CVSS: 7.4EPSS: 0%CPEs: 12EXPL: 0CVE-2021-20218 – fabric8-kubernetes-client: vulnerable to a path traversal leading to integrity and availability compromise
https://notcve.org/view.php?id=CVE-2021-20218
A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client `copy` command to extract files outside the working path. The highest threat from this vulnerability is to integrity and system availability. This has been fixed in kubernetes-client-4.13.2 kubernetes-client-5.0.2 kubernetes-client-4.11.2 kubernetes-client-4.7.2 Se encontró un fallo en fabric8 kubernetes-client en versión 4.2.0 y posteriores. Este fallo permite a un pod/container malicioso causar que unas aplicaciones que usan el comando "copy" de fabric8 kubernetes-client extraigan archivos fuera de la ruta de trabajo. • https://bugzilla.redhat.com/show_bug.cgi?id=1923405 https://github.com/fabric8io/kubernetes-client/issues/2715 https://access.redhat.com/security/cve/CVE-2021-20218 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-20220 – undertow: Possible regression in fix for CVE-2020-10687
https://notcve.org/view.php?id=CVE-2021-20220
A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a web-cache, perform an XSS attack, or obtain sensitive information from request other than their own. The highest threat from this vulnerability is to data confidentiality and integrity. • https://bugzilla.redhat.com/show_bug.cgi?id=1923133 https://security.netapp.com/advisory/ntap-20220210-0013 https://access.redhat.com/security/cve/CVE-2021-20220 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2020-25644 – wildfly-openssl: memory leak per HTTP session creation in WildFly OpenSSL
https://notcve.org/view.php?id=CVE-2020-25644
A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. It may allow the attacker to cause OOM leading to a denial of service. The highest threat from this vulnerability is to system availability. Se encontró un fallo de pérdida de memoria en WildFly OpenSSL en versiones anteriores a 1.1.3.Final, donde se elimina una sesión HTTP. Puede permitir a un atacante causar OOM conllevando a una denegación de servicio. • https://bugzilla.redhat.com/show_bug.cgi?id=1885485 https://github.com/wildfly-security/wildfly-openssl-natives/pull/4/files https://issues.redhat.com/browse/WFSSL-51 https://security.netapp.com/advisory/ntap-20201016-0004 https://access.redhat.com/security/cve/CVE-2020-25644 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-1748 – Wildfly: Improper authorization issue in WildFlySecurityManager when using alternative protection domain
https://notcve.org/view.php?id=CVE-2020-1748
A flaw was found in all supported versions before wildfly-elytron-1.6.8.Final-redhat-00001, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization. This flaw leads to information exposure by unauthenticated access to secure resources. Se encontró un fallo en todas las versiones compatibles anteriores a wildfly-elytron-1.6.8.Final-redhat-00001, donde las comprobaciones de la función WildFlySecurityManager son omitidas cuando se usan administradores de seguridad personalizados, resultando en una autorización inapropiada. Este fallo conlleva a una exposición de una información mediante el acceso no autenticado hacia unos recursos seguros A flaw was found in Wildfly, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization. This flaw leads to information exposure by unauthenticated access to secure resources. • https://bugzilla.redhat.com/show_bug.cgi?id=1807707 https://security.netapp.com/advisory/ntap-20201001-0005 https://access.redhat.com/security/cve/CVE-2020-1748 • CWE-285: Improper Authorization •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-10714 – wildfly-elytron: session fixation when using FORM authentication
https://notcve.org/view.php?id=CVE-2020-10714
A flaw was found in WildFly Elytron version 1.11.3.Final and before. When using WildFly Elytron FORM authentication with a session ID in the URL, an attacker could perform a session fixation attack. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se encontró un fallo en versión 1.11.3.Final y anteriores de WildFly Elytron. Cuando se usa la autenticación FORM de WildFly Elytron con un ID de sesión en la URL, un atacante podría llevar a cabo un ataque de fijación de sesión. • https://bugzilla.redhat.com/show_bug.cgi?id=1825714 https://security.netapp.com/advisory/ntap-20201223-0002 https://access.redhat.com/security/cve/CVE-2020-10714 • CWE-384: Session Fixation •