CVSS: 9.8EPSS: 94%CPEs: 97EXPL: 82CVE-2022-22965 – Spring Framework JDK 9+ Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-22965
01 Apr 2022 — A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it. Una aplicación Spring MVC o Spring WebFlux que es ejecutada en JDK 9+ puede ser ... • https://packetstorm.news/files/id/167011 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 94%CPEs: 47EXPL: 32CVE-2022-22963 – VMware Tanzu Spring Cloud Function Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-22963
31 Mar 2022 — In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources. En Spring Cloud Function versiones 3.1.6, 3.2.2 y versiones anteriores no soportadas, cuando es usada la funcionalidad routing es posible que un usuario proporcione un SpEL especialmente diseñado como expresión de enrutamiento que puede resul... • https://packetstorm.news/files/id/173430 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') •
CVSS: 7.5EPSS: 0%CPEs: 77EXPL: 2CVE-2020-36518 – jackson-databind: denial of service via a large depth of nested objects
https://notcve.org/view.php?id=CVE-2020-36518
11 Mar 2022 — jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. jackson-databind versiones anteriores a 2.13.0, permite una excepción Java StackOverflow y una denegación de servicio por medio de una gran profundidad de objetos anidados A flaw was found in the Jackson Databind package. This cause of the issue is due to a Java StackOverflow exception and a denial of service via a significant depth of nested objects. Red Hat JBoss Enterprise Appli... • https://github.com/ghillert/boot-jackson-cve • CWE-400: Uncontrolled Resource Consumption CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 58EXPL: 0CVE-2022-23437 – Infinite loop within Apache XercesJ xml parser
https://notcve.org/view.php?id=CVE-2022-23437
24 Jan 2022 — There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolonged duration. This vulnerability is present within XercesJ version 2.12.1 and the previous versions. Se presenta una vulnerabilidad en el analizador XML de Apache Xerces Java (XercesJ) cuando maneja cargas útiles de documentos XML especialmente diseñados. Esto c... • http://www.openwall.com/lists/oss-security/2022/01/24/3 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.9EPSS: 1%CPEs: 23EXPL: 0CVE-2021-38153 – Timing Attack Vulnerability for Apache Kafka Connect and Clients
https://notcve.org/view.php?id=CVE-2021-38153
22 Sep 2021 — Some components in Apache Kafka use `Arrays.equals` to validate a password or key, which is vulnerable to timing attacks that make brute force attacks for such credentials more likely to be successful. Users should upgrade to 2.8.1 or higher, or 3.0.0 or higher where this vulnerability has been fixed. The affected versions include Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, 2.2.2, 2.3.0, 2.3.1, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.6.0, 2.6.1, 2.6.2, 2.7.0, 2.7.1, and 2.8.0. Algunos componentes de Apache... • https://kafka.apache.org/cve-list • CWE-203: Observable Discrepancy CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 8.3EPSS: 1%CPEs: 248EXPL: 6CVE-2021-2351 – Oracle Database Weak NNE Integrity Key Derivation
https://notcve.org/view.php?id=CVE-2021-2351
20 Jul 2021 — Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Advanced Networking Option, attacks may significantly impact additional products. Successful atta... • https://packetstorm.news/files/id/165258 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-384: Session Fixation •
CVSS: 7.5EPSS: 0%CPEs: 72EXPL: 0CVE-2021-36090 – Apache Commons Compress 1.0 to 1.20 denial of service vulnerability
https://notcve.org/view.php?id=CVE-2021-36090
13 Jul 2021 — When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' zip package. Al leer un archivo ZIP especialmente diseñado, Compress puede asignar grandes cantidades de memoria que finalmente conllevan a un error de falta de memoria incluso para entradas muy pequeñas. Esto podría ser usado para montar un ata... • http://www.openwall.com/lists/oss-security/2021/07/13/4 • CWE-130: Improper Handling of Length Parameter Inconsistency CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 54EXPL: 0CVE-2021-35517 – Apache Commons Compress 1.1 to 1.20 denial of service vulnerability
https://notcve.org/view.php?id=CVE-2021-35517
13 Jul 2021 — When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' tar package. Cuando se lee un archivo TAR especialmente diseñado, Compress puede asignar grandes cantidades de memoria que finalmente conllevan a un error de falta de memoria incluso para entradas muy pequeñas. Esto podría ser usado para montar ... • http://www.openwall.com/lists/oss-security/2021/07/13/3 • CWE-130: Improper Handling of Length Parameter Inconsistency CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 47EXPL: 0CVE-2021-35516 – Apache Commons Compress 1.6 to 1.20 denial of service vulnerability
https://notcve.org/view.php?id=CVE-2021-35516
13 Jul 2021 — When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' sevenz package. Al leer un archivo 7Z especialmente diseñado, Compress puede asignar grandes cantidades de memoria que finalmente conllevan a un error de falta de memoria incluso para entradas muy pequeñas. Esto podría ser usado para montar un at... • http://www.openwall.com/lists/oss-security/2021/07/13/2 • CWE-130: Improper Handling of Length Parameter Inconsistency CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 47EXPL: 0CVE-2021-35515 – Apache Commons Compress 1.6 to 1.20 denial of service vulnerability
https://notcve.org/view.php?id=CVE-2021-35515
13 Jul 2021 — When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This could be used to mount a denial of service attack against services that use Compress' sevenz package. Cuando se lee un archivo 7Z especialmente diseñado, la construcción de la lista de códecs que descomprimen una entrada puede resultar en un bucle infinito. Esto podría ser usado para montar un ataque de denegación de servicio contra los servicios que usan el paque... • http://www.openwall.com/lists/oss-security/2021/07/13/1 • CWE-834: Excessive Iteration CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •