Log

CVE-2019-0215 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Access restriction bypass
Description
+ In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client supporting Post-Handshake Authentication to bypass configured access control restrictions.
References
+ https://httpd.apache.org/security/vulnerabilities_24.html
Notes
CVE-2019-0217 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Access restriction bypass
Description
+ In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions.
References
+ https://httpd.apache.org/security/vulnerabilities_24.html
Notes
CVE-2019-0220 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Remote
Type
+ Access restriction bypass
Description
+ A security issue has been found in Apache HTTPd 2.4.x before 2.4.39. When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing will implicitly collapse them.
References
+ https://httpd.apache.org/security/vulnerabilities_24.html
Notes
CVE-2019-1000019 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Local
Type
+ Information disclosure
Description
+ libarchive version >=v3.0.2 contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a crash (denial of service). This attack appears to be exploitable via the victim opening a specially crafted 7zip file.
References
+ https://github.com/libarchive/libarchive/pull/1120
+ https://github.com/libarchive/libarchive/pull/1120/commits/65a23f5dbee4497064e9bb467f81138a62b0dae1
Notes
CVE-2019-1000020 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Denial of service
Description
+ libarchive version >=v2.8.0 contains a CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ISO9660 parser, archive_read_support_format_iso9660.c, read_CE()/parse_rockridge() that can result in DoS by infinite loop. This attack appears to be exploitable via the victim opening a specially crafted ISO9660 file.
References
+ https://github.com/libarchive/libarchive/pull/1120
+ https://github.com/libarchive/libarchive/pull/1120/commits/8312eaa576014cd9b965012af51bc1f967b12423
Notes
CVE-2019-1003049 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Access restriction bypass
Description
+ A security issue has been found in Jenkins before 2.172, where the fix for SECURITY-901 in Jenkins 2.150.2 and 2.160 did not reject existing remoting-based CLI authentication caches. This means that users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated.
References
+ https://jenkins.io/security/advisory/2019-04-10/
Notes
CVE-2019-1003050 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Cross-site scripting
Description
+ The f:validateButton form control for the Jenkins UI did not properly escape job URLs. This resulted in a cross-site scripting (XSS) vulnerability exploitable by users with the ability to control job names.
References
+ https://jenkins.io/security/advisory/2019-04-10/
Notes
CVE-2019-10063 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Sandbox escape
Description
+ Flatpak before 1.0.8, 1.1.x and 1.2.x before 1.2.4, and 1.3.x before 1.3.1 allows a sandbox bypass. Flatpak versions since 0.8.1 address CVE-2017-5226 by using a seccomp filter to prevent sandboxed apps from using the TIOCSTI ioctl, which could otherwise be used to inject commands into the controlling terminal so that they would be executed outside the sandbox after the sandboxed app exits. This fix was incomplete: on 64-bit platforms, the seccomp filter could be bypassed by an ioctl request number that has TIOCSTI in its 32 least significant bits and an arbitrary nonzero value in its 32 most significant bits, which the Linux kernel would treat as equivalent to TIOCSTI.
References
+ https://github.com/flatpak/flatpak/issues/2782
Notes
CVE-2019-10149 created at 25 Sep 2019 19:31:40
Severity
+ Critical
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ A flaw was found in the way exim validated recipient addresses. A remote attacker could use this flaw to execute arbitrary commands on the exim server with the permissions of the user running the application.
References
+ https://www.exim.org/static/doc/security/CVE-2019-10149.txt
+ https://www.openwall.com/lists/oss-security/2019/06/06/1
+ https://www.openwall.com/lists/oss-security/2019/06/05/4
+ https://www.openwall.com/lists/oss-security/2019/06/05/3
+ https://www.openwall.com/lists/oss-security/2019/06/05/2
Notes
CVE-2019-10181 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Insufficient validation
Description
+ It was found that executable code could be injected in a JAR file without compromising the signature verification. An attacker could use this flaw to inject code in a trusted JAR. The code would be executed inside the sandbox.
References
+ https://marc.info/?l=oss-security&m=156458681628488
+ https://github.com/AdoptOpenJDK/IcedTea-Web/pull/344/commits/2fd1e4b769911f2c6f7f3902f7ea21568ddc2f99
Notes