CVSS: 7.5EPSS: 0%CPEs: 32EXPL: 1CVE-2021-22926
https://notcve.org/view.php?id=CVE-2021-22926
libcurl-using applications can ask for a specific client certificate to be used in a transfer. This is done with the `CURLOPT_SSLCERT` option (`--cert` with the command line tool).When libcurl is built to use the macOS native TLS library Secure Transport, an application can ask for the client certificate by name or with a file name - using the same option. If the name exists as a file, it will be used instead of by name.If the appliction runs with a current working directory that is writable by other users (like `/tmp`), a malicious user can create a file name with the same name as the app wants to use by name, and thereby trick the application to use the file based cert instead of the one referred to by name making libcurl send the wrong client certificate in the TLS connection handshake. Las aplicaciones que usan libcurl pueden pedir un certificado de cliente específico para ser usado en una transferencia. Esto se hace con la opción "CURLOPT_SSLCERT" ("--cert" con la herramienta de línea de comandos).Cuando libcurl se construye para usar la biblioteca TLS nativa de macOS Transporte Seguro, una aplicación puede pedir el certificado del cliente por su nombre o con un nombre de archivo - usando la misma opción. • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://hackerone.com/reports/1234760 https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cdev.kafka.apache.org%3E https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3Cusers.kafka.apache.org%3E https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cdev.kafka.apache.org%3E https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3Cuser • CWE-295: Improper Certificate Validation CWE-840: Business Logic Errors •
CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 0CVE-2021-36222 – krb5: Sending a request containing PA-ENCRYPTED-CHALLENGE padata element without using FAST could result in NULL dereference in KDC which leads to DoS
https://notcve.org/view.php?id=CVE-2021-36222
ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) before 1.18.4 and 1.19.x before 1.19.2 allows remote attackers to cause a NULL pointer dereference and daemon crash. This occurs because a return value is not properly managed in a certain situation. La función ec_verify en el archivo kdc/kdc_preauth_ec.c en el Centro de Distribución de Claves (KDC) en MIT Kerberos 5 (también se conoce como krb5) versiones anteriores a 1.18.4 y versiones 1.19.x anteriores a 1.19.2, permite a atacantes remotos causar una desreferencia de puntero NULL y un bloqueo del daemon. Esto ocurre porque un valor de retorno no es manejado apropiadamente en una situación determinada A flaw was found in krb5. This flaw allows an unauthenticated attacker to cause a NULL dereference in the KDC by sending a request containing a PA-ENCRYPTED-CHALLENGE padata element without using FAST. • https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562 https://github.com/krb5/krb5/releases https://security.netapp.com/advisory/ntap-20211022-0003 https://security.netapp.com/advisory/ntap-20211104-0007 https://web.mit.edu/kerberos/advisories https://www.debian.org/security/2021/dsa-4944 https://www.oracle.com/security-alerts/cpuoct2021.html https://access.redhat.com/security/cve/CVE-2021-36222 https://bugzilla.redhat.com/show_bug.cgi?id=1983720 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 31%CPEs: 14EXPL: 0CVE-2021-2389 – MySQL memcached Plugin Integer Underflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-2389
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.9 (Availability impacts). • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2UTW5KMPPDKIMGB4ULE2HS22HYLVKYIH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VGR5ZTB5QEDRRC6G5U6TFNCIVBBKGS5J https://security.netapp.com/advisory/ntap-20210723-0001 https://www.oracle.com/security-alerts/cpujul2021.html https://www.zerodayinitiative.com/advisories/ZDI-21-880 https://access.redhat.com/security/cve/CVE-2021-2389 https://bugzilla.redhat.com/show_bug.cgi?id=1992309 •
CVSS: 5.0EPSS: 0%CPEs: 7EXPL: 0CVE-2021-2385 – mysql: Server: Replication unspecified vulnerability (CPU Jul 2021)
https://notcve.org/view.php?id=CVE-2021-2385
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.0 (Integrity and Availability impacts). • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OO2Q5PIFURXLLKCIJE6XF6VL4LLMNO5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OPJAGVMRKODR4QIXQSVEM4BLRZUM7P3R https://security.netapp.com/advisory/ntap-20210723-0001 https://www.oracle.com/security-alerts/cpujul2021.html https://access.redhat.com/security/cve/CVE-2021-2385 https://bugzilla.redhat.com/show_bug.cgi?id=1992307 •
CVSS: 4.4EPSS: 0%CPEs: 15EXPL: 0CVE-2021-2372 – mysql: InnoDB unspecified vulnerability (CPU Jul 2021)
https://notcve.org/view.php?id=CVE-2021-2372
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2UTW5KMPPDKIMGB4ULE2HS22HYLVKYIH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OO2Q5PIFURXLLKCIJE6XF6VL4LLMNO5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OPJAGVMRKODR4QIXQSVEM4BLRZUM7P3R https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VGR5ZTB5QEDRRC6G5U6TFNCIVBBKGS5J https://security.netapp.com/advisory/ntap-20210723-0001 https:&# •