CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2019-17023 – nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state
https://notcve.org/view.php?id=CVE-2019-17023
08 Jan 2020 — After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. If the client gets into this state, incoming Application Data records will be ignored. This vulnerability affects Firefox < 72. Después de que HelloRetryRequest haya sido enviado, el cliente puede negociar un protocolo inferior que TLS versión 1.3, resultando en una transición de estado no válida en TLS State Machine. Si el cliente entra en este ... • https://bugzilla.mozilla.org/show_bug.cgi?id=1590001 • CWE-287: Improper Authentication •
CVSS: 6.1EPSS: 2%CPEs: 17EXPL: 0CVE-2019-17022 – Mozilla: CSS sanitization does not escape HTML tags
https://notcve.org/view.php?id=CVE-2019-17022
08 Jan 2020 — When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer does not escape < and > characters. Because the resulting string is pasted directly into the text node of the element this does not result in a direct injection into the webpage; however, if a webpage subsequently copies the node's innerHTML, assigning it to another innerHTML, this would result in an XSS vulnerability. Two WYSIWYG editors were identified with this behavior, more may exist. This vulnerability... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00029.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2019-17020
https://notcve.org/view.php?id=CVE-2019-17020
08 Jan 2020 — If an XML file is served with a Content Security Policy and the XML file includes an XSL stylesheet, the Content Security Policy will not be applied to the contents of the XSL stylesheet. If the XSL sheet e.g. includes JavaScript, it would bypass any of the restrictions of the Content Security Policy applied to the XML document. This vulnerability affects Firefox < 72. Si un archivo XML es servido con la Política de Seguridad de Contenido y el archivo XML incluye una hoja de estilo XSL, la Política de Segur... • https://bugzilla.mozilla.org/show_bug.cgi?id=1597645 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 8.8EPSS: 2%CPEs: 17EXPL: 0CVE-2019-17017 – Mozilla: Type Confusion in XPCVariant.cpp
https://notcve.org/view.php?id=CVE-2019-17017
08 Jan 2020 — Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72. Debido a una falta de tipos de objetos del manejo de casos, podría ocurrir una vulnerabilidad de confusión de tipos, resultando en un bloqueo. Suponemos que con el esfuerzo suficiente podría ser explotado para ejecutar código arbitrario. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00029.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.1EPSS: 2%CPEs: 17EXPL: 0CVE-2019-17016 – Mozilla: Bypass of @namespace CSS sanitization during pasting
https://notcve.org/view.php?id=CVE-2019-17016
08 Jan 2020 — When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. This could allow for injection into certain types of websites resulting in data exfiltration. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72. Al pegar un <style> etiqueta del portapapeles en un editor de texto enriquecido, el saneador CSS reescribe incorrectamente una regla @namespace. Esto podría permitir una inyección en ciertos tipos de sitios web re... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00029.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.1EPSS: 3%CPEs: 8EXPL: 1CVE-2019-20367 – Ubuntu Security Notice USN-4243-1
https://notcve.org/view.php?id=CVE-2019-20367
08 Jan 2020 — nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab). El archivo nlist.c en libbsd versiones anteriores a la versión 0.10.0, tiene una lectura fuera de límites durante una comparación de un nombre de símbolo de la tabla de cadenas (strtab). It was discovered that libbsd incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00043.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 1CVE-2019-5188 – e2fsprogs: Out-of-bounds write in e2fsck/rehash.c
https://notcve.org/view.php?id=CVE-2019-5188
08 Jan 2020 — A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability. Existe una vulnerabilidad de ejecución de código en la funcionalidad directory rehashing de E2fsprogs e2fsck versión 1.45.4. Un directorio ext4 especialmente diseñado puede causar una escritura fuera de límites en la pila, resu... • http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00004.html • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2019-19911 – python-pillow: uncontrolled resource consumption in FpxImagePlugin.py
https://notcve.org/view.php?id=CVE-2019-19911
05 Jan 2020 — There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the number of bands is large. On Windows running 32-bit Python, this results in an OverflowError or MemoryError due to the 2 GB limit. However, on Linux running 64-bit Python this results in the process being terminated by the OOM killer. Hay una vulnerabilidad DoS en Pillow versiones anteriores a la versión 6.2.2, causada por el archivo FpxImagePlugin.py llamando a ... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3DUMIBUYGJRAVJCTFUWBRLVQKOUTVX5P • CWE-190: Integer Overflow or Wraparound CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2019-19959 – sqlite: mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames
https://notcve.org/view.php?id=CVE-2019-19959
03 Jan 2020 — ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind. El archivo ext/misc/zipfile.c en SQLite versión 3.30.1, maneja inapropiadamente ciertos usos de INSERT INTO en situaciones que involucran caracteres "\0" insertados en los nombres de archivo, conllevando a un error de administración de memoria que puede ser detectado por valgrind (por eje... • https://github.com/sqlite/sqlite/commit/1e490c4ca6b43a9cf8637d695907888349f69bec • CWE-626: Null Byte Interaction Error (Poison Null Byte) •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2020-5310 – python-pillow: Integer overflow leading to buffer overflow in ImagingLibTiffDecode
https://notcve.org/view.php?id=CVE-2020-5310
03 Jan 2020 — libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc. El archivo libImaging/TiffDecode.c en Pillow versiones anteriores a la versión 6.2.2, tiene un desbordamiento de enteros de la decodificación TIFF, relacionado con realloc. It was discovered that Pillow incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service. It was discovered that Pillow incorrectly handled certain images. • https://github.com/python-pillow/Pillow/commit/4e2def2539ec13e53a82e06c4b3daf00454100c4 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •