CVE-2019-9514 – Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service
https://notcve.org/view.php?id=CVE-2019-9514
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. Algunas implementaciones de HTTP / 2 son vulnerables a una inundación de reinicio, lo que puede conducir a una denegación de servicio. El atacante abre una serie de secuencias y envía una solicitud no válida sobre cada secuencia que debería solicitar una secuencia de tramas RST_STREAM del par. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2019-09 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2019-10176 – atomic-openshift: CSRF tokens not refreshing while user is logged in and are exposed in the URL
https://notcve.org/view.php?id=CVE-2019-10176
A flaw was found in OpenShift Container Platform, versions 3.11 and later, in which the CSRF tokens used in the cluster console component were found to remain static during a user's session. An attacker with the ability to observe the value of this token would be able to re-use the token to perform a CSRF attack. Se detectó un fallo en OpenShift Container Platform, versiones 3.11 y posteriores, en la que se encontró que los tokens CSRF usados en el componente cluster console permanecían estáticos durante la sesión de un usuario. Un atacante con la capacidad de observar el valor de este token podría ser capaz de reutilizar el token para realizar un ataque de tipo CSRF. • https://access.redhat.com/errata/RHSA-2019:2792 https://access.redhat.com/errata/RHSA-2019:4053 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10176 https://access.redhat.com/security/cve/CVE-2019-10176 https://bugzilla.redhat.com/show_bug.cgi?id=1712569 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2019-10355 – jenkins-plugin-script-security: Sandbox bypass through type casts in Script Security Plugin
https://notcve.org/view.php?id=CVE-2019-10355
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts. Una vulnerabilidad de omisión del sandbox en el Plugin Script Security de Jenkins versión 1.61 y anteriores, relacionada con el manejo de conversiones de tipos permitió a los atacantes ejecutar código arbitrario en scripts del sandbox. A flaw was found in Jenkins Script Security plugin. Sandbox protection could be circumvented by casting crafted objects to other types allowing an attacker to specify sandboxed scripts to invoke constructors that weren't previously whitelisted. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. • http://www.openwall.com/lists/oss-security/2019/07/31/1 https://access.redhat.com/errata/RHSA-2019:2594 https://access.redhat.com/errata/RHSA-2019:2651 https://access.redhat.com/errata/RHSA-2019:2662 https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20%281%29 https://access.redhat.com/security/cve/CVE-2019-10355 https://bugzilla.redhat.com/show_bug.cgi?id=1735515 • CWE-704: Incorrect Type Conversion or Cast •
CVE-2019-10357 – jenkins-plugin-workflow-cps-global-lib: Missing permission check in Pipeline: Shared Groovy Libraries Plugin
https://notcve.org/view.php?id=CVE-2019-10357
A missing permission check in Jenkins Pipeline: Shared Groovy Libraries Plugin 2.14 and earlier allowed users with Overall/Read access to obtain limited information about the content of SCM repositories referenced by global libraries. Una falta de comprobación de permisos en el Plugin Shared Groovy Libraries de Jenkins Pipeline versión 2.14 y anteriores, permitió a los usuarios con acceso General y de Lectura obtener información limitada sobre el contenido de los repositorios SCM referenciados mediante las bibliotecas globales. • http://www.openwall.com/lists/oss-security/2019/07/31/1 https://access.redhat.com/errata/RHSA-2019:2594 https://access.redhat.com/errata/RHSA-2019:2651 https://access.redhat.com/errata/RHSA-2019:2662 https://jenkins.io/security/advisory/2019-07-31/#SECURITY1422 https://access.redhat.com/security/cve/CVE-2019-10357 https://bugzilla.redhat.com/show_bug.cgi?id=1735521 • CWE-284: Improper Access Control CWE-862: Missing Authorization •
CVE-2019-10356 – jenkins-plugin-script-security: Sandbox bypass through method pointer expressions in Script Security Plugin
https://notcve.org/view.php?id=CVE-2019-10356
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of method pointer expressions allowed attackers to execute arbitrary code in sandboxed scripts. Una vulnerabilidad de omisión de sandbox en el Plugin Script Security de Jenkins versión 1.61 y anteriores, relacionada con el manejo de expresiones de puntero de método permitió a los atacantes ejecutar código arbitrario en scripts del sandbox. A flaw was found in the Jenkins Script Security plugin. Sandbox protection could be circumvented through crafted subexpressions used as arguments to method pointer expressions. This allows attackers the ability to specify sandboxed scripts to execute arbitrary code in the context of the Jenkins master JVM. • http://www.openwall.com/lists/oss-security/2019/07/31/1 https://access.redhat.com/errata/RHSA-2019:2594 https://access.redhat.com/errata/RHSA-2019:2651 https://access.redhat.com/errata/RHSA-2019:2662 https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20%282%29 https://access.redhat.com/security/cve/CVE-2019-10356 https://bugzilla.redhat.com/show_bug.cgi?id=1735518 • CWE-20: Improper Input Validation •