Filtered by vendor Apache
Subscribe
Total
2295 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-1957 | 2 Apache, Debian | 2 Shiro, Debian Linux | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Apache Shiro before 1.5.2, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass. | |||||
| CVE-2020-1956 | 1 Apache | 1 Kylin | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| Apache Kylin 2.3.0, and releases up to 2.6.5 and 3.0.1 has some restful apis which will concatenate os command with the user input string, a user is likely to be able to execute any os command without any protection or validation. | |||||
| CVE-2020-1955 | 1 Apache | 1 Couchdb | 2024-11-21 | 6.8 MEDIUM | 9.8 CRITICAL |
| CouchDB version 3.0.0 shipped with a new configuration setting that governs access control to the entire database server called `require_valid_user_except_for_up`. It was meant as an extension to the long standing setting `require_valid_user`, which in turn requires that any and all requests to CouchDB will have to be made with valid credentials, effectively forbidding any anonymous requests. The new `require_valid_user_except_for_up` is an off-by-default setting that was meant to allow requiring valid credentials for all endpoints except for the `/_up` endpoint. However, the implementation of this made an error that lead to not enforcing credentials on any endpoint, when enabled. CouchDB versions 3.0.1[1] and 3.1.0[2] fix this issue. | |||||
| CVE-2020-1954 | 3 Apache, Netapp, Oracle | 10 Cxf, Oncommand Workflow Automation, Snapmanager and 7 more | 2024-11-21 | 2.9 LOW | 5.3 MEDIUM |
| Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the ‘createMBServerConnectorFactory‘ property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to a man-in-the-middle (MITM) style attack. An attacker on the same host can connect to the registry and rebind the entry to another server, thus acting as a proxy to the original. They are then able to gain access to all of the information that is sent and received over JMX. | |||||
| CVE-2020-1953 | 2 Apache, Oracle | 3 Commons Configuration, Database Server, Healthcare Foundation | 2024-11-21 | 7.5 HIGH | 10.0 CRITICAL |
| Apache Commons Configuration uses a third-party library to parse YAML files which by default allows the instantiation of classes if the YAML includes special statements. Apache Commons Configuration versions 2.2, 2.3, 2.4, 2.5, 2.6 did not change the default settings of this library. So if a YAML file was loaded from an untrusted source, it could therefore load and execute code out of the control of the host application. | |||||
| CVE-2020-1952 | 1 Apache | 1 Iotdb | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was found in Apache IoTDB .9.0 to 0.9.1 and 0.8.0 to 0.8.2. When starting IoTDB, the JMX port 31999 is exposed with no certification.Then, clients could execute code remotely. | |||||
| CVE-2020-1951 | 4 Apache, Canonical, Debian and 1 more | 6 Tika, Ubuntu Linux, Debian Linux and 3 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| A carefully crafted or corrupt PSD file can cause an infinite loop in Apache Tika's PSDParser in versions 1.0-1.23. | |||||
| CVE-2020-1950 | 4 Apache, Canonical, Debian and 1 more | 6 Tika, Ubuntu Linux, Debian Linux and 3 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| A carefully crafted or corrupt PSD file can cause excessive memory usage in Apache Tika's PSDParser in versions 1.0-1.23. | |||||
| CVE-2020-1949 | 1 Apache | 1 Sling Cms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Scripts in Sling CMS before 0.16.0 do not property escape the Sling Selector from URLs when generating navigational elements for the administrative consoles and are vulnerable to reflected XSS attacks. | |||||
| CVE-2020-1948 | 1 Apache | 1 Dubbo | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| This vulnerability can affect all Dubbo users stay on version 2.7.6 or lower. An attacker can send RPC requests with unrecognized service name or method name along with some malicious parameter payloads. When the malicious parameter is deserialized, it will execute some malicious code. More details can be found below. | |||||
| CVE-2020-1947 | 1 Apache | 1 Shardingsphere | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In Apache ShardingSphere(incubator) 4.0.0-RC3 and 4.0.0, the ShardingSphere's web console uses the SnakeYAML library for parsing YAML inputs to load datasource configuration. SnakeYAML allows to unmarshal data to a Java type By using the YAML tag. Unmarshalling untrusted data can lead to security flaws of RCE. | |||||
| CVE-2020-1946 | 3 Apache, Debian, Fedoraproject | 3 Spamassassin, Debian Linux, Fedora | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In Apache SpamAssassin before 3.4.5, malicious rule configuration (.cf) files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA version 3.4.5, users should only use update channels or 3rd party .cf files from trusted places. | |||||
| CVE-2020-1945 | 5 Apache, Canonical, Fedoraproject and 2 more | 50 Ant, Ubuntu Linux, Fedora and 47 more | 2024-11-21 | 3.3 LOW | 6.3 MEDIUM |
| Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process. | |||||
| CVE-2020-1944 | 2 Apache, Debian | 2 Traffic Server, Debian Linux | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5 with a smuggling attack and Transfer-Encoding and Content length headers. Upgrade to versions 7.1.9 and 8.0.6 or later versions. | |||||
| CVE-2020-1943 | 1 Apache | 1 Ofbiz | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Data sent with contentId to /control/stream is not sanitized, allowing XSS attacks in Apache OFBiz 16.11.01 to 16.11.07. | |||||
| CVE-2020-1942 | 1 Apache | 1 Nifi | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Apache NiFi 0.0.1 to 1.11.0, the flow fingerprint factory generated flow fingerprints which included sensitive property descriptor values. In the event a node attempted to join a cluster and the cluster flow was not inheritable, the flow fingerprint of both the cluster and local flow was printed, potentially containing sensitive values in plaintext. | |||||
| CVE-2020-1941 | 2 Apache, Oracle | 7 Activemq, Communications Diameter Signaling Router, Communications Element Manager and 4 more | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| In Apache ActiveMQ 5.0.0 to 5.15.11, the webconsole admin GUI is open to XSS, in the view that lists the contents of a queue. | |||||
| CVE-2020-1940 | 1 Apache | 1 Jackrabbit Oak | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The optional initial password change and password expiration features present in Apache Jackrabbit Oak 1.2.0 to 1.22.0 are prone to a sensitive information disclosure vulnerability. The code mandates the changed password to be passed as an additional attribute to the credentials object but does not remove it upon processing during the first phase of the authentication. In combination with additional, independent authentication mechanisms, this may lead to the new password being disclosed. | |||||
| CVE-2020-1939 | 1 Apache | 1 Nuttx | 2024-11-21 | 5.1 MEDIUM | 9.8 CRITICAL |
| The Apache NuttX (Incubating) project provides an optional separate "apps" repository which contains various optional components and example programs. One of these, ftpd, had a NULL pointer dereference bug. The NuttX RTOS itself is not affected. Users of the optional apps repository are affected only if they have enabled ftpd. Versions 6.15 to 8.2 are affected. | |||||
| CVE-2020-1938 | 7 Apache, Blackberry, Debian and 4 more | 21 Geode, Tomcat, Good Control and 18 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising. In Apache Tomcat 9.0.0.M1 to 9.0.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99, Tomcat shipped with an AJP Connector enabled by default that listened on all configured IP addresses. It was expected (and recommended in the security guide) that this Connector would be disabled if not required. This vulnerability report identified a mechanism that allowed: - returning arbitrary files from anywhere in the web application - processing any file in the web application as a JSP Further, if the web application allowed file upload and stored those files within the web application (or the attacker was able to control the content of the web application by some other means) then this, along with the ability to process a file as a JSP, made remote code execution possible. It is important to note that mitigation is only required if an AJP port is accessible to untrusted users. Users wishing to take a defence-in-depth approach and block the vector that permits returning arbitrary files and execution as JSP may upgrade to Apache Tomcat 9.0.31, 8.5.51 or 7.0.100 or later. A number of changes were made to the default AJP Connector configuration in 9.0.31 to harden the default configuration. It is likely that users upgrading to 9.0.31, 8.5.51 or 7.0.100 or later will need to make small changes to their configurations. | |||||