Page 34 of 442 results (0.259 seconds)

CVSS: 8.2EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-21381 – Sandbox escape via special tokens in .desktop file

https://notcve.org/view.php?id=CVE-2021-21381

Flatpak es un sistema para construir, distribuir y ejecutar aplicaciones de escritorio en sandbox en Linux. ... Como solución, evite instalar aplicaciones Flatpak de fuentes no fiables, o compruebe el contenido de los archivos exportados ".desktop" en "exports/share/applications/*.desktop" (normalmente "~/.local/share/flatpak/exports/share/applications/*.desktop" y "/var/lib/flatpak/exports/share/applications/*.desktop") para asegurarse de que los nombres literales de los archivos no siguen "@@" o "@@u" A sandbox escape flaw was found in the way flatpak handled special tokens in ".desktop" files. • https://github.com/flatpak/flatpak/commit/8279c5818425b6812523e3805bbe242fb6a5d961 https://github.com/flatpak/flatpak/commit/a7401e638bf0c03102039e216ab1081922f140ae https://github.com/flatpak/flatpak/commit/eb7946bb6248923d8c90fe9b84425fef97ae580d https://github.com/flatpak/flatpak/pull/4156 https://github.com/flatpak/flatpak/releases/tag/1.10.2 https://github.com/flatpak/flatpak/security/advisories/GHSA-xgh4-387p-hqpp https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2MXXLXC2DPJ45HSMTI5MZYHMYEGQN6AA&# • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-284: Improper Access Control •

CVSS: 9.0EPSS: 0%CPEs: 28EXPL: 0

CVE-2020-13936 – Velocity Sandbox Bypass

https://notcve.org/view.php?id=CVE-2020-13936

An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. This applies to applications that allow untrusted users to upload/modify velocity templates running Apache Velocity Engine versions up to 2.2. Un atacante que es capaz de modificar las plantillas de Velocity puede ejecutar código Java arbitrario o ejecutar comandos de sistema arbitrarios con los mismos privilegios que la cuenta que ejecuta el contenedor Servlet. Esto se aplica a las aplicaciones que permiten a usuarios no confiables cargar y modificar plantillas de velocidad que ejecutan versiones de Apache Velocity Engine versiones hasta la 2.2 A flaw was found in velocity. An attacker, able to modify Velocity templates, may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet container. • http://www.openwall.com/lists/oss-security/2021/03/10/1 https://lists.apache.org/thread.html/r01043f584cbd47959fabe18fff64de940f81a65024bb8dddbda31d9a%40%3Cuser.velocity.apache.org%3E https://lists.apache.org/thread.html/r0bc98e9cd080b4a13b905c571b9bed87e1a0878d44dbf21487c6cca4%40%3Cdev.santuario.apache.org%3E https://lists.apache.org/thread.html/r17cb932fab14801b14e5b97a7f05192f4f366ef260c10d4a8dba8ac9%40%3Cdev.ws.apache.org%3E https://lists.apache.org/thread.html/r293284c6806c73f51098001ea86a14271c39f72cd76af9e946d9d9ad%40%3Cdev.ws.apache.org%3E https://lists • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-23957

https://notcve.org/view.php?id=CVE-2021-23957

Navigations through the Android-specific `intent` URL scheme could have been misused to escape iframe sandbox. ... Las navegaciones por medio del esquema de URL "intent" específico de Android podrían haber sido usado inapropiadamente para escapar del sandbox de iframe. • https://bugzilla.mozilla.org/show_bug.cgi?id=1584582 https://www.mozilla.org/security/advisories/mfsa2021-03 •

CVSS: 9.6EPSS: 0%CPEs: 4EXPL: 1

CVE-2021-21155

https://notcve.org/view.php?id=CVE-2021-21155

Heap buffer overflow in Tab Strip in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Un desbordamiento del búfer de la pila en Tab Strip en Google Chrome en Windows versiones anteriores a 88.0.4324.182, permitió a un atacante remoto que había comprometido el proceso del renderizador llevar a cabo potencialmente un escape del sandbox por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_16.html https://crbug.com/1175500 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI6ZIJQYP5DFMYVX4J5OGOU2NQLEZ3SB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FE5SIKEVYTMDCC5OSXGOM2KRPYLHYMQX https://security.gentoo.org/glsa/202104-08 • CWE-787: Out-of-bounds Write •

CVSS: 9.6EPSS: 0%CPEs: 3EXPL: 1

CVE-2021-21154

https://notcve.org/view.php?id=CVE-2021-21154

Heap buffer overflow in Tab Strip in Google Chrome prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Un desbordamiento del búfer de la pila en Tab Strip en Google Chrome versiones anteriores a 88.0.4324.182, permitía a un atacante remoto que había comprometido el proceso del renderizador llevar a cabo potencialmente un escape del sandbox por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_16.html https://crbug.com/1173269 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI6ZIJQYP5DFMYVX4J5OGOU2NQLEZ3SB https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FE5SIKEVYTMDCC5OSXGOM2KRPYLHYMQX https://security.gentoo.org/glsa/202104-08 • CWE-787: Out-of-bounds Write •