CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2019-11202
https://notcve.org/view.php?id=CVE-2019-11202
An issue was discovered that affects the following versions of Rancher: v2.0.0 through v2.0.13, v2.1.0 through v2.1.8, and v2.2.0 through 2.2.1. When Rancher starts for the first time, it creates a default admin user with a well-known password. After initial setup, the Rancher administrator may choose to delete this default admin user. If Rancher is restarted, the default admin user will be recreated with the well-known default password. An attacker could exploit this by logging in with the default admin credentials. • https://forums.rancher.com/c/announcements https://rancher.com/docs/rancher/v2.x/en/security • CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 1%CPEs: 8EXPL: 0CVE-2019-11709 – Mozilla: Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8
https://notcve.org/view.php?id=CVE-2019-11709
Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8. Los desarrolladores de Mozilla y los miembros de la comunidad reportaron bugs de seguridad de memoria presentes en Firefox versión 67 y Firefox ESR versión 60.7. Algunos de estos errores mostraron evidencias de corrupción de memoria y presumimos que, con el esfuerzo suficiente, algunos de estos podrían explotarse para ejecutar código arbitrario. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00055.html http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00058.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00073.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html https://bugzilla.mozilla.org/buglist.cgi?bug_id=1547266%2C1540759%2C1548822%2C1550498%2C1515052%2C1539219%2C1547757%2C1550498%2C1533522 https://lis • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 69%CPEs: 8EXPL: 1CVE-2019-11730 – Mozilla: Same-origin policy treats all files in a directory as having the same-origin
https://notcve.org/view.php?id=CVE-2019-11730
A vulnerability exists where if a user opens a locally saved HTML file, this file can use file: URIs to access other files in the same directory or sub-directories if the names are known or guessed. The Fetch API can then be used to read the contents of any files stored in these directories and they may uploaded to a server. It was demonstrated that in combination with a popular Android messaging app, if a malicious HTML attachment is sent to a user and they opened that attachment in Firefox, due to that app's predictable pattern for locally-saved file names, it is possible to read attachments the victim received from other correspondents. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8. Se presenta una vulnerabilidad donde, si un usuario abre un archivo HTML guardado localmente, este archivo puede usar URIs file: para acceder a otros archivos en el mismo directorio o subdirectorios si los nombres son conocidos o adivinados. • https://github.com/alidnf/CVE-2019-11730 http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00055.html http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00058.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00073.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html https://bugzilla.mozilla.org/show_bug.cgi?id=1558299 https://lists.debian.org/debian& • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 5.3EPSS: 0%CPEs: 25EXPL: 5CVE-2019-11038 – Uninitialized read in gdImageCreateFromXbm
https://notcve.org/view.php?id=CVE-2019-11038
When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code. Cuando se usa la función gdImageCreateFromXbm () en la Biblioteca de gráficos GD (también conocida como LibGD) 2.2.5, como se usa en la extensión PHP GD en las versiones de PHP 7.1.x debajo de 7.1.30, 7.2.x debajo de 7.2.19 y 7.3.x debajo 7.3.6, es posible suministrar datos que harán que la función use el valor de la variable no inicializada. Esto puede llevar a revelar el contenido de la pila que ha quedado allí por código anterior. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00020.html https://access.redhat.com/errata/RHSA-2019:2519 https://access.redhat.com/errata/RHSA-2019:3299 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929821 https://bugs.php.net/bug.php?id=77973 https://bugzilla.redhat.com/show_bug.cgi?id=1724149 https://bugzilla.redhat.com/show_bug.cgi?id=1724432 https://bugzilla.suse.com/show_bug.cgi? • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-457: Use of Uninitialized Variable CWE-908: Use of Uninitialized Resource •
CVSS: 4.7EPSS: 0%CPEs: 1EXPL: 1CVE-2019-11881
https://notcve.org/view.php?id=CVE-2019-11881
A vulnerability exists in Rancher 2.1.4 in the login component, where the errorMsg parameter can be tampered to display arbitrary content, filtering tags but not special characters or symbols. There's no other limitation of the message, allowing malicious users to lure legitimate users to visit phishing sites with scare tactics, e.g., displaying a "This version of Rancher is outdated, please visit https://malicious.rancher.site/upgrading" message. Existe una vulnerabilidad Rancher 2.1.4 en el componente de inicio de sesión, donde el parámetro errorMsg puede ser manipularse para mostrar contenido arbitrario, filtrando etiquetas pero caracteres especiales o símbolos. No hay otra limitación del mensaje, permitiendo a usuarios maliciosos atraer a usuarios para visitar con tácticas de miedo. por ejemplo, mostrando un mensaje "Esta versión de Rancher está desactualizada, visite https://malicious.rancher.site/upgrading" . • https://github.com/MauroEldritch/VanCleef https://github.com/rancher/rancher/issues/20216 •