CVSS: 9.8EPSS: 1%CPEs: 61EXPL: 0CVE-2019-14379 – jackson-databind: default typing mishandling leading to remote code execution
https://notcve.org/view.php?id=CVE-2019-14379
29 Jul 2019 — SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution. El archivo SubTypeValidator.java en jackson-databind de FasterXML en versiones anteriores a la 2.9.9.2 maneja inapropiadamente la escritura predeterminada cuando se usa ehcache (debido a net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), lo que conlleva a la ejecuc... • http://seclists.org/fulldisclosure/2022/Mar/23 • CWE-502: Deserialization of Untrusted Data CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 7.5EPSS: 1%CPEs: 28EXPL: 0CVE-2019-10184 – undertow: Information leak in requests for directories without trailing slashes
https://notcve.org/view.php?id=CVE-2019-10184
25 Jul 2019 — undertow before version 2.0.23.Final is vulnerable to an information leak issue. Web apps may have their directory structures predicted through requests without trailing slashes via the api. Undertow en versiones anteriores a la 2.0.23.Final es vulnerable a un problema de fuga de información. Las aplicaciones web pueden tener sus estructuras de directorio predecibles a través de solicitudes sin barras finales mediante la API. Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, ... • https://access.redhat.com/errata/RHSA-2019:2935 • CWE-862: Missing Authorization •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-10157 – keycloak: Node.js adapter internal NBF can be manipulated leading to DoS.
https://notcve.org/view.php?id=CVE-2019-10157
11 Jun 2019 — It was found that Keycloak's Node.js adapter before version 4.8.3 did not properly verify the web token received from the server in its backchannel logout . An attacker with local access could use this to construct a malicious web token setting an NBF parameter that could prevent user access indefinitely. Se encontró que el adaptador Node.js de Keycloak antes de la versión 4.8.3 no verificó correctamente el token web recibido del servidor en su cierre de sesión de backchannel. Un atacante con acceso local p... • http://www.securityfocus.com/bid/108734 • CWE-287: Improper Authentication CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-3875 – keycloak: missing signatures validation on CRL used to verify client certificates
https://notcve.org/view.php?id=CVE-2019-3875
11 Jun 2019 — A vulnerability was found in keycloak before 6.0.2. The X.509 authenticator supports the verification of client certificates through the CRL, where the CRL list can be obtained from the URL provided in the certificate itself (CDP) or through the separately configured path. The CRL are often available over the network through unsecured protocols ('http' or 'ldap') and hence the caller should verify the signature and possibly the certification path. Keycloak currently doesn't validate signatures on CRL, which... • http://www.securityfocus.com/bid/108748 • CWE-295: Improper Certificate Validation CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2019-3872 – picketlink: reflected XSS in SAMLRequest via RelayState parameter
https://notcve.org/view.php?id=CVE-2019-3872
10 Jun 2019 — It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain unauthorized information or conduct further attacks. Se encontró que un SAMLRequest que contenía un script podía ser procesado por versiones de Picketlink enviadas en Jboss Application Platform 7.2.xy 7.1.x. Un atacante podría usar esto para enviar un script malicio... • http://www.securityfocus.com/bid/108732 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 5EXPL: 0CVE-2019-3873 – picketlink: URL injection via xinclude parameter
https://notcve.org/view.php?id=CVE-2019-3873
10 Jun 2019 — It was found that Picketlink as shipped with Jboss Enterprise Application Platform 7.2 would accept an xinclude parameter in SAMLresponse XML. An attacker could use this flaw to send a URL to achieve cross-site scripting or possibly conduct further attacks. Se encontró que Picketlink, tal como se distribuye con Jboss Enterprise Application Platform versión 7.2, aceptaría un parámetro xinclude en XML SAMLresponse. Un atacante podría usar esta fallo para enviar una URL para lograr cross-site scripting o posib... • http://www.securityfocus.com/bid/108739 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 3%CPEs: 14EXPL: 0CVE-2018-12022 – jackson-databind: improper polymorphic deserialization of types from Jodd-db library
https://notcve.org/view.php?id=CVE-2018-12022
17 Mar 2019 — An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Jodd-db jar (for database access for the Jodd framework) in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload. Se ha descubierto un problema en FasterXML jackson-databind, en versiones anteriores a la 2.7.9.4, 2.8.11.2 y 2.9.6. Cuando "Def... • http://www.securityfocus.com/bid/107585 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.5EPSS: 4%CPEs: 13EXPL: 0CVE-2018-12023 – jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver
https://notcve.org/view.php?id=CVE-2018-12023
17 Mar 2019 — An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Oracle JDBC jar in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload. Se ha descubierto un problema en FasterXML jackson-databind, en versiones anteriores a la 2.7.9.4, 2.8.11.2 y 2.9.6. Cuando "Default Typing" está habilitado (globalmente... • http://www.securityfocus.com/bid/105659 • CWE-502: Deserialization of Untrusted Data •
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2018-10934 – wildfly-core: Cross-site scripting (XSS) in JBoss Management Console
https://notcve.org/view.php?id=CVE-2018-10934
18 Feb 2019 — A cross-site scripting (XSS) vulnerability was found in the JBoss Management Console versions before 7.1.6.CR1, 7.1.6.GA. Users with roles that can create objects in the application can exploit this to attack other privileged users. Se ha descubierto una vulnerabilidad Cross-Site Scripting (XSS) en JBoss Management Console, en versiones anteriores a la 7.1.6.CR1 y la 7.1.6.GA. Los usuarios con roles que pueden crear objetos en la aplicación pueden explotar esto para atacar a otros usuarios privilegiados. Re... • https://access.redhat.com/errata/RHSA-2019:1159 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.1EPSS: 0%CPEs: 7EXPL: 0CVE-2018-14657 – keycloak: brute force protection not working for the entire login workflow
https://notcve.org/view.php?id=CVE-2018-14657
13 Nov 2018 — A flaw was found in Keycloak 4.2.1.Final, 4.3.0.Final. When TOPT enabled, an improper implementation of the Brute Force detection algorithm will not enforce its protection measures. Se ha descubierto un error en Keycloak 4.2.1.Final y 4.3.0.Final. Cuando TOPT está habilitado, la implementación incorrecta del algoritmo de detección de fuerza bruta no aplica sus medidas de protección. Red Hat Single Sign-On 7.2 is a standalone server, based on the Keycloak project, that provides authentication and standards-b... • https://access.redhat.com/errata/RHSA-2018:3592 • CWE-307: Improper Restriction of Excessive Authentication Attempts •