CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2019-14849 – 3scale: user session cookie does not set HTTPOnly
https://notcve.org/view.php?id=CVE-2019-14849
A vulnerability was found in 3scale before version 2.6, did not set the HTTPOnly attribute on the user session cookie. An attacker could use this to conduct cross site scripting attacks and gain access to unauthorized information. Se encontró una vulnerabilidad en 3scale versión anterior a 2.6, no estableció el atributo HTTPOnly en la cookie de sesión del usuario. Un atacante podría usar esto para conducir ataques de tipo cross site scripting y conseguir acceso a información no autorizada. A flaw was found where 3scale did not set the HTTPOnly attribute on the user session cookie. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14849 https://access.redhat.com/security/cve/CVE-2019-14849 https://bugzilla.redhat.com/show_bug.cgi?id=1712167 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-201: Insertion of Sensitive Information Into Sent Data •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2019-10216 – ghostscript: -dSAFER escape via .buildfont1 (701394)
https://notcve.org/view.php?id=CVE-2019-10216
In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. An attacker could abuse this flaw by creating a specially crafted PostScript file that could escalate privileges and access files outside of restricted areas. En ghostscript anterior a la versión 9.50, el procedimiento .buildfont1 no aseguraba adecuadamente sus llamadas privilegiadas, permitiendo que los scripts eludieran las restricciones `-dSAFER`. Un atacante podría abusar de esta fallo al crear un archivo PostScript especialmente diseñado que podría escalar privilegios y acceder a archivos fuera de las áreas restringidas. It was found that the .buildfont1 procedure did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=5b85ddd19 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10216 https://security.gentoo.org/glsa/202004-03 https://access.redhat.com/security/cve/CVE-2019-10216 https://bugzilla.redhat.com/show_bug.cgi?id=1737080 • CWE-648: Incorrect Use of Privileged APIs •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7512 – AMP: validation bypass in oauth
https://notcve.org/view.php?id=CVE-2017-7512
Red Hat 3scale (aka RH-3scale) API Management Platform (AMP) before 2.0.0 would permit creation of an access token without a client secret. An attacker could use this flaw to circumvent authentication controls and gain access to restricted APIs. NOTE: some sources have a typo in which CVE-2017-7512 maps to an OpenVPN vulnerability. The proper CVE ID for that OpenVPN vulnerability is CVE-2017-7521. Specifically, CVE-2017-7521 is the correct CVE ID for TWO closely related findings in OpenVPN. • https://access.redhat.com/errata/RHSA-2017:1712 https://access.redhat.com/security/cve/cve-2017-7512 https://bugzilla.redhat.com/show_bug.cgi?id=1457997 https://access.redhat.com/security/cve/CVE-2017-7512 • CWE-863: Incorrect Authorization •