CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 1CVE-2022-27780
https://notcve.org/view.php?id=CVE-2022-27780
The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a *different* URL usingthe wrong host name when it is later retrieved.For example, a URL like `http://example.com%2F127.0.0.1/`, would be allowed bythe parser and get transposed into `http://example.com/127.0.0.1/`. This flawcan be used to circumvent filters, checks and more. El analizador de URLs de Curl acepta erróneamente separadores de URL codificados en porcentaje, como "/", cuando decodifica la parte del nombre del host de una URL, convirtiéndola en una URL *diferente* que usa un nombre de host incorrecto cuando es recuperado posteriormente. Por ejemplo, una URL como "http://example.com%2F127.0.0.1/", sería permitida por el analizador y sería transpuesta a "http://example.com/127.0.0.1/". Este fallo puede usarse para omitir filtros, comprobaciones y otras cosas • https://hackerone.com/reports/1553841 https://security.gentoo.org/glsa/202212-01 https://security.netapp.com/advisory/ntap-20220609-0009 • CWE-177: Improper Handling of URL Encoding (Hex Encoding) CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 8.1EPSS: 0%CPEs: 20EXPL: 1CVE-2022-22576 – curl: OAUTH2 bearer bypass in connection re-use
https://notcve.org/view.php?id=CVE-2022-22576
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only). Se presenta una vulnerabilidad de autenticación inapropiada en curl versiones 7.33.0 hasta 7.82.0 incluyéndola, que podría permitir reúso de conexiones autenticadas por OAUTH2 sin asegurarse apropiadamente de que la conexión fue autenticada con las mismas credenciales establecidas para esta transferencia. Esto afecta a los protocolos con SASL: SMPTP(S), IMAP(S), POP3(S) y LDAP(S) (sólo openldap) A vulnerability was found in curl. This security flaw allows reusing OAUTH2-authenticated connections without properly ensuring that the connection was authenticated with the same credentials set for this transfer. • https://hackerone.com/reports/1526328 https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html https://security.gentoo.org/glsa/202212-01 https://security.netapp.com/advisory/ntap-20220609-0008 https://www.debian.org/security/2022/dsa-5197 https://access.redhat.com/security/cve/CVE-2022-22576 https://bugzilla.redhat.com/show_bug.cgi?id=2077541 • CWE-287: Improper Authentication CWE-295: Improper Certificate Validation CWE-306: Missing Authentication for Critical Function •
CVSS: 5.3EPSS: 0%CPEs: 31EXPL: 0CVE-2022-21496 – OpenJDK: URI parsing inconsistencies (JNDI, 8278972)
https://notcve.org/view.php?id=CVE-2022-21496
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. • https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html https://security.netapp.com/advisory/ntap-20220429-0006 https://security.netapp.com/advisory/ntap-20240621-0006 https://www.debian.org/security/2022/dsa-5128 https://www.debian.org/security/2022/dsa-5131 https://www.oracle.com/security-alerts/cpuapr2022.html https://access.redhat.com/security/cve/CVE-2022-21496 https://bugzilla.redhat.com/show_bug.cgi?id=2075849 • CWE-1173: Improper Use of Validation Framework •
CVSS: 7.5EPSS: 0%CPEs: 155EXPL: 0CVE-2022-21476 – OpenJDK: Defective secure validation in Apache Santuario (Libraries, 8278008)
https://notcve.org/view.php?id=CVE-2022-21476
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. • https://lists.debian.org/debian-lts-announce/2022/05/msg00017.html https://security.netapp.com/advisory/ntap-20220429-0006 https://www.debian.org/security/2022/dsa-5128 https://www.debian.org/security/2022/dsa-5131 https://www.oracle.com/security-alerts/cpuapr2022.html https://access.redhat.com/security/cve/CVE-2022-21476 https://bugzilla.redhat.com/show_bug.cgi?id=2075842 • CWE-179: Incorrect Behavior Order: Early Validation •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 8CVE-2022-21449 – OpenJDK: Improper ECDSA signature verification (Libraries, 8277233)
https://notcve.org/view.php?id=CVE-2022-21449
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 17.0.2 and 18; Oracle GraalVM Enterprise Edition: 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. • https://github.com/notkmhn/CVE-2022-21449-TLS-PoC https://github.com/jfrog/jfrog-CVE-2022-21449 https://github.com/thack1/CVE-2022-21449 https://github.com/jmiettinen/CVE-2022-21449-vuln-test https://github.com/fundaergn/CVE-2022-21449 https://github.com/davwwwx/CVE-2022-21449 https://github.com/AlexanderZinoni/CVE-2022-21449 https://github.com/Skipper7718/CVE-2022-21449-showcase http://www.openwall.com/lists/oss-security/2022/04/28/2 http://www.openwall.com/lists& • CWE-347: Improper Verification of Cryptographic Signature •