CVE-2022-21248 – OpenJDK: Incomplete deserialization class filtering in ObjectInputStream (Serialization, 8264934)
https://notcve.org/view.php?id=CVE-2022-21248
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. • https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2DIN3L6L3SVZK75CKW2GPSU4HIGZR7XG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4J2N4FNXW6JKJBWUZH6SNI2UHCZXQXCY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KPIWQ6DL5IPOT54UBWTISG5T24FQJ7MN https://security.gentoo.org/glsa/202209-05 https://security.netapp.com/advisory/ntap-20220121-0007 h • CWE-502: Deserialization of Untrusted Data •
CVE-2021-22959 – llhttp: HTTP Request Smuggling due to spaces in headers
https://notcve.org/view.php?id=CVE-2021-22959
The parser in accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS) in llhttp < v2.1.4 and < v6.0.6. El parser en acepta peticiones con un espacio (SP) justo después del nombre del encabezado antes de los dos puntos. Esto puede conllevar a un contrabando de peticiones HTTP (HRS) en llhttp versiones anteriores a v2.1.4 y versiones anteriores a v6.0.6 An HTTP Request Smuggling (HRS) vulnerability was found in the llhttp library, used by Node.JS. Spaces as part of the header names were accepted as valid. • https://hackerone.com/reports/1238709 https://www.debian.org/security/2022/dsa-5170 https://www.oracle.com/security-alerts/cpujan2022.html https://access.redhat.com/security/cve/CVE-2021-22959 https://bugzilla.redhat.com/show_bug.cgi?id=2014057 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVE-2021-22960 – llhttp: HTTP Request Smuggling when parsing the body of chunked requests
https://notcve.org/view.php?id=CVE-2021-22960
The parse function in llhttp < 2.1.4 and < 6.0.6. ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling (HRS) under certain conditions. La función parse en llhttp versiones anteriores a 2.1.4 y versiones anteriores a 6.0.6. ignora las extensiones chunk cuando analiza el cuerpo de las peticiones chunked. Esto conlleva a un Contrabando de Peticiones HTTP (HRS) bajo determinadas condiciones An HTTP Request Smuggling (HRS) vulnerability was found in the llhttp library, used by Node.JS. During the parsing of chunked messages, the chunk size parameter was not validated properly. • https://hackerone.com/reports/1238099 https://www.debian.org/security/2022/dsa-5170 https://www.oracle.com/security-alerts/cpujan2022.html https://access.redhat.com/security/cve/CVE-2021-22960 https://bugzilla.redhat.com/show_bug.cgi?id=2014059 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVE-2021-35603 – OpenJDK: Non-constant comparison during TLS handshakes (JSSE, 8269618)
https://notcve.org/view.php?id=CVE-2021-35603
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. • https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6 https://security.gentoo.org/glsa/202209-05 https://security.netapp.com/advisory/ntap-20211022-0004 h • CWE-203: Observable Discrepancy •
CVE-2021-35588 – OpenJDK: Incomplete validation of inner class references in ClassFileParser (Hotspot, 8268071)
https://notcve.org/view.php?id=CVE-2021-35588
Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 7u311, 8u301; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Oracle GraalVM Enterprise Edition. • https://lists.debian.org/debian-lts-announce/2021/11/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6EUURAQOIJYFZHQ7DFZCO6IKDPIAWTNK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTYZWIXDFUV2H57YQZJWPOD3BC3I3EIQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GXTUWAWXVU37GRNIG4TPMA47THO6VAE6 https://security.gentoo.org/glsa/202209-05 https://security.netapp.com/advisory/ntap-20211022-0004 h • CWE-20: Improper Input Validation •