CVSS: 7.5EPSS: 0%CPEs: 27EXPL: 0CVE-2019-12399 – kafka: Connect REST API exposes plaintext secrets in tasks endpoint
https://notcve.org/view.php?id=CVE-2019-12399
When Connect workers in Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, or 2.3.0 are configured with one or more config providers, and a connector is created/updated on that Connect cluster to use an externalized secret variable in a substring of a connector configuration property value, then any client can issue a request to the same Connect cluster to obtain the connector's task configuration and the response will contain the plaintext secret rather than the externalized secrets variables. Cuando los trabajadores de Connect en Apache Kafka versiones 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1 o 2.3.0, son configurados con uno o más proveedores de configuración, y un conector es creado y actualizado sobre este clúster Connect para usar una variable secreta externalizada en una subcadena de un valor de propiedad de configuración del conector, cualquier cliente puede emitir una petición al mismo clúster de Connect para obtener la configuración de tareas del conector y la respuesta contendrá el secreto de texto plano en lugar de las variables secretas externalizadas. • http://www.openwall.com/lists/oss-security/2020/01/14/1 https://lists.apache.org/thread.html/r0e3a613705d70950aca2bfe9a6265c87503921852d9a3dbce512ca9f%40%3Ccommits.druid.apache.org%3E https://lists.apache.org/thread.html/r2d390dec5f360ec8aa294bef18e1a4385e2a3698d747209216f5a48b%40%3Ccommits.druid.apache.org%3E https://lists.apache.org/thread.html/r3154f5adbc905f1f9012a92240c8e00a96628470cc819453b9606d0e%40%3Ccommits.druid.apache.org%3E https://lists.apache.org/thread.html/r3203d7f25a6ca56ff3e48c43a6aa7cb60b8e5d57d0eed9f76dc2b7a8%40%3Ccommits.druid.apache.org%3E https:/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 5.8EPSS: 0%CPEs: 7EXPL: 1CVE-2019-11269 – Open Redirector in spring-security-oauth2
https://notcve.org/view.php?id=CVE-2019-11269
Spring Security OAuth versions 2.3 prior to 2.3.6, 2.2 prior to 2.2.5, 2.1 prior to 2.1.5, and 2.0 prior to 2.0.18, as well as older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. A malicious user or attacker can craft a request to the authorization endpoint using the authorization code grant type, and specify a manipulated redirection URI via the redirect_uri parameter. This can cause the authorization server to redirect the resource owner user-agent to a URI under the control of the attacker with the leaked authorization code. Spring Security OAuth versiones 2.3 anteriores a 2.3.6, 2.2 anteriores a 2.2.5, 2.1 anteriores a 2.1.5 y 2.0 anteriores a 2.0.18, así como versiones anteriores no compatibles podrían ser susceptibles a un ataque de redirector abierto que pueda filtrar un código de autorización. Un usuario o atacante malicioso puede crear una solicitud para el punto final de autorización utilizando el tipo de concesión de código de autorización y especificar un URI de redireccionamiento manipulado a través del parámetro redirect_uri. • https://www.exploit-db.com/exploits/47000 http://packetstormsecurity.com/files/153299/Spring-Security-OAuth-2.3-Open-Redirection.html https://pivotal.io/security/cve-2019-11269 https://www.oracle.com/security-alerts/cpujan2021.html • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 9.8EPSS: 0%CPEs: 32EXPL: 0CVE-2019-0228
https://notcve.org/view.php?id=CVE-2019-0228
Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XFDF. Apache PDFBox versión 2.0.14 no inicializa correctamente el analizador XML, lo que permite a los atacantes dependientes del contexto realizar ataques de Entidades Externas XML (XXE) por medio de un XFDF creado. • https://lists.apache.org/thread.html/1a3756557f8cb02790b7183ccf7665ae23f608a421c4f723113bca79%40%3Cusers.pdfbox.apache.org%3E https://lists.apache.org/thread.html/8a19bd6d43e359913341043c2a114f91f9e4ae170059539ad1f5673c%40%3Ccommits.tika.apache.org%3E https://lists.apache.org/thread.html/bc8db1bf459f1ad909da47350ed554ee745abe9f25f2b50cad4e06dd%40%3Cserver-dev.james.apache.org%3E https://lists.apache.org/thread.html/be86fcd7cd423a3fe6b73a3cb9d7cac0b619d0deb99e6b5d172c98f4%40%3Ccommits.tika.apache.org%3E https://lists.apache.org/thread.html/r0a2141abeddae66dd57025f1681c8425834062b7c0c7e0b1d830a95d&# • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 2CVE-2019-3778 – Open Redirect in spring-security-oauth2
https://notcve.org/view.php?id=CVE-2019-3778
Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to 2.2.4, and 2.1 prior to 2.1.4, and 2.0 prior to 2.0.17, and older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. A malicious user or attacker can craft a request to the authorization endpoint using the authorization code grant type, and specify a manipulated redirection URI via the "redirect_uri" parameter. This can cause the authorization server to redirect the resource owner user-agent to a URI under the control of the attacker with the leaked authorization code. This vulnerability exposes applications that meet all of the following requirements: Act in the role of an Authorization Server (e.g. @EnableAuthorizationServer) and uses the DefaultRedirectResolver in the AuthorizationEndpoint. • https://www.exploit-db.com/exploits/47000 https://github.com/BBB-man/CVE-2019-3778-Spring-Security-OAuth-2.3-Open-Redirection http://packetstormsecurity.com/files/153299/Spring-Security-OAuth-2.3-Open-Redirection.html http://www.securityfocus.com/bid/107153 https://pivotal.io/security/cve-2019-3778 https://www.oracle.com/security-alerts/cpujan2021.html • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •