CVSS: 5.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-44717 – golang: syscall: don't close fd 0 on ForkExec error
https://notcve.org/view.php?id=CVE-2021-44717
Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion. Go versiones anteriores a 1.16.12 y versiones 1.17.x anteriores a 1.17.5 en UNIX, permite operaciones de escritura en un archivo no deseado o en una conexión de red no deseada como consecuencia de un cierre erróneo del descriptor de archivo 0 tras el agotamiento del descriptor de archivo. There's a flaw in golang's syscall.ForkExec() interface. An attacker who manages to first cause a file descriptor exhaustion for the process, then cause syscall.ForkExec() to be called repeatedly, could compromise data integrity and/or confidentiality in a somewhat uncontrolled way in programs linked with and using syscall.ForkExec(). • https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf https://groups.google.com/g/golang-announce/c/hcmEScgc00k https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html https://security.gentoo.org/glsa/202208-02 https://access.redhat.com/security/cve/CVE-2021-44717 https://bugzilla.redhat.com/show_bug.cgi?id=2030806 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-404: Improper Resource Shutdown or Release •
CVSS: 8.8EPSS: 0%CPEs: 7EXPL: 0CVE-2021-40830 – Inconsistent CA override function behavior within AWS IoT Device SDKs on Unix systems
https://notcve.org/view.php?id=CVE-2021-40830
The AWS IoT Device SDK v2 for Java, Python, C++ and Node.js appends a user supplied Certificate Authority (CA) to the root CAs instead of overriding it on Unix systems. TLS handshakes will thus succeed if the peer can be verified either from the user-supplied CA or the system’s default trust-store. Attackers with access to a host’s trust stores or are able to compromise a certificate authority already in the host's trust store (note: the attacker must also be able to spoof DNS in this case) may be able to use this issue to bypass CA pinning. An attacker could then spoof the MQTT broker, and either drop traffic and/or respond with the attacker's data, but they would not be able to forward this data on to the MQTT broker because the attacker would still need the user's private keys to authenticate against the MQTT broker. The 'aws_tls_ctx_options_override_default_trust_store_*' function within the aws-c-io submodule has been updated to override the default trust store. • https://github.com/aws/aws-iot-device-sdk-cpp-v2 https://github.com/aws/aws-iot-device-sdk-java-v2 https://github.com/aws/aws-iot-device-sdk-js-v2 https://github.com/aws/aws-iot-device-sdk-python-v2 https://github.com/awslabs/aws-c-io • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2021-29825
https://notcve.org/view.php?id=CVE-2021-29825
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) could disclose sensitive information when using ADMIN_CMD with LOAD or BACKUP. IBM X-Force ID: 204470. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) podría divulgar información confidencial cuando se usa ADMIN_CMD con LOAD o BACKUP. IBM X-Force ID: 204470 • https://exchange.xforce.ibmcloud.com/vulnerabilities/204470 https://security.netapp.com/advisory/ntap-20211029-0005 https://www.ibm.com/support/pages/node/6489499 •
CVSS: 5.1EPSS: 0%CPEs: 7EXPL: 0CVE-2021-29763
https://notcve.org/view.php?id=CVE-2021-29763
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 under very specific conditions, could allow a local user to keep running a procedure that could cause the system to run out of memory.and cause a denial of service. IBM X-Force ID: 202267. IBM Db2 para Linux, UNIX y Windows (incluye Db2 Connect Server) 11.1 y 11.5, en condiciones muy específicas, podría permitir a un usuario local seguir ejecutando un procedimiento que podría causar que el sistema se quedara sin memoria y causar una denegación de servicio. IBM X-Force ID: 202267 • https://exchange.xforce.ibmcloud.com/vulnerabilities/202267 https://security.netapp.com/advisory/ntap-20211029-0005 https://www.ibm.com/support/pages/node/6489493 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2021-21384 – Null characters not escaped in shescape
https://notcve.org/view.php?id=CVE-2021-21384
shescape is a simple shell escape package for JavaScript. In shescape before version 1.1.3, anyone using _Shescape_ to defend against shell injection may still be vulnerable against shell injection if the attacker manages to insert a into the payload. For an example see the referenced GitHub Security Advisory. The problem has been patched in version 1.1.3. No further changes are required. shescape es un paquete de escape de shell simple para JavaScript. • https://github.com/ericcornelissen/shescape/commit/07a069a66423809cbedd61d980c11ca44a29ea2b https://github.com/ericcornelissen/shescape/releases/tag/v1.1.3 https://github.com/ericcornelissen/shescape/security/advisories/GHSA-f2rp-38vg-j3gh https://www.npmjs.com/package/shescape • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •