Page 6 of 42 results (0.014 seconds)

CVSS: 8.6EPSS: 0%CPEs: 31EXPL: 0

A flaw was found in Wildfly 9.x. A path traversal vulnerability through the org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource method could lead to information disclosure of arbitrary local files. Se ha encontrado un fallo en Wildfly 9.x. Una vulnerabilidad de salto de directorio a través del método org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource podría llevar a la revelación de información de archivos locales arbitrarios. A path traversal vulnerability was discovered in Undertow's org.wildfly.extension.undertow.deployment.ServletResourceManager.getResource method. • https://access.redhat.com/errata/RHSA-2018:1247 https://access.redhat.com/errata/RHSA-2018:1248 https://access.redhat.com/errata/RHSA-2018:1249 https://access.redhat.com/errata/RHSA-2018:1251 https://access.redhat.com/errata/RHSA-2018:2938 https://bugzilla.redhat.com/show_bug.cgi?id=1528361 https://issues.jboss.org/browse/WFLY-9620 https://access.redhat.com/security/cve/CVE-2018-1047 • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 8.1EPSS: 9%CPEs: 17EXPL: 0

FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 and CVE-2017-17485 deserialization flaws. This is exploitable via two different gadgets that bypass a blacklist. FasterXML jackson-databind, hasta la versión 2.8.11 y las versiones 2.9.x hasta la 2.9.3, permite la ejecución remota de código sin autenticar debido a una solución incompleta para los errores de deserialización CVE-2017-7525 y CVE-2017-17485. Esto es explotable mediante dos gadgets diferentes que omiten una lista negra. A deserialization flaw was discovered in the jackson-databind that could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. • https://access.redhat.com/errata/RHSA-2018:0478 https://access.redhat.com/errata/RHSA-2018:0479 https://access.redhat.com/errata/RHSA-2018:0480 https://access.redhat.com/errata/RHSA-2018:0481 https://access.redhat.com/errata/RHSA-2018:1525 https://access.redhat.com/errata/RHSA-2019:2858 https://access.redhat.com/errata/RHSA-2019:3149 https://github.com/FasterXML/jackson-databind/issues/1899 https://security.netapp.com/advisory/ntap-20180423-0002 https://support.hpe.com/h • CWE-184: Incomplete List of Disallowed Inputs CWE-502: Deserialization of Untrusted Data •

CVSS: 9.8EPSS: 14%CPEs: 21EXPL: 2

FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring libraries are available in the classpath. FasterXML jackson-databind hasta la versión 2.8.10 y 2.9.x hasta la 2.9.3 permite que se ejecute código de manera remota y no autenticada debido a una solución incompleta de la vulnerabilidad de deserialización CVE-2017-7525. Esto es explotable enviando una entrada JSON manipulada maliciosamente al método readValue de ObjectMapper, omitiendo una lista negra que no es efectiva si las librerías Spring están disponibles en el classpath. A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. • https://github.com/Al1ex/CVE-2017-17485 https://github.com/tafamace/CVE-2017-17485 http://www.securityfocus.com/archive/1/541652/100/0/threaded https://access.redhat.com/errata/RHSA-2018:0116 https://access.redhat.com/errata/RHSA-2018:0342 https://access.redhat.com/errata/RHSA-2018:0478 https://access.redhat.com/errata/RHSA-2018:0479 https://access.redhat.com/errata/RHSA-2018:0480 https://access.redhat.com/errata/RHSA-2018:0481 https://access.redhat.com/errata/RHS • CWE-502: Deserialization of Untrusted Data •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

It was discovered that Undertow before 1.4.17, 1.3.31 and 2.0.0 processes http request headers with unusual whitespaces which can cause possible http request smuggling. Se ha descubierto que Undertow en versiones anteriores a la 1.4.17, 1.3.31 y 2.0.0 procesa cabeceras de petición HTTP con espacios en blanco inusuales que pueden provocar HTTP Request Smuggling. It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling. • https://access.redhat.com/errata/RHSA-2017:3454 https://access.redhat.com/errata/RHSA-2017:3455 https://access.redhat.com/errata/RHSA-2017:3456 https://access.redhat.com/errata/RHSA-2017:3458 https://access.redhat.com/errata/RHSA-2018:0002 https://access.redhat.com/errata/RHSA-2018:0003 https://access.redhat.com/errata/RHSA-2018:0004 https://access.redhat.com/errata/RHSA-2018:0005 https://access.redhat.com/errata/RHSA-2018:1322 https://bugzilla.redhat.com/show_bug. • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

It was found that the improper default permissions on /tmp/auth directory in JBoss Enterprise Application Platform before 7.1.0 can allow any local user to connect to CLI and allow the user to execute any arbitrary operations. Se ha detectado que los permisos incorrectos por defecto en el directorio /tmp/auth en JBoss Enterprise Application Platform en versiones anteriores a la 7.1.0 pueden permitir que cualquier usuario local se conecte a la interfaz de línea de comandos y ejecute cualquier operación arbitraria. It was found that the improper default permissions on /tmp/auth directory in EAP 7 can allow any local user to connect to CLI and allow the user to execute any arbitrary operations. • https://access.redhat.com/errata/RHSA-2017:3456 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7066 https://access.redhat.com/security/cve/CVE-2016-7066 https://bugzilla.redhat.com/show_bug.cgi?id=1401661 • CWE-266: Incorrect Privilege Assignment CWE-275: Permission Issues •