CVSS: 6.5EPSS: 0%CPEs: 27EXPL: 0CVE-2019-14900 – hibernate: SQL injection issue in Hibernate ORM
https://notcve.org/view.php?id=CVE-2019-14900
A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. Se encontró un fallo en Hibernate ORM en versiones anteriores a 5.3.18, 5.4.18 y 5.5.0.Beta1. Una inyección SQL en la implementación de la API JPA Criteria puede permitir literales no saneados cuando es usado un literal en las partes de la consulta SELECT o GROUP BY. • https://bugzilla.redhat.com/show_bug.cgi?id=1666499 https://lists.apache.org/thread.html/r833c1276e41334fa675848a08daf0c61f39009f9f9a400d9f7006d44%40%3Cdev.turbine.apache.org%3E https://security.netapp.com/advisory/ntap-20220210-0020 https://access.redhat.com/security/cve/CVE-2019-14900 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2020-10705 – undertow: Memory exhaustion issue in HttpReadListener via "Expect: 100-continue" header
https://notcve.org/view.php?id=CVE-2020-10705
A flaw was discovered in Undertow in versions before Undertow 2.1.1.Final where certain requests to the "Expect: 100-continue" header may cause an out of memory error. This flaw may potentially lead to a denial of service. Se detectó una fallo en Undertow versiones anteriores a Undertow 2.1.1.Final, donde ciertas peticiones al encabezado "Expect: 100-continue" pueden causar un error de falta de memoria. Este defecto puede conllevar potencialmente a una denegación de servicio A flaw was discovered in Undertow where certain requests to the "Expect: 100-continue" header may cause an out of memory error. This flaw may potentially lead to a denial of service. • https://bugzilla.redhat.com/show_bug.cgi?id=1803241 https://security.netapp.com/advisory/ntap-20220210-0014 https://access.redhat.com/security/cve/CVE-2020-10705 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 0%CPEs: 24EXPL: 0CVE-2020-10719 – undertow: invalid HTTP request with large chunk size
https://notcve.org/view.php?id=CVE-2020-10719
A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling. Se detectó un fallo en Undertow en versiones anteriores a 2.1.1.Final, con respecto al procesamiento de peticiones HTTP no válidas con tamaños de fragmentos grandes. Este fallo permite a un atacante tomar ventaja del tráfico no autorizado de peticiones HTTP. A flaw was found in Undertow, regarding the processing of invalid HTTP requests with large chunk sizes. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10719 https://security.netapp.com/advisory/ntap-20220210-0014 https://access.redhat.com/security/cve/CVE-2020-10719 https://bugzilla.redhat.com/show_bug.cgi?id=1828459 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 5.3EPSS: 0%CPEs: 13EXPL: 0CVE-2020-10693 – hibernate-validator: Improper input validation in the interpolation of constraint error messages
https://notcve.org/view.php?id=CVE-2020-10693
A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping) controls that developers may have put in place when handling user-controlled data in error messages. Se encontró un fallo en Hibernate Validator versión 6.1.2.Final. Un error en el procesador de interpolación de mensajes permite evaluar expresiones EL no válidas como si fueran válidas. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10693 https://lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4%40%3Cpluto-scm.portals.apache.org%3E https://lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c%40%3Cpluto-dev.portals.apache.org%3E https://lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a%40%3Cpluto-dev.portals.apache.org%3E https://www.oracle.com/security-alerts/cpuapr2022.html https://access.redhat.com/security/cve/CVE-202 • CWE-20: Improper Input Validation •
CVSS: 4.9EPSS: 0%CPEs: 4EXPL: 0CVE-2020-1732 – Soteria: security identity corruption across concurrent threads
https://notcve.org/view.php?id=CVE-2020-1732
A flaw was found in Soteria before 1.0.1, in a way that multiple requests occurring concurrently causing security identity corruption across concurrent threads when using EE Security with WildFly Elytron which can lead to the possibility of being handled using the identity from another request. Se encontró un fallo en Soteria versiones anteriores a la versión 1.0.1, en un modo en el que múltiples peticiones pueden ocurrir simultáneamente causan una corrupción de identidad de seguridad por medio de subprocesos (hilos) concurrentes cuando se usa EE Security con WildFly Elytron, lo que puede conllevar a una posibilidad de que se maneje usando la identidad de otra petición . A flaw was found in WildFly where multiple requests occurring concurrently could be handled using the identity of another request. This vulnerability occurs when using EE Security with WildFly Elytron. The largest threat from this vulnerability is data confidentiality and integrity. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1732 https://github.com/wildfly-security/soteria/commit/c2479f8c39d7d661341fdcaff7f5e97c5eea1a54 https://access.redhat.com/security/cve/CVE-2020-1732 https://bugzilla.redhat.com/show_bug.cgi?id=1801726 • CWE-20: Improper Input Validation CWE-284: Improper Access Control •