CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-31863
https://notcve.org/view.php?id=CVE-2021-31863
28 Apr 2021 — Insufficient input validation in the Git repository integration of Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows Redmine users to read arbitrary local files accessible by the application server process. Una comprobación insuficiente de entrada en la integración del repositorio Git de Redmine versiones anteriores a 4.0.9, versiones 4.1.x anteriores a 4.1.3 y versiones 4.2.x anteriores a 4.2.1, permite a usuarios de Redmine leer archivos locales arbitrarios accesibles por el proceso ... • https://lists.debian.org/debian-lts-announce/2021/05/msg00013.html • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-31864
https://notcve.org/view.php?id=CVE-2021-31864
28 Apr 2021 — Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the add_issue_notes permission requirement by leveraging the incoming mail handler. Redmine versiones anteriores a 4.0.9, versiones 4.1.x anteriores a 4.1.3 y versiones 4.2.x anteriores a 4.2.1, permite a atacantes omitir el requisito de permiso de la función add_issue_notes al aprovechar el controlador de correo entrante • https://lists.debian.org/debian-lts-announce/2021/05/msg00013.html •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2021-31865
https://notcve.org/view.php?id=CVE-2021-31865
28 Apr 2021 — Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows users to circumvent the allowed filename extensions of uploaded attachments. Redmine versiones anteriores a 4.0.9, versiones 4.1.x anteriores a 4.1.3 y versiones 4.2.x anteriores a 4.2.1, permite a usuarios omitir unas extensiones de nombre de archivo permitidas de archivos adjuntos cargados • https://lists.debian.org/debian-lts-announce/2021/05/msg00013.html •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-31866
https://notcve.org/view.php?id=CVE-2021-31866
28 Apr 2021 — Redmine before 4.0.9 and 4.1.x before 4.1.3 allows an attacker to learn the values of internal authentication keys by observing timing differences in string comparison operations within SysController and MailHandlerController. Redmine versiones anteriores a 4.0.9 y versiones 4.1.x anteriores a 4.1.3, permite a un atacante aprender los valores de las claves de autenticación internas al observar las diferencias de tiempo en las operaciones de comparación de cadenas dentro de las funciones SysController y Mail... • https://lists.debian.org/debian-lts-announce/2021/05/msg00013.html • CWE-203: Observable Discrepancy •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-27823 – openjpeg: heap-buffer-overflow write in opj_tcd_dc_level_shift_encode()
https://notcve.org/view.php?id=CVE-2020-27823
28 Apr 2021 — A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Se encontró un fallo en el codificador de OpenJPEG. Este fallo permite a un atacante pasar una entrada de desplazamiento x,y especialmente diseñada a OpenJPEG para usarla durante la codificación. • https://bugzilla.redhat.com/show_bug.cgi?id=1905762 • CWE-20: Improper Input Validation CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2020-27824 – openjpeg: global-buffer-overflow read in opj_dwt_calc_explicit_stepsizes()
https://notcve.org/view.php?id=CVE-2020-27824
28 Apr 2021 — A flaw was found in OpenJPEG’s encoder in the opj_dwt_calc_explicit_stepsizes() function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability. Se encontró un fallo en el codificador de OpenJPEG en la función opj_dwt_calc_explicit_stepsizes(). Este fallo permite a un atacante que puede suministrar una entrada diseñada a niveles de descomposición para causar un desbordamiento del... • https://github.com/pazhanivel07/openjpeg-2.3.0_CVE-2020-27824 • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 3%CPEs: 6EXPL: 1CVE-2021-29472 – Missing argument delimiter can lead to code execution via VCS repository URLs or source download URLs on systems with Mercurial in composer
https://notcve.org/view.php?id=CVE-2021-29472
27 Apr 2021 — Composer is a dependency manager for PHP. URLs for Mercurial repositories in the root composer.json and package source download URLs are not sanitized correctly. Specifically crafted URL values allow code to be executed in the HgDriver if hg/Mercurial is installed on the system. The impact to Composer users directly is limited as the composer.json file is typically under their own control and source download URLs can only be supplied by third party Composer repositories they explicitly trust to download and... • https://blog.sonarsource.com/php-supply-chain-attack-on-composer • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2019-25031 – Ubuntu Security Notice USN-4938-1
https://notcve.org/view.php?id=CVE-2019-25031
27 Apr 2021 — Unbound before 1.9.5 allows configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle attack against a cleartext HTTP session. NOTE: The vendor does not consider this a vulnerability of the Unbound software. create_unbound_ad_servers.sh is a contributed script from the community that facilitates automatic configuration creation. It is not part of the Unbound installation ** EN DISPUTA ** Unbound versiones anteriores a 1.9.5, permite la inyección de configuración en el archi... • https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-25032 – unbound: integer overflow in the regional allocator via regional_alloc
https://notcve.org/view.php?id=CVE-2019-25032
27 Apr 2021 — Unbound before 1.9.5 allows an integer overflow in the regional allocator via regional_alloc. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited ** EN DISPUTA ** Unbound versiones anteriores a 1.9.5, permite un desbordamiento de enteros en el asignador regional por medio de la función regional_alloc. NOTA: El proveedor niega que esto sea una vulnerabilidad. Aunque el código puede ser vulnerable, ... • https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-25033 – unbound: integer overflow in the regional allocator via the ALIGN_UP macro
https://notcve.org/view.php?id=CVE-2019-25033
27 Apr 2021 — Unbound before 1.9.5 allows an integer overflow in the regional allocator via the ALIGN_UP macro. NOTE: The vendor disputes that this is a vulnerability. Although the code may be vulnerable, a running Unbound installation cannot be remotely or locally exploited ** EN DISPUTA ** Unbound versiones anteriores a 1.9.5, permite un desbordamiento de enteros en el asignador regional por medio de la macro ALIGN_UP. NOTA: El proveedor niega que esto sea una vulnerabilidad. Aunque el código puede ser vulnerable, una ... • https://lists.debian.org/debian-lts-announce/2021/05/msg00007.html • CWE-190: Integer Overflow or Wraparound •