CVSS: 6.4EPSS: 1%CPEs: 4EXPL: 1CVE-2024-21520 – djangorestframework: Cross-site Scripting (XSS) via break_long_headers
https://notcve.org/view.php?id=CVE-2024-21520
26 Jun 2024 — Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting (XSS) via the break_long_headers template filter due to improper input sanitization before splitting and joining with
tags. Las versiones del paquete djangorestframework anteriores a la 3.15.2 son vulnerables a Cross-site Scripting (XSS) a través del filtro de plantilla break_long_headers debido a una sanitización inadecuada de la entrada antes de dividir y unir con etiquetas
. A vulnerability was found... • https://github.com/ch4n3-yoon/CVE-2024-21520-Demo • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.3EPSS: 0%CPEs: 44EXPL: 0CVE-2024-3727 – Containers/image: digest type does not guarantee valid type
https://notcve.org/view.php?id=CVE-2024-3727
09 May 2024 — A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks. Se encontró una falla en la librería github.com/containers/image. Esta falla permite a los atacantes activar accesos inesperados al registro autenticado en nombre de un usuario víctima, lo que provoca agotamiento de recursos, path traversal local y otros ataques. This upd... • https://access.redhat.com/errata/RHSA-2024:0045 • CWE-354: Improper Validation of Integrity Check Value •
CVSS: 7.8EPSS: 15%CPEs: 12EXPL: 0CVE-2024-4340 – Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError.
https://notcve.org/view.php?id=CVE-2024-4340
30 Apr 2024 — Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError. Pasar una lista muy anidada a sqlparse.parse() conduce a una denegación de servicio debido a RecursionError. A flaw was found in sqlparse. This issue occurs in a heavily nested list in sqlparse.parse(), where a recursion error may be triggered, which can lead to a denial of service. It was discovered that SQL parse incorrectly handled certain nested lists. • https://github.com/advisories/GHSA-2m57-hf25-phgg • CWE-674: Uncontrolled Recursion •
CVSS: 8.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-1657 – Platform: insecure websocket used when interacting with eda server
https://notcve.org/view.php?id=CVE-2024-1657
25 Apr 2024 — A flaw was found in the ansible automation platform. An insecure WebSocket connection was being used in installation from the Ansible rulebook EDA server. An attacker that has access to any machine in the CIDR block could download all rulebook data from the WebSocket, resulting in loss of confidentiality and integrity of the system. Se encontró una falla en the ansible automation platform. Se estaba utilizando una conexión WebSocket insegura en la instalación desde el servidor EDA del libro de reglas de Ans... • https://access.redhat.com/errata/RHSA-2024:1057 • CWE-1385: Missing Origin Validation in WebSockets •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2024-33663 – python-jose: algorithm confusion with OpenSSH ECDSA keys and other key formats
https://notcve.org/view.php?id=CVE-2024-33663
25 Apr 2024 — python-jose through 3.3.0 has algorithm confusion with OpenSSH ECDSA keys and other key formats. This is similar to CVE-2022-29217. python-jose hasta 3.3.0 tiene confusión de algoritmos con claves OpenSSH ECDSA y otros formatos de claves. Esto es similar a CVE-2022-29217. An update that fixes one vulnerability is now available. This update for python-python-jose fixes the following issues. • https://github.com/mpdavis/python-jose/issues/346 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 8.5EPSS: 0%CPEs: 21EXPL: 0CVE-2024-1135 – HTTP Request Smuggling in benoitc/gunicorn
https://notcve.org/view.php?id=CVE-2024-1135
16 Apr 2024 — Gunicorn fails to properly validate Transfer-Encoding headers, leading to HTTP Request Smuggling (HRS) vulnerabilities. By crafting requests with conflicting Transfer-Encoding headers, attackers can bypass security restrictions and access restricted endpoints. This issue is due to Gunicorn's handling of Transfer-Encoding headers, where it incorrectly processes requests with multiple, conflicting Transfer-Encoding headers, treating them as chunked regardless of the final encoding specified. This vulnerabilit... • https://huntr.com/bounties/22158e34-cfd5-41ad-97e0-a780773d96c1 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 6.7EPSS: 0%CPEs: 23EXPL: 0CVE-2024-28219 – python-pillow: buffer overflow in _imagingcms.c
https://notcve.org/view.php?id=CVE-2024-28219
03 Apr 2024 — In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy. En _imagingcms.c en Pillow anterior a 10.3.0, existe un desbordamiento del búfer porque se usa strcpy en lugar de strncpy. A flaw was found in Pillow. The cms_transform_new function in src/_imagingcms.c does not validate the length of its parameters before copying them into fixed-size buffers, leading to a buffer overflow, resulting in a denial of service. USN-6744-1 fixed a vulnerability in Pillow.... • https://lists.debian.org/debian-lts-announce/2024/04/msg00008.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 38EXPL: 0CVE-2024-1394 – Golang-fips/openssl: memory leaks in code encrypting and decrypting rsa payloads
https://notcve.org/view.php?id=CVE-2024-1394
21 Mar 2024 — A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey and ctx. That function uses named return parameters to free pkey and ctx if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fa... • https://access.redhat.com/errata/RHSA-2024:1462 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2024-21503 – psf/black: ReDoS via the lines_with_leading_tabs_expanded() function in strings.py file
https://notcve.org/view.php?id=CVE-2024-21503
19 Mar 2024 — Versions of the package black before 24.3.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the lines_with_leading_tabs_expanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service. Exploiting this vulnerability is possible when running Black on untrusted input, or if you habitually put thousands of leading tab characters in your docstrings. Las versiones del paquete black anteriores a la 24.3.0 son vu... • https://github.com/psf/black/commit/f00093672628d212b8965a8993cee8bedf5fe9b8 • CWE-75: Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2024-27351 – python-django: Potential regular expression denial-of-service in django.utils.text.Truncator.words()
https://notcve.org/view.php?id=CVE-2024-27351
05 Mar 2024 — In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words() method (with html=True) and the truncatewords_html template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232 and CVE-2023-43665. En Django 3.2 anterior a 3.2.25, 4.2 anterior a 4.2.11 y 5.0 anterior a 5.0.3, el método django.utils.text.Truncator.words() (con html=True) y el filt... • http://www.openwall.com/lists/oss-security/2024/03/04/1 • CWE-1333: Inefficient Regular Expression Complexity •