CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 3CVE-2020-7712 – Command Injection
https://notcve.org/view.php?id=CVE-2020-7712
30 Aug 2020 — This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function. Esto afecta al paquete json versiones anteriores a 10.0.0. Es posible inyectar comandos arbitrarios usando la función parseLookup • https://github.com/trentm/json/issues/144 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 92%CPEs: 74EXPL: 2CVE-2020-13935 – tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS
https://notcve.org/view.php?id=CVE-2020-13935
14 Jul 2020 — The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service. La longitud de la carga útil en una trama de WebSocket no fue comprobada correctamente en Apache Tomcat versiones 10.0.0-M1 hasta 10.0.0-M6, versiones 9.0.0.M1 hasta 9.0.36, versiones 8.5.0 hasta 8.5.56 y v... • https://github.com/RedTeamPentesting/CVE-2020-13935 • CWE-400: Uncontrolled Resource Consumption CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.1EPSS: 14%CPEs: 15EXPL: 0CVE-2019-17573 – cxf: reflected XSS in the services listing page
https://notcve.org/view.php?id=CVE-2019-17573
16 Jan 2020 — By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack, which allows a malicious actor to inject javascript into the web page. Please note that the attack exploits a feature which is not typically not present in modern browsers, who remove dot segments before sending the request. However, Mobile applications may be vulnerable. Por defecto, Apache CXF crea una página /servi... • http://cxf.apache.org/security-advisories.data/CVE-2019-17573.txt.asc?version=1&modificationDate=1579178542000&api=v2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 1%CPEs: 12EXPL: 0CVE-2019-12423 – cxf: OpenId Connect token service does not properly validate the clientId
https://notcve.org/view.php?id=CVE-2019-12423
16 Jan 2020 — Apache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. Typically, the service obtains the public key from a local keystore (JKS/PKCS12) by specifing the path of the keystore and the alias of the keystore entry. This case is not vulnerable. However it is also possible to obtain the keys from a JWK keystore file, by setting the configuration parameter "rs.security.ke... • http://cxf.apache.org/security-advisories.data/CVE-2019-12423.txt.asc?version=1&modificationDate=1579178393000&api=v2 • CWE-522: Insufficiently Protected Credentials •
CVSS: 8.1EPSS: 2%CPEs: 68EXPL: 0CVE-2020-2604 – OpenJDK: Serialization filter changes via jdk.serialFilter property modification (Serialization, 8231422)
https://notcve.org/view.php?id=CVE-2020-2604
15 Jan 2020 — Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typi... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00050.html • CWE-471: Modification of Assumed-Immutable Data (MAID) CWE-502: Deserialization of Untrusted Data •
CVSS: 6.5EPSS: 1%CPEs: 429EXPL: 0CVE-2019-10219 – hibernate-validator: safeHTML validator allows XSS
https://notcve.org/view.php?id=CVE-2019-10219
08 Nov 2019 — A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack. Una vulnerabilidad fue encontrada en Hibernate-Validator. La anotación del validador SafeHtml no puede sanear apropiadamente las cargas útiles que consisten en código potencialmente malicioso en los comentarios e instrucciones HTML. • https://access.redhat.com/errata/RHSA-2020:0159 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 11%CPEs: 7EXPL: 0CVE-2019-12419 – cxf: OpenId Connect token service does not properly validate the clientId
https://notcve.org/view.php?id=CVE-2019-12419
06 Nov 2019 — Apache CXF before 3.3.4 and 3.2.11 provides all of the components that are required to build a fully fledged OpenId Connect service. There is a vulnerability in the access token services, where it does not validate that the authenticated principal is equal to that of the supplied clientId parameter in the request. If a malicious client was able to somehow steal an authorization code issued to another client, then they could exploit this vulnerability to obtain an access token for the other client. Apache CX... • http://cxf.apache.org/security-advisories.data/CVE-2019-12419.txt.asc • CWE-287: Improper Authentication CWE-863: Incorrect Authorization •
CVSS: 6.5EPSS: 2%CPEs: 6EXPL: 0CVE-2019-12406 – cxf: does not restrict the number of message attachments
https://notcve.org/view.php?id=CVE-2019-12406
06 Nov 2019 — Apache CXF before 3.3.4 and 3.2.11 does not restrict the number of message attachments present in a given message. This leaves open the possibility of a denial of service type attack, where a malicious user crafts a message containing a very large number of message attachments. From the 3.3.4 and 3.2.11 releases, a default limit of 50 message attachments is enforced. This is configurable via the message property "attachment-max-count". Apache CXF versiones anteriores a la versión 3.3.4 y 3.2.11, no restring... • http://cxf.apache.org/security-advisories.data/CVE-2019-12406.txt.asc • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •