CVSS: 9.1EPSS: 1%CPEs: 4EXPL: 0CVE-2022-28615 – Read beyond bounds in ap_strcmp_match()
https://notcve.org/view.php?id=CVE-2022-28615
Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected. Apache HTTP Server versiones 2.4.53 y anteriores, puede fallar o revelar información debido a una lectura más allá de los límites en la función ap_strcmp_match() cuando le es proporcionado un búfer de entrada extremadamente grande. Mientras que ningún código distribuido con el servidor puede ser coaccionado en tal llamada, los módulos de terceros o los scripts lua que usan ap_strcmp_match() pueden hipotéticamente ser afectados An out-of-bounds read vulnerability was found in httpd. A very large input to the ap_strcmp_match function can lead to an integer overflow and result in an out-of-bounds read. • http://www.openwall.com/lists/oss-security/2022/06/08/9 https://httpd.apache.org/security/vulnerabilities_24.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND https://security.gentoo.org/glsa/202208-20 https://security.netapp.com/advisory/ntap-20220624-0005 https://access.redhat.com/security/cve/CVE-2022-28615 ht • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2022-28614 – read beyond bounds via ap_rwrite()
https://notcve.org/view.php?id=CVE-2022-28614
The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Modules compiled and distributed separately from Apache HTTP Server that use the 'ap_rputs' function and may pass it a very large (INT_MAX or larger) string must be compiled against current headers to resolve the issue. La función ap_rwrite() en el Servidor HTTP Apache 2.4.53 y anteriores puede leer memoria no intencionada si un atacante puede hacer que el servidor refleje una entrada muy grande usando ap_rwrite() o ap_rputs(), como con la función mod_luas r:puts(). Los módulos compilados y distribuidos por separado del Servidor HTTP Apache que usan la función 'ap_rputs' y pueden pasarle una cadena muy grande (INT_MAX o mayor) deben ser compilados contra las cabeceras actuales para resolver el problema An out-of-bounds read vulnerability was found in httpd. A very large input to the ap_rputs and ap_rwrite functions can lead to an integer overflow and result in an out-of-bounds read. • http://www.openwall.com/lists/oss-security/2022/06/08/4 https://httpd.apache.org/security/vulnerabilities_24.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND https://security.gentoo.org/glsa/202208-20 https://security.netapp.com/advisory/ntap-20220624-0005 https://access.redhat.com/security/cve/CVE-2022-28614 ht • CWE-190: Integer Overflow or Wraparound CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-26377 – mod_proxy_ajp: Possible request smuggling
https://notcve.org/view.php?id=CVE-2022-26377
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions. Una vulnerabilidad de Interpretación Incoherente de las Peticiones HTTP ("Contrabando de Peticiones HTTP") en la función mod_proxy_ajp de Apache HTTP Server permite a un atacante contrabandear peticiones al servidor AJP al que reenvía las peticiones. Este problema afecta a Apache HTTP Server, versión 2.4.53 y anteriores An HTTP request smuggling vulnerability was found in the mod_proxy_ajp module of httpd. This flaw allows an attacker to smuggle requests to the AJP server, where it forwards requests. • http://www.openwall.com/lists/oss-security/2022/06/08/2 https://httpd.apache.org/security/vulnerabilities_24.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7QUGG2QZWHTITMABFLVXA4DNYUOTPWYQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPY2BLEVJWFH34AX77ZJPLD2OOBYR6ND https://security.gentoo.org/glsa/202208-20 https://security.netapp.com/advisory/ntap-20220624-0005 https://access.redhat.com/security/cve/CVE-2022-26377 ht • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 1CVE-2022-1708 – cri-o: memory exhaustion on the node when access to the kube api
https://notcve.org/view.php?id=CVE-2022-1708
A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a manner where the entire file corresponding to the output of the command is read in. Thus, if the output of the command is large it is possible to exhaust the memory or the disk space of the node when CRI-O reads the output of the command. The highest threat from this vulnerability is system availability. • https://bugzilla.redhat.com/show_bug.cgi?id=2085361 https://github.com/cri-o/cri-o/commit/f032cf649ecc7e0c46718bd9e7814bfb317cb544 https://github.com/cri-o/cri-o/security/advisories/GHSA-fcm2-6c3h-pg6j https://access.redhat.com/security/cve/CVE-2022-1708 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-32511
https://notcve.org/view.php?id=CVE-2022-32511
jmespath.rb (aka JMESPath for Ruby) before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable. jmespath.rb (también se conoce como JMESPath para Ruby) versiones anteriores a 1.6.1, usa JSON.load en una situación en la que es preferible JSON.parse • https://github.com/jmespath/jmespath.rb/compare/v1.6.0...v1.6.1 https://github.com/jmespath/jmespath.rb/pull/55 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/376NUPIPTYBWWGS33GO4UOLQRI4D3BTP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AGZ2YWONVFFOPACHAT4MM7ZBT4DNHOF5 https://stackoverflow.com/a/30050571/580231 •