9EPSS: 0%CPEs: 35EXPL: 0CVE-2021-4160 – BN_mod_exp may produce incorrect results on MIPS
https://notcve.org/view.php?id=CVE-2021-4160
28 Jan 2022 — There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because ... • https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 1CVE-2022-0235 – Exposure of Sensitive Information to an Unauthorized Actor in node-fetch/node-fetch
https://notcve.org/view.php?id=CVE-2022-0235
16 Jan 2022 — node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor node-fetch es vulnerable a una Exposición de Información Confidencial a un Actor no Autorizado A flaw was found in node-fetch. When following a redirect to a third-party domain, node-fetch was forwarding sensitive headers such as "Authorization," "WWW-Authenticate," and "Cookie" to potentially untrusted targets. This flaw leads to the exposure of sensitive information to an unauthorized actor. Red Hat Advanced Cluster Man... • https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 8.0EPSS: 0%CPEs: 4EXPL: 2CVE-2022-0155 – Exposure of Private Personal Information to an Unauthorized Actor in follow-redirects/follow-redirects
https://notcve.org/view.php?id=CVE-2022-0155
10 Jan 2022 — follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor follow-redirects es vulnerable a una Exposición de Información Personal Privada a un Actor no Autorizado A flaw was found in follow-redirects when fetching a remote URL with a cookie when it gets to the Location response header. This flaw allows an attacker to hijack the account as the cookie is leaked. Red Hat Advanced Cluster Management for Kubernetes 2.3.6 images Red Hat Advanced Cluster Management for Kub... • https://github.com/coana-tech/CVE-2022-0155-PoC • CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •
CVSS: 9.1EPSS: 0%CPEs: 29EXPL: 1CVE-2021-22945 – Gentoo Linux Security Advisory 202212-01
https://notcve.org/view.php?id=CVE-2021-22945
15 Sep 2021 — When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*. Cuando se envían datos a un servidor MQTT, libcurl versiones anteriores a 7.73.0, incluyéndola y 7.78.0, podría en algunas circunstancias, mantener erróneamente un puntero a un área de memoria ya liberada y usarlo de nuevo en una llamada posterior para enviar datos y también... • http://seclists.org/fulldisclosure/2022/Mar/29 • CWE-415: Double Free •
CVSS: 7.8EPSS: 8%CPEs: 5EXPL: 2CVE-2021-3749 – Inefficient Regular Expression Complexity in axios/axios
https://notcve.org/view.php?id=CVE-2021-3749
31 Aug 2021 — axios is vulnerable to Inefficient Regular Expression Complexity axios es vulnerable a una Complejidad de Expresión Regular Ineficiente A Regular Expression Denial of Service (ReDoS) vulnerability was found in the nodejs axios. This flaw allows an attacker to provide crafted input to the trim function, which might cause high resources consumption and as a consequence lead to denial of service. The highest threat from this vulnerability is system availability. Red Hat Advanced Cluster Management for Kubernet... • https://github.com/T-Guerrero/axios-redos • CWE-400: Uncontrolled Resource Consumption CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 8.8EPSS: 0%CPEs: 57EXPL: 1CVE-2021-25217 – A buffer overrun in lease file parsing code can be used to exploit a common vulnerability shared by dhcpd and dhclient
https://notcve.org/view.php?id=CVE-2021-25217
26 May 2021 — In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component b... • http://www.openwall.com/lists/oss-security/2021/05/26/6 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •