CVSS: 4.0EPSS: 0%CPEs: 33EXPL: 1CVE-2021-28163 – jetty: Symlink directory exposes webapp directory contents
https://notcve.org/view.php?id=CVE-2021-28163
In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp, inadvertently serving the webapps themselves and anything else that might be in that directory. En Eclipse Jetty versiones 9.4.32 hasta 9.4.38, versiones 10.0.0.beta2 hasta 10.0.1 y versiones 11.0.0.beta2 hasta 11.0.1, si un usuario usa un directorio de aplicaciones web que es un enlace simbólico, el contenido del directorio de aplicaciones web se implementa como una aplicación web estática, sin darse cuenta, sirviendo las aplicaciones web en sí y cualquier otra cosa que pueda estar en ese directorio. If the ${jetty.base} directory or the ${jetty.base}/webapps directory is a symlink the contents of the ${jetty.base}/webapps directory may be deployed as a static web application, exposing the content of the directory for download. The highest threat from this vulnerability is to data confidentiality. • https://github.com/eclipse/jetty.project/security/advisories/GHSA-j6qj-j888-vvgq https://lists.apache.org/thread.html/r0841b06b48324cfc81325de3c05a92e53f997185f9d71ff47734d961%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r111f1ce28b133a8090ca4f809a1bdf18a777426fc058dc3a16c39c66%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r2ea2f0541121f17e470a0184843720046c59d4bde6d42bf5ca6fad81%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r4a66bfbf62281e31bc1345ebecbfd96f35199eecd77bfe4e903e906f%40%3Cissues.ignite.apache.org%3 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 2%CPEs: 23EXPL: 2CVE-2020-27223 – jetty: request containing multiple Accept headers with a large number of "quality" parameters may lead to DoS
https://notcve.org/view.php?id=CVE-2020-27223
In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those quality values, resulting in minutes of CPU time exhausted processing those quality values. En Eclipse Jetty versiones 9.4.6.v20170531 hasta 9.4.36.v20210114 (inclusive), versiones 10.0.0 y 11.0.0, cuando Jetty maneja una petición que contiene múltiples encabezados Accept con una gran cantidad de parámetros “quality” (es decir, q), el servidor puede entrar en un estado de denegación de servicio (DoS) debido al alto uso de CPU procesando esos valores de calidad, resultando en minutos de tiempo de CPU agotados procesando esos valores de calidad • https://github.com/motikan2010/CVE-2020-27223 https://github.com/ttestoo/Jetty-CVE-2020-27223 https://bugs.eclipse.org/bugs/show_bug.cgi?id=571128 https://github.com/eclipse/jetty.project/security/advisories/GHSA-m394-8rww-3jr7 https://lists.apache.org/thread.html/r068dfd35ce2193f6af28b74ff29ab148c2b2cacb235995576f5bea78%40%3Cissues.solr.apache.org%3E https://lists.apache.org/thread.html/r07aedcb1ece62969c406cb84c8f0e22cec7e42cdc272f3176e473320%40%3Cusers.solr.apache.org%3E https://lists.apache.org/thread.html/r0b639bd9bfaea2650221 • CWE-400: Uncontrolled Resource Consumption CWE-407: Inefficient Algorithmic Complexity •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2020-8584
https://notcve.org/view.php?id=CVE-2020-8584
Element OS versions prior to 1.8P1 and 12.2 are susceptible to a vulnerability that could allow an unauthenticated remote attacker to perform arbitrary code execution. Las versiones anteriores a 1.8P1 y 12.2 de Element OS, son susceptibles a una vulnerabilidad que podría permitir a un atacante remoto no autenticado llevar a cabo una ejecución código arbitraria • https://security.netapp.com/advisory/ntap-20210108-0008 •
CVSS: 7.0EPSS: 0%CPEs: 13EXPL: 1CVE-2020-29368 – kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check
https://notcve.org/view.php?id=CVE-2020-29368
An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1. Se detectó un problema en la función __split_huge_pmd en el archivo mm/huge_memory.c en el kernel de Linux versiones anteriores a 5.7.5. La implementación copy-on-write puede otorgar acceso de escritura no previsto debido a una condición de carrera en una comprobación de conteo de mapas THP, también se conoce como CID-c444eb564fb1 An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check. • https://bugs.chromium.org/p/project-zero/issues/detail?id=2045 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.5 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c444eb564fb16645c172d550359cb3d75fe8a040 https://security.netapp.com/advisory/ntap-20210108-0002 https://access.redhat.com/security/cve/CVE-2020-29368 https://bugzilla.redhat.com/show_bug.cgi?id=1903244 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-8582
https://notcve.org/view.php?id=CVE-2020-8582
Element Software versions prior to 12.2 and HCI versions prior to 1.8P1 are susceptible to a vulnerability which could allow an authenticated user to view sensitive information. Element Software versiones anteriores a 12.2 y HCI versiones anteriores a 1.8P1, son susceptibles a una vulnerabilidad que podría permitir a un usuario autenticado visualizar información confidencial • https://security.netapp.com/advisory/NTAP-20201113-0007 •