Page 7 of 382 results (0.018 seconds)

CVSS: 5.8EPSS: 0%CPEs: 136EXPL: 1

CVE-2021-29425 – Possible limited path traversal vulnerabily in Apache Commons IO

https://notcve.org/view.php?id=CVE-2021-29425

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value. En Apache Commons IO versiones anteriores a 2.7, Cuando se invoca el método FileNameUtils.normalize con una cadena de entrada inapropiada, como "//../foo" o "\\..\ foo", el resultado sería el mismo valor, por lo que posiblemente proporcionar acceso a archivos en el directorio principal, pero no más arriba (por lo tanto, salto de ruta "limited"), si el código de llamada usara el resultado para construir un valor de ruta • https://issues.apache.org/jira/browse/IO-556 https://lists.apache.org/thread.html/r01b4a1fcdf3311c936ce33d75a9398b6c255f00c1a2f312ac21effe1%40%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r0bfa8f7921abdfae788b1f076a12f73a92c93cc0a6e1083bce0027c5%40%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r0d73e2071d1f1afe1a15da14c5b6feb2cf17e3871168d5a3c8451436%40%3Ccommits.pulsar.apache.org%3E https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71%40%3Ccommits.pulsar.apache.org%3E https:/ • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0

CVE-2021-20270 – python-pygments: Infinite loop in SML lexer may lead to DoS

https://notcve.org/view.php?id=CVE-2021-20270

An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword. Un bucle infinito en SMLLexer en Pygments versiones 1.5 hasta 2.7.3, puede conllevar a una denegación de servicio cuando se lleva a cabo el resaltado de sintaxis de un archivo fuente de Standard ML (SML), como es demostrado por la entrada que solo contiene la palabra clave "exception" • https://bugzilla.redhat.com/show_bug.cgi?id=1922136 https://lists.debian.org/debian-lts-announce/2021/05/msg00003.html https://lists.debian.org/debian-lts-announce/2021/05/msg00006.html https://www.debian.org/security/2021/dsa-4889 https://www.oracle.com/security-alerts/cpuoct2021.html https://access.redhat.com/security/cve/CVE-2021-20270 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 6.4EPSS: 0%CPEs: 32EXPL: 0

CVE-2020-15705 – GRUB2: avoid loading unsigned kernels when GRUB is booted directly under secureboot without shim

https://notcve.org/view.php?id=CVE-2020-15705

GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions. GRUB2 presenta un fallo al comprobar la firma del kernel cuando se inicia directamente sin cuña, permitiendo que el arranque seguro sea omitido. Esto solo afecta a los sistemas en los que el certificado de firma del kernel ha sido importado directamente a la base de datos de arranque seguro y la imagen de GRUB es iniciada directamente sin el uso de cuña. • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00067.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00069.html http://ubuntu.com/security/notices/USN-4432-1 http://www.openwall.com/lists/oss-security/2020/07/29/3 http://www.openwall.com/lists/oss-security/2021/03/02/3 http://www.openwall.com/lists/oss-security/2021/09/17/2 http://www.openwall.com/lists/oss-security/2021/09/17/4 http://www.openwall.com/lists/oss-security&#x • CWE-347: Improper Verification of Cryptographic Signature CWE-440: Expected Behavior Violation •

CVSS: 6.4EPSS: 0%CPEs: 36EXPL: 0

CVE-2020-15706 – GRUB2 contains a race condition leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing.

https://notcve.org/view.php?id=CVE-2020-15706

GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions. GRUB2 contiene una condición de carrera en la función grub_script_function_create() que conlleva a una vulnerabilidad de uso de la memoria previamente liberada la cual puede ser desencadenada al redefinir una función mientras la misma función ya se está ejecutando, conllevando a una ejecución de código arbitrario y a una omisión de restricción de arranque seguro. Este problema afecta a GRUB2 versiones 2.04 y versiones anteriores • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html http://ubuntu.com/security/notices/USN-4432-1 http://www.openwall.com/lists/oss-security/2020/07/29/3 https://access.redhat.com/security/vulnerabilities/grub2bootloader https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200011 https://security.gentoo.org/ • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •

CVSS: 6.4EPSS: 0%CPEs: 33EXPL: 1

CVE-2020-15707 – GRUB2 contained integer overflows when handling the initrd command, leading to a heap-based buffer overflow.

https://notcve.org/view.php?id=CVE-2020-15707

Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions. Se detectaron desbordamientos de enteros en las funciones grub_cmd_initrd y grub_initrd_init en el componente efilinux de GRUB2, como se incluye en Debian, Red Hat y Ubuntu (la funcionalidad no está incluida aguas arriba de GRUB2), conllevando a un desbordamiento del búfer en la región heap de la memoria. • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html http://ubuntu.com/security/notices/USN-4432-1 http://www.openwall.com/lists/oss-security/2020/07/29/3 https://access.redhat.com/security/vulnerabilities/grub2bootloader https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200011 https://security.gentoo.org/ • CWE-190: Integer Overflow or Wraparound CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •