CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-31232
https://notcve.org/view.php?id=CVE-2021-31232
The Alertmanager in CNCF Cortex before 1.8.1 has a local file disclosure vulnerability when -experimental.alertmanager.enable-api is used. The HTTP basic auth password_file can be used as an attack vector to send any file content via a webhook. The alertmanager templates can be used as an attack vector to send any file content because the alertmanager can load any text file specified in the templates list. Alertmanager en CNCF Cortex versiones anteriores a 1.8.1, presenta una vulnerabilidad de divulgación de archivos locales cuando es usado -experimental.alertmanager.enable-api. El archivo de contraseña de autenticación básica HTTP se puede usar como un vector de ataque para enviar cualquier contenido de archivo por medio de un webhook. • https://community.grafana.com/c/security-announcements https://github.com/cortexproject/cortex https://github.com/cortexproject/cortex/pull/4129/files https://lists.cncf.io/g/cortex-users/message/50 •
CVSS: 8.0EPSS: 0%CPEs: 6EXPL: 0CVE-2021-20288 – ceph: Unauthorized global_id reuse in cephx
https://notcve.org/view.php?id=CVE-2021-20288
An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHX_GET_AUTH_SESSION_KEY requests, it doesn't sanitize other_keys, allowing key reuse. An attacker who can request a global_id can exploit the ability of any user to request a global_id previously associated with another user, as ceph does not force the reuse of old keys to generate new ones. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo de autenticación en ceph en versiones anteriores a 14.2.20. • https://bugzilla.redhat.com/show_bug.cgi?id=1938031 https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/362CEPPYF3YMJZBEJQUT3KDE2EHYYIYQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5BPIAYTRCWAU4XWCDBK2THEFVXSC4XGK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JVWUKUUS5BCIFWRV3JCUQMAPJ4HIWSED https://security.gentoo.org/glsa/202105-39 ht • CWE-287: Improper Authentication •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-29136
https://notcve.org/view.php?id=CVE-2021-29136
Open Container Initiative umoci before 0.4.7 allows attackers to overwrite arbitrary host paths via a crafted image that causes symlink traversal when "umoci unpack" or "umoci raw unpack" is used. Open Container Initiative umoci versiones anteriores a 0.4.7, permite a atacantes sobrescribir rutas de host arbitrarias por medio de una imagen diseñada que causa un salto de enlace simbólico cuando es usado "umoci unpack" o "umoci raw unpack" • http://www.openwall.com/lists/oss-security/2021/04/06/2 https://github.com/opencontainers/umoci/commit/d9efc31daf2206f7d3fdb839863cf7a576a2eb57 https://github.com/opencontainers/umoci/security/advisories/GHSA-9m95-8hx6-7p9v • CWE-20: Improper Input Validation •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20206 – containernetworking-cni: Arbitrary path injection via type field in CNI configuration
https://notcve.org/view.php?id=CVE-2021-20206
An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the system. This flaw allows an attacker to execute other existing binaries other than the cni plugins/types, such as 'reboot'. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Se detectó una limitación inapropiada del fallo en el nombre de la ruta en containernetworking/cni en versiones anteriores a 0.8.1. • https://bugzilla.redhat.com/show_bug.cgi?id=1919391 https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMCONTAINERNETWORKINGCNIPKGINVOKE-1070549 https://access.redhat.com/security/cve/CVE-2021-20206 • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2021-26924
https://notcve.org/view.php?id=CVE-2021-26924
An issue was discovered in Argo CD before 1.8.4. Browser XSS protection is not activated due to the missing XSS protection header. Se detectó un problema en Argo CD versiones anteriores a 1.8.4. Una protección de XSS del navegador no está activada debido a una falta del encabezado de protección de XSS • https://github.com/argoproj/argo-cd/compare/v1.8.3...v1.8.4 https://github.com/argoproj/argo-cd/security/advisories/GHSA-pg99-h5gc-446r • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •