CVSS: 5.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-20485 – libvirt: Potential DoS by holding a monitor job while querying QEMU guest-agent
https://notcve.org/view.php?id=CVE-2019-20485
qemu/qemu_driver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of service (API blockage). El archivo qemu/qemu_driver.c en libvirt versiones anteriores a 6.0.0, maneja inapropiadamente la conservación de un trabajo de monitoreo durante una consulta a un agente invitado, lo que permite a atacantes causar una denegación de servicio (bloqueo de la API). A flaw was found in the way the libvirtd daemon issued the 'suspend' command to a QEMU guest-agent running inside a guest, where it holds a monitor job while issuing the 'suspend' command to a guest-agent. A malicious guest-agent may use this flaw to block the libvirt daemon indefinitely, resulting in a denial of service. • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953078 https://bugzilla.redhat.com/show_bug.cgi?id=1809740 https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=a663a860819287e041c3de672aad1d8543098ecc https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D5GE6ISYUL3CIWO3FQRUGMKTKP2NYED2 https://security-tracker.debian.org/tracker/CVE-2019-20485 https://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg1730509.html https://access.redhat.com/security/cve/CVE-2019 • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 1%CPEs: 5EXPL: 0CVE-2020-7919
https://notcve.org/view.php?id=CVE-2020-7919
Go before 1.12.16 and 1.13.x before 1.13.7 (and the crypto/cryptobyte package before 0.0.0-20200124225646-8b5121be2f68 for Go) allows attacks on clients (resulting in a panic) via a malformed X.509 certificate. Go versiones anteriores a 1.12.16 y versiones 1.13.x anteriores a 1.13.7 (y el paquete crypto/cryptobyte versiones anteriores a 0.0.0-20200124225646-8b5121be2f68 para Go), permite ataques a los clientes (lo que resulta en un pánico) por medio de un certificado X.509 malformado. • https://groups.google.com/forum/#%21forum/golang-announce https://groups.google.com/forum/#%21topic/golang-announce/-sdUB4VEQkA https://groups.google.com/forum/#%21topic/golang-announce/Hsw4mHYc470 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S43VLYRURELDWX4D5RFOYBNFGO6CGBBC https://security.netapp.com/advisory/ntap-20200327-0001 https://www.debian.org/security/2021/dsa-4848 https://www.oracle.com/security-alerts/cpuApr2021.html • CWE-295: Improper Certificate Validation •
CVSS: 4.7EPSS: 0%CPEs: 14EXPL: 0CVE-2020-1740 – ansible: secrets readable after ansible-vault edit
https://notcve.org/view.php?id=CVE-2020-1740
A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes "ansible-vault edit", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file descriptor is closed and the method write_data is called to write the existing secret in the file. This method will delete the file before recreating it insecurely. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable. Se detectó un fallo en Ansible Engine cuando se usa Ansible Vault para editar archivos cifrados. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1740 https://github.com/ansible/ansible/issues/67798 https://lists.debian.org/debian-lts-announce/2020/05/msg00005.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJK • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-377: Insecure Temporary File •
CVSS: 4.6EPSS: 0%CPEs: 13EXPL: 1CVE-2020-1735 – ansible: path injection on dest parameter in fetch module
https://notcve.org/view.php?id=CVE-2020-1735
A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable. Se detectó un fallo en el Ansible Engine cuando es usado el módulo de búsqueda. Un atacante podría interceptar el módulo, inyectar una nueva ruta y luego elegir una nueva ruta destino en el nodo del controlador. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1735 https://github.com/ansible/ansible/issues/67793 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKPA4KC3OJSUFASUYMG66HKJE7ADNGFW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRRYUU5ZBLPBXCYG6CFP35D64NP2UB2S https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WQVOQD4VAIXXTVQAJKTN7NUGTJFE2PCB https://security.gentoo.org/glsa/202006-11 https://w • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 3.3EPSS: 0%CPEs: 12EXPL: 1CVE-2020-1736 – ansible: atomic_move primitive sets permissive permissions
https://notcve.org/view.php?id=CVE-2020-1736
A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions before the move. This could lead to the disclosure of sensitive data. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable. Se detectó un fallo en Ansible Engine, cuando un archivo es movido usando la función atomic_move primitiva ya que el modo de archivo no puede ser especificado. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1736 https://github.com/ansible/ansible/issues/67794 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2NYYQP2XJB2TTRP6AKWVMBSPB2DFJNKD https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPNZWBAUP4ZHUR6PO7U6ZXEKNCX62KZ7 https://security.gentoo.org/glsa/202006-11 https://access.redhat.com/security/cve/CVE-2020-1736 https://bugzilla.redhat.com/show_bug.cgi?id=1802124 • CWE-732: Incorrect Permission Assignment for Critical Resource •