CVSS: 7.0EPSS: 0%CPEs: 6EXPL: 3CVE-2023-4504 – OpenPrinting CUPS/libppd Postscript Parsing Heap Overflow
https://notcve.org/view.php?id=CVE-2023-4504
Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023. Debido a un error al validar la longitud proporcionada por un documento PPD PostScript creado por un atacante, CUPS y libppd son susceptibles a un desbordamiento del búfer y posiblemente a la ejecución de código. Este problema se solucionó en la versión 2.4.7 de CUPS, lanzada en septiembre de 2023. • https://github.com/OpenPrinting/cups/releases/tag/v2.4.7 https://github.com/OpenPrinting/cups/security/advisories/GHSA-pf5r-86w9-678h https://github.com/OpenPrinting/libppd/security/advisories/GHSA-4f65-6ph5-qwh6 https://lists.debian.org/debian-lts-announce/2023/09/msg00041.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WHEJIYMMAIXU2EC35MGTB5LGGO2FFJE https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5WVS4I7JG3LISFPKTM6ADKJXXEPEEWBQ • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2023-43669
https://notcve.org/view.php?id=CVE-2023-43669
The Tungstenite crate before 0.20.1 for Rust allows remote attackers to cause a denial of service (minutes of CPU consumption) via an excessive length of an HTTP header in a client handshake. The length affects both how many times a parse is attempted (e.g., thousands of times) and the average amount of data for each parse attempt (e.g., millions of bytes). El Tungstenite crate anterior a la versión 0.20.1 para Rust permite a atacantes remotos provocar una denegación del servicio (de minutos de consumo de la CPU) a través de una longitud excesiva de un encabezado HTTP en el handshake del cliente. La longitud afecta tanto a cuántas veces se intenta un análisis (por ejemplo, miles de veces) y la cantidad promedio de datos para cada intento de análisis (por ejemplo, millones de bytes). • https://bugzilla.redhat.com/show_bug.cgi?id=2240110 https://bugzilla.suse.com/show_bug.cgi?id=1215563 https://crates.io/crates/tungstenite/versions https://cwe.mitre.org/data/definitions/407.html https://github.com/advisories/GHSA-9mcr-873m-xcxp https://github.com/github/advisory-database/pull/2752 https://github.com/snapview/tungstenite-rs/commit/8b3ecd3cc0008145ab4bc8d0657c39d09db8c7e2 https://github.com/snapview/tungstenite-rs/issues/376 https://lists.fedoraproject.org/archives/list/package-an •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0CVE-2023-4236 – named may terminate unexpectedly under high DNS-over-TLS query load
https://notcve.org/view.php?id=CVE-2023-4236
A flaw in the networking code handling DNS-over-TLS queries may cause `named` to terminate unexpectedly due to an assertion failure. This happens when internal data structures are incorrectly reused under significant DNS-over-TLS query load. This issue affects BIND 9 versions 9.18.0 through 9.18.18 and 9.18.11-S1 through 9.18.18-S1. Una falla en el código de red que maneja consultas DNS sobre TLS puede causar que "named" finalice inesperadamente debido a una falla de aserción. Esto sucede cuando las estructuras de datos internas se reutilizan incorrectamente bajo una carga significativa de consultas DNS sobre TLS. Este problema afecta a las versiones 9.18.0 a 9.18.18 y 9.18.11-S1 a 9.18.18-S1 de BIND 9. • http://www.openwall.com/lists/oss-security/2023/09/20/2 https://kb.isc.org/docs/cve-2023-4236 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPJLLTJCSDJJII7IIZPLTBQNWP7MZH7F https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U35OARLQCPMVCBBPHWBXY5M6XJLD2TZ5 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VSK5V4W4OHPM3JTJGWAQD6CZW7SFD75B https://security.netapp.com/advisory/ntap-20231013-0004 https:/& • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-41164 – python-django: Potential denial of service vulnerability in ``django.utils.encoding.uri_to_iri()``
https://notcve.org/view.php?id=CVE-2023-41164
In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uri_to_iri() is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters. En Django 3.2 anterior a 3.2.21, 4.1 anterior a 4.1.11 y 4.2 anterior a 4.2.5, django.utils.encoding.uri_to_iri() está sujeto a un posible ataque DoS (denegación de servicio) a través de ciertas entradas con un número muy grande de caracteres Unicode. An uncontrolled resource consumption vulnerability was found in Django. Feeding certain inputs with a very large number of Unicode characters to the URI to IRI encoder function can lead to a denial of service. • https://docs.djangoproject.com/en/4.2/releases/security https://groups.google.com/forum/#%21forum/django-announce https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQJOMNRMVPCN5WMIZ7YSX5LQ7IR2NY4D https://security.netapp.com/advisory/ntap-20231214-0002 https://www.djangoproject.com/weblog/2023/sep/04/security-releases https://access.redhat.com/security/ • CWE-400: Uncontrolled Resource Consumption CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 5.9EPSS: 0%CPEs: 29EXPL: 0CVE-2023-4806 – Glibc: potential use-after-free in getaddrinfo()
https://notcve.org/view.php?id=CVE-2023-4806
A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags. Se encontró una falla en glibc. • http://www.openwall.com/lists/oss-security/2023/10/03/4 http://www.openwall.com/lists/oss-security/2023/10/03/5 http://www.openwall.com/lists/oss-security/2023/10/03/6 http://www.openwall.com/lists/oss-security/2023/10/03/8 https://access.redhat.com/errata/RHSA-2023:5453 https://access.redhat.com/errata/RHSA-2023:5455 https://access.redhat.com/errata/RHSA-2023:7409 https://access.redhat.com/security/cve/CVE-2023-4806 https://bugzilla.redhat.com/sho • CWE-416: Use After Free •