CVE-2020-10731 – openstack-tripleo-heat-templates: No sVirt protection for OSP16 VMs due to disabled SELinux
https://notcve.org/view.php?id=CVE-2020-10731
A flaw was found in the nova_libvirt container provided by the Red Hat OpenStack Platform 16, where it does not have SELinux enabled. This flaw causes sVirt, an important isolation mechanism, to be disabled for all running virtual machines. Se encontró un fallo en el contenedor nova_libvirt provisto por el Red Hat OpenStack Platform versión 16, donde no se encuentra habilitado SELinux. Este fallo causa que sVirt, un importante mecanismo de aislamiento, se deshabilite para todas las máquinas virtuales en ejecución • https://bugzilla.redhat.com/show_bug.cgi?id=1831544 https://access.redhat.com/security/cve/CVE-2020-10731 • CWE-284: Improper Access Control CWE-1220: Insufficient Granularity of Access Control •
CVE-2019-14900 – hibernate: SQL injection issue in Hibernate ORM
https://notcve.org/view.php?id=CVE-2019-14900
A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. Se encontró un fallo en Hibernate ORM en versiones anteriores a 5.3.18, 5.4.18 y 5.5.0.Beta1. Una inyección SQL en la implementación de la API JPA Criteria puede permitir literales no saneados cuando es usado un literal en las partes de la consulta SELECT o GROUP BY. • https://bugzilla.redhat.com/show_bug.cgi?id=1666499 https://lists.apache.org/thread.html/r833c1276e41334fa675848a08daf0c61f39009f9f9a400d9f7006d44%40%3Cdev.turbine.apache.org%3E https://security.netapp.com/advisory/ntap-20220210-0020 https://access.redhat.com/security/cve/CVE-2019-14900 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2015-5694
https://notcve.org/view.php?id=CVE-2015-5694
Designate does not enforce the DNS protocol limit concerning record set sizes Designate no aplica el límite del protocolo DNS con respecto a los tamaños del conjunto de registros. • http://www.openwall.com/lists/oss-security/2015/07/28/11 http://www.openwall.com/lists/oss-security/2015/07/29/6 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5694 https://security-tracker.debian.org/tracker/CVE-2015-5694 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2019-9515 – Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service
https://notcve.org/view.php?id=CVE-2019-9515
Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. Algunas implementaciones de HTTP / 2 son vulnerables a una inundación de configuraciones, lo que puede conducir a una denegación de servicio. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html http://seclists.org/fulldisclosure/2019/Aug/16 https://access.redhat.com/errata/RHSA-2019:2766 https://access.redhat.com/errata/RHSA-2019:2796 https://access.redhat.com/errata/RHSA-2019:2861 https://access.redhat.com/errata/RHSA-2019:2925 https://access.redhat.com/errata/RHSA-2019:2939 https://access.redhat.com/errata/RHSA-2019:2955 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2019-9514 – Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service
https://notcve.org/view.php?id=CVE-2019-9514
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. Algunas implementaciones de HTTP / 2 son vulnerables a una inundación de reinicio, lo que puede conducir a una denegación de servicio. El atacante abre una serie de secuencias y envía una solicitud no válida sobre cada secuencia que debería solicitar una secuencia de tramas RST_STREAM del par. • http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2019-09 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •