CVSS: 5.7EPSS: 0%CPEs: 22EXPL: 0CVE-2021-3426 – python: Information disclosure via pydoc
https://notcve.org/view.php?id=CVE-2021-3426
03 May 2021 — There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7. Se presenta un fallo en pydoc de Pytho... • https://bugzilla.redhat.com/show_bug.cgi?id=1935913 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.0EPSS: 0%CPEs: 6EXPL: 0CVE-2021-20288 – ceph: Unauthorized global_id reuse in cephx
https://notcve.org/view.php?id=CVE-2021-20288
15 Apr 2021 — An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHX_GET_AUTH_SESSION_KEY requests, it doesn't sanitize other_keys, allowing key reuse. An attacker who can request a global_id can exploit the ability of any user to request a global_id previously associated with another user, as ceph does not force the reuse of old keys to generate new ones. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Se enc... • https://bugzilla.redhat.com/show_bug.cgi?id=1938031 • CWE-287: Improper Authentication •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 1CVE-2021-20291 – containers/storage: DoS via malicious image
https://notcve.org/view.php?id=CVE-2021-20291
01 Apr 2021 — A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, wou... • https://bugzilla.redhat.com/show_bug.cgi?id=1939485 • CWE-667: Improper Locking •
CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0CVE-2020-25678 – ceph: mgr modules' passwords are in clear text in mgr logs
https://notcve.org/view.php?id=CVE-2020-25678
08 Jan 2021 — A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr logs for grafana and dashboard, with passwords visible. Se encontró un fallo en ceph en versiones anteriores a 16.yz, donde ceph almacena contraseñas del módulo mgr en texto sin cifrar. Esto puede ser encontrado al buscar en los registros mgr para grafana y dashboard, con contraseñas visibles A flaw was found in Ceph where Ceph stores mgr module passwords in ... • https://bugzilla.redhat.com/show_bug.cgi?id=1892109 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 1CVE-2020-35507 – Gentoo Linux Security Advisory 202107-24
https://notcve.org/view.php?id=CVE-2020-35507
04 Jan 2021 — There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. Se presenta un fallo en bfd_pef_parse_function_stubs de bfd/pef.c en binutils en versiones anteriores a la 2.34 que podría permitir a un atacante que sea capaz de enviar un archivo crafteado para ser procesado por objd... • https://bugzilla.redhat.com/show_bug.cgi?id=1911691 • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2020-27781 – ceph: User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila
https://notcve.org/view.php?id=CVE-2020-27781
18 Dec 2020 — User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share to an arbitrary cephx user, including existing users. The access key is retrieved via the interface drivers. Then, all users of the requesting OpenStack project can view the access key. This enables the attacker to target any resource that the user has access to. • https://bugzilla.redhat.com/show_bug.cgi?id=1900109 • CWE-522: Insufficiently Protected Credentials •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-25677 – ceph-ansible: insecure ownership on /etc/ceph/iscsi-gateway.conf configuration file
https://notcve.org/view.php?id=CVE-2020-25677
08 Dec 2020 — A flaw was found in Ceph-ansible v4.0.41 where it creates an /etc/ceph/iscsi-gateway.conf with insecure default permissions. This flaw allows any user on the system to read sensitive information within this file. The highest threat from this vulnerability is to confidentiality. Se ha encontrado un fallo en Ceph-ansible v4.0.41 en el que se crea un archivo /etc/ceph/iscsi-gateway.conf con permisos inseguros por defecto. Este fallo permite a cualquier usuario del sistema leer información sensible dentro de es... • https://bugzilla.redhat.com/show_bug.cgi?id=1892108 • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 6.1EPSS: 1%CPEs: 10EXPL: 2CVE-2020-27783 – python-lxml: mXSS due to the use of improper parser
https://notcve.org/view.php?id=CVE-2020-27783
03 Dec 2020 — A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A remote attacker could exploit this flaw to run arbitrary HTML/JS code. Se detectó una vulnerabilidad de tipo XSS en el módulo de limpieza de python-lxml. El analizador del módulo no imitaba apropiadamente los navegadores, lo que causaba comportamientos diferentes entre el sanitizador y la página del usuario. • https://advisory.checkmarx.net/advisory/CX-2020-4286 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2020-25660 – ceph: CEPHX_V2 replay attack protection lost
https://notcve.org/view.php?id=CVE-2020-25660
23 Nov 2020 — A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus. This flaw allows an attacker with access to the Ceph cluster network to authenticate with the Ceph service via a packet sniffer and perform actions allowed by the Ceph service. This issue is a reintroduction of CVE-2018-1128, affecting the msgr2 protocol. The msgr 2 protocol is used for all communication exce... • https://bugzilla.redhat.com/show_bug.cgi?id=1890354 • CWE-294: Authentication Bypass by Capture-replay •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2020-14318 – samba: Missing handle permissions check in SMB1/2/3 ChangeNotify
https://notcve.org/view.php?id=CVE-2020-14318
02 Nov 2020 — A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker. Se encontró un fallo en la manera en que samba manejaba los permisos de archivos y directorios. Un usuario autenticado podría usar este fallo para conseguir acceso a determinada información de archivos y directorios que de otra manera no estaría disponible para el atacante A flaw... • https://bugzilla.redhat.com/show_bug.cgi?id=1892631 • CWE-266: Incorrect Privilege Assignment CWE-269: Improper Privilege Management •