Total
68 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-14062 | 4 Debian, Fasterxml, Netapp and 1 more | 13 Debian Linux, Jackson-databind, Active Iq Unified Manager and 10 more | 2024-02-28 | 6.8 MEDIUM | 8.1 HIGH |
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2). | |||||
CVE-2020-14195 | 4 Debian, Fasterxml, Netapp and 1 more | 14 Debian Linux, Jackson-databind, Active Iq Unified Manager and 11 more | 2024-02-28 | 6.8 MEDIUM | 8.1 HIGH |
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity). | |||||
CVE-2020-1941 | 2 Apache, Oracle | 7 Activemq, Communications Diameter Signaling Router, Communications Element Manager and 4 more | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
In Apache ActiveMQ 5.0.0 to 5.15.11, the webconsole admin GUI is open to XSS, in the view that lists the contents of a queue. | |||||
CVE-2020-24616 | 4 Debian, Fasterxml, Netapp and 1 more | 25 Debian Linux, Jackson-databind, Active Iq Unified Manager and 22 more | 2024-02-28 | 6.8 MEDIUM | 8.1 HIGH |
FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP). | |||||
CVE-2020-14060 | 3 Fasterxml, Netapp, Oracle | 12 Jackson-databind, Active Iq Unified Manager, Steelstore Cloud Integrated Storage and 9 more | 2024-02-28 | 6.8 MEDIUM | 8.1 HIGH |
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill). | |||||
CVE-2020-1927 | 8 Apache, Broadcom, Canonical and 5 more | 14 Http Server, Brocade Fabric Operating System, Ubuntu Linux and 11 more | 2024-02-28 | 5.8 MEDIUM | 6.1 MEDIUM |
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL. | |||||
CVE-2020-1934 | 6 Apache, Canonical, Debian and 3 more | 11 Http Server, Ubuntu Linux, Debian Linux and 8 more | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server. | |||||
CVE-2020-14061 | 4 Debian, Fasterxml, Netapp and 1 more | 15 Debian Linux, Jackson-databind, Active Iq Unified Manager and 12 more | 2024-02-28 | 6.8 MEDIUM | 8.1 HIGH |
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms). | |||||
CVE-2020-11655 | 7 Canonical, Debian, Netapp and 4 more | 18 Ubuntu Linux, Debian Linux, Ontap Select Deploy Administration Utility and 15 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled. | |||||
CVE-2020-24750 | 3 Debian, Fasterxml, Oracle | 26 Debian Linux, Jackson-databind, Agile Plm and 23 more | 2024-02-28 | 6.8 MEDIUM | 8.1 HIGH |
FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration. | |||||
CVE-2020-11984 | 7 Apache, Canonical, Debian and 4 more | 13 Http Server, Ubuntu Linux, Debian Linux and 10 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE | |||||
CVE-2020-11023 | 7 Debian, Drupal, Fedoraproject and 4 more | 55 Debian Linux, Drupal, Fedora and 52 more | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0. | |||||
CVE-2019-10082 | 2 Apache, Oracle | 6 Http Server, Communications Element Manager, Enterprise Manager Ops Center and 3 more | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown. | |||||
CVE-2020-5397 | 2 Oracle, Vmware | 27 Application Testing Suite, Communications Brm - Elastic Charging Engine, Communications Diameter Signaling Router and 24 more | 2024-02-28 | 2.6 LOW | 5.3 MEDIUM |
Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module) endpoints. Only non-authenticated endpoints are vulnerable because preflight requests should not include credentials and therefore requests should fail authentication. However a notable exception to this are Chrome based browsers when using client certificates for authentication since Chrome sends TLS client certificates in CORS preflight requests in violation of spec requirements. No HTTP body can be sent or received as a result of this attack. | |||||
CVE-2020-5398 | 3 Netapp, Oracle, Vmware | 33 Data Availability Services, Snapcenter, Application Testing Suite and 30 more | 2024-02-28 | 7.6 HIGH | 7.5 HIGH |
In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input. | |||||
CVE-2019-12423 | 2 Apache, Oracle | 8 Cxf, Commerce Guided Search, Communications Diameter Signaling Router and 5 more | 2024-02-28 | 4.3 MEDIUM | 7.5 HIGH |
Apache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. Typically, the service obtains the public key from a local keystore (JKS/PKCS12) by specifing the path of the keystore and the alias of the keystore entry. This case is not vulnerable. However it is also possible to obtain the keys from a JWK keystore file, by setting the configuration parameter "rs.security.keystore.type" to "jwk". For this case all keys are returned in this file "as is", including all private key and secret key credentials. This is an obvious security risk if the user has configured the signature keystore file with private or secret key credentials. From CXF 3.3.5 and 3.2.12, it is mandatory to specify an alias corresponding to the id of the key in the JWK file, and only this key is returned. In addition, any private key information is omitted by default. "oct" keys, which contain secret keys, are not returned at all. | |||||
CVE-2020-9548 | 4 Debian, Fasterxml, Netapp and 1 more | 25 Debian Linux, Jackson-databind, Active Iq Unified Manager and 22 more | 2024-02-28 | 6.8 MEDIUM | 9.8 CRITICAL |
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core). | |||||
CVE-2020-9546 | 4 Debian, Fasterxml, Netapp and 1 more | 31 Debian Linux, Jackson-databind, Active Iq Unified Manager and 28 more | 2024-02-28 | 6.8 MEDIUM | 9.8 CRITICAL |
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config). | |||||
CVE-2019-17573 | 2 Apache, Oracle | 7 Cxf, Commerce Guided Search, Communications Element Manager and 4 more | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack, which allows a malicious actor to inject javascript into the web page. Please note that the attack exploits a feature which is not typically not present in modern browsers, who remove dot segments before sending the request. However, Mobile applications may be vulnerable. | |||||
CVE-2020-1935 | 6 Apache, Canonical, Debian and 3 more | 20 Tomcat, Ubuntu Linux, Debian Linux and 17 more | 2024-02-28 | 5.8 MEDIUM | 4.8 MEDIUM |
In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely. |