CVSS: 8.6EPSS: 0%CPEs: 14EXPL: 2CVE-2022-2132 – dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
https://notcve.org/view.php?id=CVE-2022-2132
A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK. Se ha encontrado un fallo en la lista de entradas permitidas en DPDK. Este problema permite a un atacante remoto causar una denegación de servicio al enviar un encabezado Vhost diseñado a DPDK • https://bugs.dpdk.org/show_bug.cgi?id=1031 https://bugzilla.redhat.com/show_bug.cgi?id=2099475 https://lists.debian.org/debian-lts-announce/2022/09/msg00000.html https://access.redhat.com/security/cve/CVE-2022-2132 • CWE-770: Allocation of Resources Without Limits or Throttling CWE-791: Incomplete Filtering of Special Elements •
CVSS: 7.4EPSS: 0%CPEs: 7EXPL: 3CVE-2021-3563
https://notcve.org/view.php?id=CVE-2021-3563
A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integrity. Se ha encontrado un fallo en openstack-keystone. Sólo son verificados los primeros 72 caracteres del secreto de una aplicación, lo que permite a atacantes omitir determinada complejidad de las contraseñas con la que pueden contar los administradores. • https://access.redhat.com/security/cve/CVE-2021-3563 https://bugs.launchpad.net/ossa/+bug/1901891 https://bugzilla.redhat.com/show_bug.cgi?id=1962908 https://lists.debian.org/debian-lts-announce/2024/01/msg00007.html https://security-tracker.debian.org/tracker/CVE-2021-3563 • CWE-863: Incorrect Authorization •
CVSS: 3.2EPSS: 0%CPEs: 11EXPL: 2CVE-2020-14394
https://notcve.org/view.php?id=CVE-2020-14394
An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service. Se ha encontrado un fallo de bucle infinito en la emulación del controlador USB xHCI de QEMU mientras es calculada la longitud del anillo de petición de transferencia (TRB). Este fallo permite a un usuario invitado privilegiado colgar el proceso de QEMU en el host, resultando en una denegación de servicio. • https://bugzilla.redhat.com/show_bug.cgi?id=1908004 https://gitlab.com/qemu-project/qemu/-/issues/646 https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I7J5IRXJYLELW7D43A75LOWRUE5EU54O • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2022-23452 – openstack-barbican: Barbican allows anyone with an admin role to add their secrets to a different project's containers
https://notcve.org/view.php?id=CVE-2022-23452
An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container. This flaw allows an attacker on the network to consume protected resources and cause a denial of service. Se ha encontrado un fallo de autorización en openstack-barbican, donde cualquier persona con un rol de administrador puede añadir secretos a un contenedor de proyecto diferente. Este fallo permite a un atacante en la red consumir recursos protegidos y causar una denegación de servicio • https://access.redhat.com/security/cve/CVE-2022-23452 https://bugzilla.redhat.com/show_bug.cgi?id=2022908 https://bugzilla.redhat.com/show_bug.cgi?id=2025090 https://review.opendev.org/c/openstack/barbican/+/814200 https://storyboard.openstack.org/#%21/story/2009297 • CWE-863: Incorrect Authorization •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-0866 – wildfly: Wildfly management of EJB Session context returns wrong caller principal with Elytron Security enabled
https://notcve.org/view.php?id=CVE-2022-0866
This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. In particular, the org.jboss.as.ejb3.component.EJBComponent class has an incomingRunAsIdentity field. This field is used by the org.jboss.as.ejb3.security.RunAsPrincipalInterceptor to keep track of the current identity prior to switching to a new identity created using the RunAs principal. The exploit consist that the EJBComponent#incomingRunAsIdentity field is currently just a SecurityIdentity. This means in a concurrent environment, where multiple users are repeatedly invoking an EJB that is configured with a RunAs principal, it's possible for the wrong the caller principal to be returned from EJBComponent#getCallerPrincipal. • https://bugzilla.redhat.com/show_bug.cgi?id=2060929#c0 https://access.redhat.com/security/cve/CVE-2022-0866 https://bugzilla.redhat.com/show_bug.cgi?id=2060929 • CWE-863: Incorrect Authorization CWE-1220: Insufficient Granularity of Access Control •