Action not permitted
Modal body text goes here.
Modal Title
Modal Body
wid-sec-w-2023-0122
Vulnerability from csaf_certbund
Published
2023-01-17 23:00
Modified
2023-01-17 23:00
Summary
Oracle Supply Chain: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Die Oracle Supply Chain ist eine Sammlung von Applikationen für verschiedene Zwecke.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Supply Chain ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- UNIX
- Linux
- Windows
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Die Oracle Supply Chain ist eine Sammlung von Applikationen f\u00fcr verschiedene Zwecke.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Supply Chain ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.", "title": "Angriff" }, { "category": "general", "text": "- UNIX\n- Linux\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-0122 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0122.json" }, { "category": "self", "summary": "WID-SEC-2023-0122 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0122" }, { "category": "external", "summary": "Oracle Critical Patch Update Advisory - January 2023 - Appendix Oracle Supply Chain vom 2023-01-17", "url": "https://www.oracle.com/security-alerts/cpujan2023.html#AppendixSCP" } ], "source_lang": "en-US", "title": "Oracle Supply Chain: Mehrere Schwachstellen", "tracking": { "current_release_date": "2023-01-17T23:00:00.000+00:00", "generator": { "date": "2024-02-15T17:10:15.790+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-0122", "initial_release_date": "2023-01-17T23:00:00.000+00:00", "revision_history": [ { "date": "2023-01-17T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Oracle Supply Chain 9.3.6", "product": { "name": "Oracle Supply Chain 9.3.6", "product_id": "T019052", "product_identification_helper": { "cpe": "cpe:/a:oracle:supply_chain:9.3.6" } } }, { "category": "product_name", "name": "Oracle Supply Chain 12.1", "product": { "name": "Oracle Supply Chain 12.1", "product_id": "T019054", "product_identification_helper": { "cpe": "cpe:/a:oracle:supply_chain:12.1" } } }, { "category": "product_name", "name": "Oracle Supply Chain 12.2", "product": { "name": "Oracle Supply Chain 12.2", "product_id": "T019055", "product_identification_helper": { "cpe": "cpe:/a:oracle:supply_chain:12.2" } } }, { "category": "product_name", "name": "Oracle Supply Chain 12.2.11", "product": { "name": "Oracle Supply Chain 12.2.11", "product_id": "T021721", "product_identification_helper": { "cpe": "cpe:/a:oracle:supply_chain:12.2.11" } } }, { "category": "product_name", "name": "Oracle Supply Chain \u003c 21.0.2.6", "product": { "name": "Oracle Supply Chain \u003c 21.0.2.6", "product_id": "T025892", "product_identification_helper": { "cpe": "cpe:/a:oracle:supply_chain:21.0.2.6" } } }, { "category": "product_name", "name": "Oracle Supply Chain 12.2.7", "product": { "name": "Oracle Supply Chain 12.2.7", "product_id": "T025893", "product_identification_helper": { "cpe": "cpe:/a:oracle:supply_chain:12.2.7" } } }, { "category": "product_name", "name": "Oracle Supply Chain 12.2.8", "product": { "name": "Oracle Supply Chain 12.2.8", "product_id": "T025894", "product_identification_helper": { "cpe": "cpe:/a:oracle:supply_chain:12.2.8" } } }, { "category": "product_name", "name": "Oracle Supply Chain 12.2.9", "product": { "name": "Oracle Supply Chain 12.2.9", "product_id": "T025895", "product_identification_helper": { "cpe": "cpe:/a:oracle:supply_chain:12.2.9" } } }, { "category": "product_name", "name": "Oracle Supply Chain 12.2.10", "product": { "name": "Oracle Supply Chain 12.2.10", "product_id": "T025896", "product_identification_helper": { "cpe": "cpe:/a:oracle:supply_chain:12.2.10" } } }, { "category": "product_name", "name": "Oracle Supply Chain 12.2.12", "product": { "name": "Oracle Supply Chain 12.2.12", "product_id": "T025897", "product_identification_helper": { "cpe": "cpe:/a:oracle:supply_chain:12.2.12" } } }, { "category": "product_name", "name": "Oracle Supply Chain \u003c 21.0.2.0", "product": { "name": "Oracle Supply Chain \u003c 21.0.2.0", "product_id": "T025898", "product_identification_helper": { "cpe": "cpe:/a:oracle:supply_chain:21.0.2.0" } } } ], "category": "product_name", "name": "Supply Chain" } ], "category": "vendor", "name": "Oracle" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-21850", "notes": [ { "category": "description", "text": "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T021721", "T019052", "T025895", "T025894", "T019054", "T025897", "T025896", "T019055", "T025893" ] }, "release_date": "2023-01-17T23:00:00Z", "title": "CVE-2023-21850" }, { "cve": "CVE-2022-42252", "notes": [ { "category": "description", "text": "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T021721", "T019052", "T025895", "T025894", "T019054", "T025897", "T025896", "T019055", "T025893" ] }, "release_date": "2023-01-17T23:00:00Z", "title": "CVE-2022-42252" }, { "cve": "CVE-2022-34169", "notes": [ { "category": "description", "text": "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T021721", "T019052", "T025895", "T025894", "T019054", "T025897", "T025896", "T019055", "T025893" ] }, "release_date": "2023-01-17T23:00:00Z", "title": "CVE-2022-34169" }, { "cve": "CVE-2022-24839", "notes": [ { "category": "description", "text": "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T021721", "T019052", "T025895", "T025894", "T019054", "T025897", "T025896", "T019055", "T025893" ] }, "release_date": "2023-01-17T23:00:00Z", "title": "CVE-2022-24839" }, { "cve": "CVE-2021-44832", "notes": [ { "category": "description", "text": "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T021721", "T019052", "T025895", "T025894", "T019054", "T025897", "T025896", "T019055", "T025893" ] }, "release_date": "2023-01-17T23:00:00Z", "title": "CVE-2021-44832" }, { "cve": "CVE-2020-27844", "notes": [ { "category": "description", "text": "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T021721", "T019052", "T025895", "T025894", "T019054", "T025897", "T025896", "T019055", "T025893" ] }, "release_date": "2023-01-17T23:00:00Z", "title": "CVE-2020-27844" }, { "cve": "CVE-2019-7317", "notes": [ { "category": "description", "text": "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T021721", "T019052", "T025895", "T025894", "T019054", "T025897", "T025896", "T019055", "T025893" ] }, "release_date": "2023-01-17T23:00:00Z", "title": "CVE-2019-7317" }, { "cve": "CVE-2019-12415", "notes": [ { "category": "description", "text": "In Oracle Supply Chain existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he." } ], "product_status": { "known_affected": [ "T021721", "T019052", "T025895", "T025894", "T019054", "T025897", "T025896", "T019055", "T025893" ] }, "release_date": "2023-01-17T23:00:00Z", "title": "CVE-2019-12415" } ] }
cve-2022-42252
Vulnerability from cvelistv5
Published
2022-11-01 00:00
Modified
2024-08-03 13:03
Severity ?
EPSS score ?
Summary
If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10.0.26 or 10.1.0-M1 to 10.1.0 was configured to ignore invalid HTTP headers via setting rejectIllegalHeader to false (the default for 8.5.x only), Tomcat did not reject a request containing an invalid Content-Length header making a request smuggling attack possible if Tomcat was located behind a reverse proxy that also failed to reject the request with the invalid header.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Apache Software Foundation | Apache Tomcat |
Version: 10.1.0-M1 Version: 10.0.0-M1 Version: 9.0.0-M1 Version: 8.5.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T13:03:45.683Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://lists.apache.org/thread/zzcxzvqfdqn515zfs3dxb7n8gty589sq" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202305-37" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "Apache Tomcat", "vendor": "Apache Software Foundation", "versions": [ { "lessThanOrEqual": "10.1.0", "status": "affected", "version": "10.1.0-M1", "versionType": "maven" }, { "lessThanOrEqual": "10.0.26", "status": "affected", "version": "10.0.0-M1", "versionType": "maven" }, { "lessThanOrEqual": "9.0.67", "status": "affected", "version": "9.0.0-M1", "versionType": "maven" }, { "lessThanOrEqual": "8.5.82", "status": "affected", "version": "8.5.0", "versionType": "maven" } ] } ], "credits": [ { "lang": "en", "value": "Thanks to Sam Shahsavar who discovered this issue and reported it to the Apache Tomcat security team." } ], "descriptions": [ { "lang": "en", "value": "If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10.0.26 or 10.1.0-M1 to 10.1.0 was configured to ignore invalid HTTP headers via setting rejectIllegalHeader to false (the default for 8.5.x only), Tomcat did not reject a request containing an invalid Content-Length header making a request smuggling attack possible if Tomcat was located behind a reverse proxy that also failed to reject the request with the invalid header." } ], "metrics": [ { "other": { "content": { "other": "low" }, "type": "unknown" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-444", "description": "CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-12-20T13:11:31.015Z", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "url": "https://lists.apache.org/thread/zzcxzvqfdqn515zfs3dxb7n8gty589sq" }, { "url": "https://security.gentoo.org/glsa/202305-37" } ], "source": { "discovery": "UNKNOWN" }, "title": "Apache Tomcat request smuggling via malformed content-length", "x_generator": { "engine": "Vulnogram 0.0.9" } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2022-42252", "datePublished": "2022-11-01T00:00:00", "dateReserved": "2022-10-03T00:00:00", "dateUpdated": "2024-08-03T13:03:45.683Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2020-27844
Vulnerability from cvelistv5
Published
2021-01-05 17:43
Modified
2024-08-04 16:25
Severity ?
EPSS score ?
Summary
A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
References
▼ | URL | Tags |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1907521 | x_refsource_MISC | |
https://security.gentoo.org/glsa/202101-29 | vendor-advisory, x_refsource_GENTOO | |
https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html | mailing-list, x_refsource_MLIST | |
https://www.oracle.com/security-alerts/cpuApr2021.html | x_refsource_MISC | |
https://www.oracle.com//security-alerts/cpujul2021.html | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T16:25:43.677Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907521" }, { "name": "GLSA-202101-29", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202101-29" }, { "name": "[debian-lts-announce] 20210208 [SECURITY] [DLA 2550-1] openjpeg2 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "openjpeg", "vendor": "n/a", "versions": [ { "status": "affected", "version": "openjpeg 2.4.0" } ] } ], "descriptions": [ { "lang": "en", "value": "A flaw was found in openjpeg\u0027s src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20-\u003eCWE-122-\u003eCWE-787", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-20T22:54:53", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907521" }, { "name": "GLSA-202101-29", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202101-29" }, { "name": "[debian-lts-announce] 20210208 [SECURITY] [DLA 2550-1] openjpeg2 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2020-27844", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "openjpeg", "version": { "version_data": [ { "version_value": "openjpeg 2.4.0" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A flaw was found in openjpeg\u0027s src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide crafted input to openjpeg during conversion and encoding, causing an out-of-bounds write. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-20-\u003eCWE-122-\u003eCWE-787" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1907521", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907521" }, { "name": "GLSA-202101-29", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202101-29" }, { "name": "[debian-lts-announce] 20210208 [SECURITY] [DLA 2550-1] openjpeg2 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00011.html" }, { "name": "https://www.oracle.com/security-alerts/cpuApr2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "name": "https://www.oracle.com//security-alerts/cpujul2021.html", "refsource": "MISC", "url": "https://www.oracle.com//security-alerts/cpujul2021.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2020-27844", "datePublished": "2021-01-05T17:43:49", "dateReserved": "2020-10-27T00:00:00", "dateUpdated": "2024-08-04T16:25:43.677Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-34169
Vulnerability from cvelistv5
Published
2022-07-19 00:00
Modified
2024-08-03 08:16
Severity ?
EPSS score ?
Summary
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Apache Software Foundation | Apache Xalan-J |
Version: Xalan-J < |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T08:16:17.277Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8" }, { "tags": [ "x_transferred" ], "url": "https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw" }, { "name": "[oss-security] 20220719 CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/07/19/5" }, { "tags": [ "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "name": "[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/07/19/6" }, { "name": "[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/07/20/2" }, { "name": "[oss-security] 20220720 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/07/20/3" }, { "name": "DSA-5188", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5188" }, { "name": "DSA-5192", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5192" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220729-0009/" }, { "name": "FEDORA-2022-19b6f21746", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/" }, { "name": "FEDORA-2022-ae563934f7", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/" }, { "name": "FEDORA-2022-e573851f56", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/" }, { "name": "FEDORA-2022-d26586b419", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/" }, { "name": "FEDORA-2022-80afe2304a", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/" }, { "name": "FEDORA-2022-b76ab52e73", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html" }, { "name": "[oss-security] 20221017 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/10/18/2" }, { "name": "[debian-lts-announce] 20221018 [SECURITY] [DLA 3155-1] bcel security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html" }, { "name": "DSA-5256", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2022/dsa-5256" }, { "name": "[oss-security] 20221104 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/04/8" }, { "name": "[oss-security] 20221107 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/07/2" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202401-25" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Apache Xalan-J", "vendor": "Apache Software Foundation", "versions": [ { "lessThanOrEqual": "2.7.2", "status": "affected", "version": "Xalan-J", "versionType": "custom" } ] } ], "credits": [ { "lang": "en", "value": "Reported by Felix Wilhelm, Google Project Zero" } ], "descriptions": [ { "lang": "en", "value": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan." } ], "problemTypes": [ { "descriptions": [ { "description": "integer truncation", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-05-05T07:29:25.615Z", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "url": "https://lists.apache.org/thread/2qvl7r43wb4t8p9dd9om1bnkssk07sn8" }, { "url": "https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw" }, { "name": "[oss-security] 20220719 CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/07/19/5" }, { "url": "https://www.oracle.com/security-alerts/cpujul2022.html" }, { "name": "[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/07/19/6" }, { "name": "[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/07/20/2" }, { "name": "[oss-security] 20220720 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/07/20/3" }, { "name": "DSA-5188", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5188" }, { "name": "DSA-5192", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5192" }, { "url": "https://security.netapp.com/advisory/ntap-20220729-0009/" }, { "name": "FEDORA-2022-19b6f21746", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KO3DXNKZ4EU3UZBT6AAR4XRKCD73KLMO/" }, { "name": "FEDORA-2022-ae563934f7", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JN3EVGR7FD3ZLV5SBTJXUIDCMSK4QUE2/" }, { "name": "FEDORA-2022-e573851f56", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YULPNO3PAWMEQQZV2C54I3H3ZOXFZUTB/" }, { "name": "FEDORA-2022-d26586b419", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5OZNAZJ4YHLOKRRRZSWRT5OJ25E4XLM/" }, { "name": "FEDORA-2022-80afe2304a", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XPOTPPBZIPFBZHQE5E7OW6PDACUMCJ/" }, { "name": "FEDORA-2022-b76ab52e73", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4YNJSJ64NPCNKFPNBYITNZU5H3L4D6L/" }, { "url": "http://packetstormsecurity.com/files/168186/Xalan-J-XSLTC-Integer-Truncation.html" }, { "name": "[oss-security] 20221017 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/10/18/2" }, { "name": "[debian-lts-announce] 20221018 [SECURITY] [DLA 3155-1] bcel security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00024.html" }, { "name": "DSA-5256", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2022/dsa-5256" }, { "name": "[oss-security] 20221104 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/04/8" }, { "name": "[oss-security] 20221107 Re: CVE-2022-42920: Apache Commons BCEL prior to 6.6.0 allows producing arbitrary bytecode via out-of-bounds writing", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2022/11/07/2" }, { "url": "https://security.gentoo.org/glsa/202401-25" }, { "url": "https://security.netapp.com/advisory/ntap-20240621-0006/" } ], "source": { "discovery": "UNKNOWN" }, "title": "Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets", "x_generator": { "engine": "Vulnogram 0.0.9" } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2022-34169", "datePublished": "2022-07-19T00:00:00", "dateReserved": "2022-06-21T00:00:00", "dateUpdated": "2024-08-03T08:16:17.277Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-7317
Vulnerability from cvelistv5
Published
2019-02-04 07:00
Modified
2024-08-04 20:46
Severity ?
EPSS score ?
Summary
png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T20:46:45.928Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20190417 [slackware-security] libpng (SSA:2019-107-01)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Apr/30" }, { "name": "DSA-4435", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2019/dsa-4435" }, { "name": "20190429 [SECURITY] [DSA 4435-1] libpng1.6 security update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Apr/36" }, { "name": "USN-3962-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3962-1/" }, { "name": "USN-3991-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3991-1/" }, { "name": "20190522 [slackware-security] mozilla-firefox (SSA:2019-141-01)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/May/56" }, { "name": "20190523 [SECURITY] [DSA 4448-1] firefox-esr security update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/May/59" }, { "name": "DSA-4448", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2019/dsa-4448" }, { "name": "[debian-lts-announce] 20190523 [SECURITY] [DLA 1800-1] firefox-esr security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html" }, { "name": "RHSA-2019:1265", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:1265" }, { "name": "RHSA-2019:1267", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:1267" }, { "name": "RHSA-2019:1269", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:1269" }, { "name": "DSA-4451", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2019/dsa-4451" }, { "name": "20190527 [SECURITY] [DSA 4451-1] thunderbird security update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/May/67" }, { "name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1806-1] thunderbird security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html" }, { "name": "USN-3997-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3997-1/" }, { "name": "openSUSE-SU-2019:1484", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html" }, { "name": "RHSA-2019:1310", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:1310" }, { "name": "RHSA-2019:1308", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:1308" }, { "name": "RHSA-2019:1309", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:1309" }, { "name": "openSUSE-SU-2019:1534", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html" }, { "name": "openSUSE-SU-2019:1664", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html" }, { "name": "108098", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/108098" }, { "name": "USN-4080-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4080-1/" }, { "name": "USN-4083-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4083-1/" }, { "name": "GLSA-201908-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201908-02" }, { "name": "RHSA-2019:2494", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:2494" }, { "name": "RHSA-2019:2495", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:2495" }, { "name": "openSUSE-SU-2019:1916", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html" }, { "name": "openSUSE-SU-2019:1912", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html" }, { "name": "RHSA-2019:2585", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:2585" }, { "name": "RHSA-2019:2590", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:2590" }, { "name": "RHSA-2019:2592", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:2592" }, { "name": "RHSA-2019:2737", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2019:2737" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/glennrp/libpng/issues/275" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20190719-0005/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03977en_us" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2019-02-04T00:00:00", "descriptions": [ { "lang": "en", "value": "png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-10-20T10:38:36", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20190417 [slackware-security] libpng (SSA:2019-107-01)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Apr/30" }, { "name": "DSA-4435", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2019/dsa-4435" }, { "name": "20190429 [SECURITY] [DSA 4435-1] libpng1.6 security update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Apr/36" }, { "name": "USN-3962-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3962-1/" }, { "name": "USN-3991-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3991-1/" }, { "name": "20190522 [slackware-security] mozilla-firefox (SSA:2019-141-01)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/May/56" }, { "name": "20190523 [SECURITY] [DSA 4448-1] firefox-esr security update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/May/59" }, { "name": "DSA-4448", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2019/dsa-4448" }, { "name": "[debian-lts-announce] 20190523 [SECURITY] [DLA 1800-1] firefox-esr security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html" }, { "name": "RHSA-2019:1265", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:1265" }, { "name": "RHSA-2019:1267", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:1267" }, { "name": "RHSA-2019:1269", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:1269" }, { "name": "DSA-4451", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2019/dsa-4451" }, { "name": "20190527 [SECURITY] [DSA 4451-1] thunderbird security update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/May/67" }, { "name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1806-1] thunderbird security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html" }, { "name": "USN-3997-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3997-1/" }, { "name": "openSUSE-SU-2019:1484", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html" }, { "name": "RHSA-2019:1310", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:1310" }, { "name": "RHSA-2019:1308", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:1308" }, { "name": "RHSA-2019:1309", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:1309" }, { "name": "openSUSE-SU-2019:1534", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html" }, { "name": "openSUSE-SU-2019:1664", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html" }, { "name": "108098", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/108098" }, { "name": "USN-4080-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4080-1/" }, { "name": "USN-4083-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4083-1/" }, { "name": "GLSA-201908-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201908-02" }, { "name": "RHSA-2019:2494", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:2494" }, { "name": "RHSA-2019:2495", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:2495" }, { "name": "openSUSE-SU-2019:1916", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html" }, { "name": "openSUSE-SU-2019:1912", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html" }, { "name": "RHSA-2019:2585", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:2585" }, { "name": "RHSA-2019:2590", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:2590" }, { "name": "RHSA-2019:2592", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:2592" }, { "name": "RHSA-2019:2737", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2019:2737" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/glennrp/libpng/issues/275" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20190719-0005/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03977en_us" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-7317", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20190417 [slackware-security] libpng (SSA:2019-107-01)", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Apr/30" }, { "name": "DSA-4435", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2019/dsa-4435" }, { "name": "20190429 [SECURITY] [DSA 4435-1] libpng1.6 security update", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Apr/36" }, { "name": "USN-3962-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3962-1/" }, { "name": "USN-3991-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3991-1/" }, { "name": "20190522 [slackware-security] mozilla-firefox (SSA:2019-141-01)", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/May/56" }, { "name": "20190523 [SECURITY] [DSA 4448-1] firefox-esr security update", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/May/59" }, { "name": "DSA-4448", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2019/dsa-4448" }, { "name": "[debian-lts-announce] 20190523 [SECURITY] [DLA 1800-1] firefox-esr security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html" }, { "name": "RHSA-2019:1265", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1265" }, { "name": "RHSA-2019:1267", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1267" }, { "name": "RHSA-2019:1269", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1269" }, { "name": "DSA-4451", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2019/dsa-4451" }, { "name": "20190527 [SECURITY] [DSA 4451-1] thunderbird security update", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/May/67" }, { "name": "[debian-lts-announce] 20190527 [SECURITY] [DLA 1806-1] thunderbird security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html" }, { "name": "USN-3997-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3997-1/" }, { "name": "openSUSE-SU-2019:1484", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html" }, { "name": "RHSA-2019:1310", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1310" }, { "name": "RHSA-2019:1308", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1308" }, { "name": "RHSA-2019:1309", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1309" }, { "name": "openSUSE-SU-2019:1534", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html" }, { "name": "openSUSE-SU-2019:1664", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html" }, { "name": "108098", "refsource": "BID", "url": "http://www.securityfocus.com/bid/108098" }, { "name": "USN-4080-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4080-1/" }, { "name": "USN-4083-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4083-1/" }, { "name": "GLSA-201908-02", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201908-02" }, { "name": "RHSA-2019:2494", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2494" }, { "name": "RHSA-2019:2495", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2495" }, { "name": "openSUSE-SU-2019:1916", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html" }, { "name": "openSUSE-SU-2019:1912", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html" }, { "name": "RHSA-2019:2585", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2585" }, { "name": "RHSA-2019:2590", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2590" }, { "name": "RHSA-2019:2592", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2592" }, { "name": "RHSA-2019:2737", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:2737" }, { "name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html" }, { "name": "https://www.oracle.com/security-alerts/cpuApr2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803", "refsource": "MISC", "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803" }, { "name": "https://github.com/glennrp/libpng/issues/275", "refsource": "MISC", "url": "https://github.com/glennrp/libpng/issues/275" }, { "name": "http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html" }, { "name": "https://security.netapp.com/advisory/ntap-20190719-0005/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20190719-0005/" }, { "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03977en_us", "refsource": "CONFIRM", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03977en_us" }, { "name": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-7317", "datePublished": "2019-02-04T07:00:00", "dateReserved": "2019-02-04T00:00:00", "dateUpdated": "2024-08-04T20:46:45.928Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-24839
Vulnerability from cvelistv5
Published
2022-04-11 21:25
Modified
2024-08-03 04:20
Severity ?
EPSS score ?
Summary
org.cyberneko.html is an html parser written in Java. The fork of `org.cyberneko.html` used by Nokogiri (Rubygem) raises a `java.lang.OutOfMemoryError` exception when parsing ill-formed HTML markup. Users are advised to upgrade to `>= 1.9.22.noko2`. Note: The upstream library `org.cyberneko.html` is no longer maintained. Nokogiri uses its own fork of this library located at https://github.com/sparklemotion/nekohtml and this CVE applies only to that fork. Other forks of nekohtml may have a similar vulnerability.
References
▼ | URL | Tags |
---|---|---|
https://github.com/sparklemotion/nekohtml/security/advisories/GHSA-9849-p7jc-9rmv | x_refsource_CONFIRM | |
https://github.com/sparklemotion/nekohtml/commit/a800fce3b079def130ed42a408ff1d09f89e773d | x_refsource_MISC | |
https://www.oracle.com/security-alerts/cpujul2022.html | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | sparklemotion | nekohtml |
Version: < 1.9.22.noko2 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T04:20:50.515Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/sparklemotion/nekohtml/security/advisories/GHSA-9849-p7jc-9rmv" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/sparklemotion/nekohtml/commit/a800fce3b079def130ed42a408ff1d09f89e773d" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "nekohtml", "vendor": "sparklemotion", "versions": [ { "status": "affected", "version": "\u003c 1.9.22.noko2" } ] } ], "descriptions": [ { "lang": "en", "value": "org.cyberneko.html is an html parser written in Java. The fork of `org.cyberneko.html` used by Nokogiri (Rubygem) raises a `java.lang.OutOfMemoryError` exception when parsing ill-formed HTML markup. Users are advised to upgrade to `\u003e= 1.9.22.noko2`. Note: The upstream library `org.cyberneko.html` is no longer maintained. Nokogiri uses its own fork of this library located at https://github.com/sparklemotion/nekohtml and this CVE applies only to that fork. Other forks of nekohtml may have a similar vulnerability." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400: Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-07-25T16:52:31", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/sparklemotion/nekohtml/security/advisories/GHSA-9849-p7jc-9rmv" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/sparklemotion/nekohtml/commit/a800fce3b079def130ed42a408ff1d09f89e773d" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" } ], "source": { "advisory": "GHSA-9849-p7jc-9rmv", "discovery": "UNKNOWN" }, "title": "Uncontrolled Resource Consumption in org.cyberneko.html (nokogiri fork)", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-24839", "STATE": "PUBLIC", "TITLE": "Uncontrolled Resource Consumption in org.cyberneko.html (nokogiri fork)" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "nekohtml", "version": { "version_data": [ { "version_value": "\u003c 1.9.22.noko2" } ] } } ] }, "vendor_name": "sparklemotion" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "org.cyberneko.html is an html parser written in Java. The fork of `org.cyberneko.html` used by Nokogiri (Rubygem) raises a `java.lang.OutOfMemoryError` exception when parsing ill-formed HTML markup. Users are advised to upgrade to `\u003e= 1.9.22.noko2`. Note: The upstream library `org.cyberneko.html` is no longer maintained. Nokogiri uses its own fork of this library located at https://github.com/sparklemotion/nekohtml and this CVE applies only to that fork. Other forks of nekohtml may have a similar vulnerability." } ] }, "impact": { "cvss": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-400: Uncontrolled Resource Consumption" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/sparklemotion/nekohtml/security/advisories/GHSA-9849-p7jc-9rmv", "refsource": "CONFIRM", "url": "https://github.com/sparklemotion/nekohtml/security/advisories/GHSA-9849-p7jc-9rmv" }, { "name": "https://github.com/sparklemotion/nekohtml/commit/a800fce3b079def130ed42a408ff1d09f89e773d", "refsource": "MISC", "url": "https://github.com/sparklemotion/nekohtml/commit/a800fce3b079def130ed42a408ff1d09f89e773d" }, { "name": "https://www.oracle.com/security-alerts/cpujul2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2022.html" } ] }, "source": { "advisory": "GHSA-9849-p7jc-9rmv", "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-24839", "datePublished": "2022-04-11T21:25:12", "dateReserved": "2022-02-10T00:00:00", "dateUpdated": "2024-08-03T04:20:50.515Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-12415
Vulnerability from cvelistv5
Published
2019-10-23 19:27
Modified
2024-08-04 23:17
Severity ?
EPSS score ?
Summary
In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an attacker to read files from the local filesystem or from internal network resources via XML External Entity (XXE) Processing.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | n/a | Apache POI |
Version: Apache POI up to 4.1.0 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T23:17:40.071Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "[tika-user] 20191105 Is tika-parsers exposed to CVE-2019-12415", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/2ac0327748de0c2b3c1c012481b79936797c711724e0b7da83cf564c%40%3Cuser.tika.apache.org%3E" }, { "name": "[tika-user] 20191105 Re: Is tika-parsers exposed to CVE-2019-12415", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/895164e03a3c327449069e2fd6ced0367561878b3ae6a8ec740c2007%40%3Cuser.tika.apache.org%3E" }, { "name": "[tika-user] 20191106 Re: Is tika-parsers exposed to CVE-2019-12415", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/d88b8823867033514d7ec05d66f88c70dc207604d3dcbd44fd88464c%40%3Cuser.tika.apache.org%3E" }, { "name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://lists.apache.org/thread.html/13a54b6a03369cfb418a699180ffb83bd727320b6ddfec198b9b728e%40%3Cannounce.apache.org%3E" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Apache POI", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Apache POI up to 4.1.0" } ] } ], "descriptions": [ { "lang": "en", "value": "In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an attacker to read files from the local filesystem or from internal network resources via XML External Entity (XXE) Processing." } ], "problemTypes": [ { "descriptions": [ { "description": "Information Disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-10-20T10:38:23", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "name": "[tika-user] 20191105 Is tika-parsers exposed to CVE-2019-12415", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/2ac0327748de0c2b3c1c012481b79936797c711724e0b7da83cf564c%40%3Cuser.tika.apache.org%3E" }, { "name": "[tika-user] 20191105 Re: Is tika-parsers exposed to CVE-2019-12415", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/895164e03a3c327449069e2fd6ced0367561878b3ae6a8ec740c2007%40%3Cuser.tika.apache.org%3E" }, { "name": "[tika-user] 20191106 Re: Is tika-parsers exposed to CVE-2019-12415", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/d88b8823867033514d7ec05d66f88c70dc207604d3dcbd44fd88464c%40%3Cuser.tika.apache.org%3E" }, { "name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://lists.apache.org/thread.html/13a54b6a03369cfb418a699180ffb83bd727320b6ddfec198b9b728e%40%3Cannounce.apache.org%3E" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@apache.org", "ID": "CVE-2019-12415", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Apache POI", "version": { "version_data": [ { "version_value": "Apache POI up to 4.1.0" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an attacker to read files from the local filesystem or from internal network resources via XML External Entity (XXE) Processing." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information Disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "[tika-user] 20191105 Is tika-parsers exposed to CVE-2019-12415", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/2ac0327748de0c2b3c1c012481b79936797c711724e0b7da83cf564c@%3Cuser.tika.apache.org%3E" }, { "name": "[tika-user] 20191105 Re: Is tika-parsers exposed to CVE-2019-12415", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/895164e03a3c327449069e2fd6ced0367561878b3ae6a8ec740c2007@%3Cuser.tika.apache.org%3E" }, { "name": "[tika-user] 20191106 Re: Is tika-parsers exposed to CVE-2019-12415", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/d88b8823867033514d7ec05d66f88c70dc207604d3dcbd44fd88464c@%3Cuser.tika.apache.org%3E" }, { "name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E" }, { "name": "https://www.oracle.com/security-alerts/cpuapr2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "name": "https://www.oracle.com/security-alerts/cpujul2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "name": "https://www.oracle.com/security-alerts/cpujan2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2020.html" }, { "name": "https://lists.apache.org/thread.html/13a54b6a03369cfb418a699180ffb83bd727320b6ddfec198b9b728e@%3Cannounce.apache.org%3E", "refsource": "MISC", "url": "https://lists.apache.org/thread.html/13a54b6a03369cfb418a699180ffb83bd727320b6ddfec198b9b728e@%3Cannounce.apache.org%3E" }, { "name": "https://www.oracle.com/security-alerts/cpuoct2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" }, { "name": "https://www.oracle.com/security-alerts/cpujan2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "name": "https://www.oracle.com/security-alerts/cpuApr2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "name": "https://www.oracle.com//security-alerts/cpujul2021.html", "refsource": "MISC", "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "name": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuoct2021.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2019-12415", "datePublished": "2019-10-23T19:27:20", "dateReserved": "2019-05-28T00:00:00", "dateUpdated": "2024-08-04T23:17:40.071Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-21850
Vulnerability from cvelistv5
Published
2023-01-17 23:35
Modified
2024-09-17 13:53
Severity ?
EPSS score ?
References
▼ | URL | Tags |
---|---|---|
https://www.oracle.com/security-alerts/cpujan2023.html | vendor-advisory |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Oracle Corporation | Demantra Demand Management |
Version: 12.1 Version: 12.2 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T09:51:50.987Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "Oracle Advisory", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2023.html" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-21850", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-17T13:51:35.911117Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-284", "description": "CWE-284 Improper Access Control", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-17T13:53:43.421Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Demantra Demand Management", "vendor": "Oracle Corporation", "versions": [ { "status": "affected", "version": "12.1" }, { "status": "affected", "version": "12.2" } ] } ], "descriptions": [ { "lang": "en-US", "value": "Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain (component: E-Business Collections). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Demantra Demand Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Demantra Demand Management accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Demantra Demand Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Demantra Demand Management accessible data.", "lang": "en-US" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-23T23:37:34.212Z", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "name": "Oracle Advisory", "tags": [ "vendor-advisory" ], "url": "https://www.oracle.com/security-alerts/cpujan2023.html" } ] } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2023-21850", "datePublished": "2023-01-17T23:35:13.302Z", "dateReserved": "2022-12-17T19:26:00.693Z", "dateUpdated": "2024-09-17T13:53:43.421Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-44832
Vulnerability from cvelistv5
Published
2021-12-28 19:35
Modified
2024-08-04 04:32
Severity ?
EPSS score ?
Summary
Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Apache Software Foundation | Apache Log4j2 |
Version: log4j-core < 2.17.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T04:32:13.076Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://issues.apache.org/jira/browse/LOG4J2-3293" }, { "name": "[oss-security] 20211228 CVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2021/12/28/1" }, { "name": "[debian-lts-announce] 20211229 [SECURITY] [DLA 2870-1] apache-log4j2 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf" }, { "name": "FEDORA-2021-c6f471ce0f", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/" }, { "name": "FEDORA-2021-1bd9151bab", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20220104-0001/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Apache Log4j2", "vendor": "Apache Software Foundation", "versions": [ { "changes": [ { "at": "2.13.0", "status": "affected" }, { "at": "2.12.4", "status": "unaffected" }, { "at": "2.4", "status": "affected" }, { "at": "2.3.2", "status": "unaffected" }, { "at": "2.0-beta7", "status": "affected" } ], "lessThan": "2.17.1", "status": "affected", "version": "log4j-core", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2." } ], "metrics": [ { "other": { "content": { "other": "moderate" }, "type": "unknown" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-74", "description": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-07-25T16:41:33", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "name": "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd" }, { "tags": [ "x_refsource_MISC" ], "url": "https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143" }, { "tags": [ "x_refsource_MISC" ], "url": "https://issues.apache.org/jira/browse/LOG4J2-3293" }, { "name": "[oss-security] 20211228 CVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2021/12/28/1" }, { "name": "[debian-lts-announce] 20211229 [SECURITY] [DLA 2870-1] apache-log4j2 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf" }, { "name": "FEDORA-2021-c6f471ce0f", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/" }, { "name": "FEDORA-2021-1bd9151bab", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20220104-0001/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujul2022.html" } ], "source": { "defect": [ "LOG4J2-3293", "" ], "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2021-12-27T00:00:00", "value": "reported" }, { "lang": "en", "time": "2021-12-27T00:00:00", "value": "patch proposed, 2.17.1-rc1" }, { "lang": "en", "time": "2021-12-28T00:00:00", "value": "fixed" }, { "lang": "en", "time": "2021-12-28T00:00:00", "value": "public" } ], "title": "Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration", "x_generator": { "engine": "Vulnogram 0.0.9" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@apache.org", "ID": "CVE-2021-44832", "STATE": "PUBLIC", "TITLE": "Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Apache Log4j2", "version": { "version_data": [ { "version_affected": "\u003c", "version_name": "log4j-core", "version_value": "2.17.1" }, { "version_affected": "\u003e=", "version_name": "log4j-core", "version_value": "2.13.0" }, { "version_affected": "\u003c", "version_name": "log4j-core", "version_value": "2.12.4" }, { "version_affected": "\u003e=", "version_name": "log4j-core", "version_value": "2.4" }, { "version_affected": "\u003c", "version_name": "log4j-core", "version_value": "2.3.2" }, { "version_affected": "\u003e=", "version_name": "log4j-core", "version_value": "2.0-beta7" } ] } } ] }, "vendor_name": "Apache Software Foundation" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2." } ] }, "generator": { "engine": "Vulnogram 0.0.9" }, "impact": [ { "other": "moderate" } ], "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-20 Improper Input Validation" } ] }, { "description": [ { "lang": "eng", "value": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)" } ] } ] }, "references": { "reference_data": [ { "name": "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd" }, { "name": "https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143", "refsource": "MISC", "url": "https://lists.apache.org/thread/s1o5vlo78ypqxnzn6p8zf6t9shtq5143" }, { "name": "https://issues.apache.org/jira/browse/LOG4J2-3293", "refsource": "MISC", "url": "https://issues.apache.org/jira/browse/LOG4J2-3293" }, { "name": "[oss-security] 20211228 CVE-2021-44832: Apache Log4j2 vulnerable to RCE via JDBC Appender when attacker controls configuration", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2021/12/28/1" }, { "name": "[debian-lts-announce] 20211229 [SECURITY] [DLA 2870-1] apache-log4j2 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00036.html" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-784507.pdf" }, { "name": "FEDORA-2021-c6f471ce0f", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVV25FXL4FU5X6X5BSL7RLQ7T6F65MRA/" }, { "name": "FEDORA-2021-1bd9151bab", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T57MPJUW3MA6QGWZRTMCHHMMPQNVKGFC/" }, { "name": "https://www.oracle.com/security-alerts/cpujan2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2022.html" }, { "name": "https://security.netapp.com/advisory/ntap-20220104-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220104-0001/" }, { "name": "https://www.oracle.com/security-alerts/cpuapr2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuapr2022.html" }, { "name": "https://www.oracle.com/security-alerts/cpujul2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2022.html" } ] }, "source": { "defect": [ "LOG4J2-3293", "" ], "discovery": "UNKNOWN" }, "timeline": [ { "lang": "en", "time": "2021-12-27T00:00:00", "value": "reported" }, { "lang": "en", "time": "2021-12-27T00:00:00", "value": "patch proposed, 2.17.1-rc1" }, { "lang": "en", "time": "2021-12-28T00:00:00", "value": "fixed" }, { "lang": "en", "time": "2021-12-28T00:00:00", "value": "public" } ] } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2021-44832", "datePublished": "2021-12-28T19:35:11", "dateReserved": "2021-12-11T00:00:00", "dateUpdated": "2024-08-04T04:32:13.076Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.