CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-29662
https://notcve.org/view.php?id=CVE-2020-29662
In Harbor 2.0 before 2.0.5 and 2.1.x before 2.1.2 the catalog’s registry API is exposed on an unauthenticated path. En Harbour versiones 2.0 anteriores a 2.0.5 y versiones 2.1.x anteriores a 2.1.2, la API de registro del catálogo está expuesta en una ruta no autenticada • https://github.com/goharbor/harbor/security/advisories/GHSA-38r5-34mr-mvm7 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0CVE-2020-26290 – Critical security issues in XML encoding in Dex
https://notcve.org/view.php?id=CVE-2020-26290
Dex is a federated OpenID Connect provider written in Go. In Dex before version 2.27.0 there is a critical set of vulnerabilities which impacts users leveraging the SAML connector. The vulnerabilities enables potential signature bypass due to issues with XML encoding in the underlying Go library. The vulnerabilities have been addressed in version 2.27.0 by using the xml-roundtrip-validator from Mattermost (see related references). Dex es un proveedor federado de OpenID Connect escrito en Go. • https://github.com/dexidp/dex/commit/324b1c886b407594196113a3dbddebe38eecd4e8 https://github.com/dexidp/dex/releases/tag/v2.27.0 https://github.com/dexidp/dex/security/advisories/GHSA-m9hp-7r99-94h5 https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-attributes.md https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-directives.md https://github.com/mattermost/xml-roundtrip-validator/blob/master/advisories/unstable-elements.md https://github.com/r • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-11093 – Authorization bypass in Hyperledger Indy
https://notcve.org/view.php?id=CVE-2020-11093
Hyperledger Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity. In Hyperledger Indy before version 1.12.4, there is lack of signature verification on a specific transaction which enables an attacker to make certain unauthorized alterations to the ledger. Updating a DID with a nym transaction will be written to the ledger if neither ROLE or VERKEY are being changed, regardless of sender. A malicious DID with no particular role can ask an update for another DID (but cannot modify its verkey or role). This is bad because 1) Any DID can write a nym transaction to the ledger (i.e., any DID can spam the ledger with nym transactions), 2) Any DID can change any other DID's alias, 3) The update transaction modifies the ledger metadata associated with a DID. • https://github.com/hyperledger/indy-node/blob/master/CHANGELOG.md#1124 https://github.com/hyperledger/indy-node/blob/master/docs/source/auth_rules.md https://github.com/hyperledger/indy-node/commit/55056f22c83b7c3520488b615e1577e0f895d75a https://github.com/hyperledger/indy-node/security/advisories/GHSA-wh2w-39f4-rpv2 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 5.2EPSS: 0%CPEs: 1EXPL: 2CVE-2020-26273 – sqlite ATTACH allows some filesystem access
https://notcve.org/view.php?id=CVE-2020-26273
osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework. In osquery before version 4.6.0, by using sqlite's ATTACH verb, someone with administrative access to osquery can cause reads and writes to arbitrary sqlite databases on disk. This _does_ allow arbitrary files to be created, but they will be sqlite databases. It does not appear to allow existing non-sqlite files to be overwritten. This has been patched in osquery 4.6.0. • https://github.com/osquery/osquery/commit/c3f9a3dae22d43ed3b4f6a403cbf89da4cba7c3c https://github.com/osquery/osquery/releases/tag/4.6.0 https://github.com/osquery/osquery/security/advisories/GHSA-4g56-2482-x7q8 https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/SQL%20Injection/SQLite%20Injection.md#remote-command-execution-using-sqlite-command---load_extension • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-9301
https://notcve.org/view.php?id=CVE-2020-9301
Nolan Ray from Apple Information Security identified a security vulnerability in Spinnaker, all versions prior to version 1.23.4, 1.22.4 or 1.21.5. The vulnerability exists within the handling of SpEL expressions that allows an attacker to read and write arbitrary files within the orca container via authenticated HTTP POST requests. Nolan Ray de Apple Information Security identificó una vulnerabilidad de seguridad en Spinnaker, todas las versiones anteriores a la versión 1.23.4, 1.22.4 o 1.21.5. La vulnerabilidad se presenta dentro del manejo de expresiones SpEL que permite a un atacante leer y escribir archivos arbitrarios dentro del contenedor orca por medio de peticiones POST HTTP autenticadas • https://github.com/Netflix/security-bulletins/blob/master/advisories/nflx-2020-006.md • CWE-502: Deserialization of Untrusted Data •