CVE-2022-32531 – Apache BookKeeper: Java Client Uses Connection to Host that Failed Hostname Verification
https://notcve.org/view.php?id=CVE-2022-32531
The Apache Bookkeeper Java Client (before 4.14.6 and also 4.15.0) does not close the connection to the bookkeeper server when TLS hostname verification fails. This leaves the bookkeeper client vulnerable to a man in the middle attack. The problem affects BookKeeper client prior to versions 4.14.6 and 4.15.1. El cliente Java Apache Bookkeeper (anteriores a 4.14.6 y también a 4.15.0) no cierra la conexión con el servidor de contabilidad cuando falla la verificación del nombre de host TLS. Esto deja al cliente bookkeeper vulnerable al ataque de man in the middle. El problema afecta al cliente BookKeeper anterior a las versiones 4.14.6 y 4.15.1. • https://lists.apache.org/thread/xyk2lfc7lzof8mksmwyympbqxts1b5s9 • CWE-295: Improper Certificate Validation •
CVE-2020-23922
https://notcve.org/view.php?id=CVE-2020-23922
An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif2rgb.c has a heap-based buffer over-read. Se detectó un problema en giflib versiones hasta 5.1.4. La función DumpScreen2RGB en el archivo gif2rgb.c presenta una lectura excesiva del búfer en la región heap de la memoria • https://cwe.mitre.org/data/definitions/126.html https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E https://sourceforge.net/p/giflib/bugs/151 • CWE-125: Out-of-bounds Read •
CVE-2020-36230
https://notcve.org/view.php?id=CVE-2020-36230
A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. Se detectó un fallo en OpenLDAP versiones anteriores a 2.4.57, conllevando en un fallo de aserción en slapd en el análisis de DN X.509 en ber_next_element del archivo decode.c, resultando en una denegación de servicio • http://seclists.org/fulldisclosure/2021/May/64 http://seclists.org/fulldisclosure/2021/May/65 http://seclists.org/fulldisclosure/2021/May/70 https://bugs.openldap.org/show_bug.cgi?id=9423 https://git.openldap.org/openldap/openldap/-/commit/8c1d96ee36ed98b32cd0e28b7069c7b8ea09d793 https://git.openldap.org/openldap/openldap/-/tags/OPENLDAP_REL_ENG_2_4_57 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org • CWE-617: Reachable Assertion •
CVE-2019-19924 – sqlite: incorrect sqlite3WindowRewrite() error handling leads to mishandling certain parser-tree rewriting
https://notcve.org/view.php?id=CVE-2019-19924
SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling. SQLite versión 3.30.1 maneja inapropiadamente cierta reescritura de árbol de análisis, relacionada con los archivos expr.c, vdbeaux.c y window.c. Esto es causado por un manejo incorrecto de errores de la función sqlite3WindowRewrite(). • https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf https://github.com/sqlite/sqlite/commit/8654186b0236d556aa85528c2573ee0b6ab71be3 https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E https://security.netapp.com/advisory/ntap-20200114-0003 https://usn.ubuntu.com/4298-1 https://www.oracle.com/security-alerts/cpuapr2020.html https • CWE-391: Unchecked Error Condition CWE-755: Improper Handling of Exceptional Conditions •
CVE-2019-17571 – log4j: deserialization of untrusted data in SocketServer
https://notcve.org/view.php?id=CVE-2019-17571
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17. Incluido en Log4j versión 1.2 existe una clase SocketServer que es vulnerable a la deserialización de datos no confiables, que pueden ser explotada para ejecutar código arbitrario remotamente cuando se combina con un dispositivo de deserialización al escuchar el tráfico de red no confiable para datos de registro. Esto afecta a Log4j versiones desde 1.2 hasta 1.2.17. A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. • https://github.com/shadow-horse/CVE-2019-17571 https://github.com/Al1ex/CVE-2019-17571 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00022.html https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1%40%3Cdev.tika.apache.org%3E https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c%40%3Cdev.tika.apache.org%3E https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6%40%3Cdev.tika.apache.org%3E https://lists.apache& • CWE-502: Deserialization of Untrusted Data •