Filtered by vendor Apache
Subscribe
Total
1977 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-17517 | 1 Apache | 1 Ozone | 2022-08-05 | 5.0 MEDIUM | 7.5 HIGH |
| The S3 buckets and keys in a secure Apache Ozone Cluster must be inaccessible to anonymous access by default. The current security vulnerability allows access to keys and buckets through a curl command or an unauthenticated HTTP request. This enables unauthorized access to buckets and keys thereby exposing data to anonymous clients or users. This affected Apache Ozone prior to the 1.1.0 release. | |||||
| CVE-2019-9516 | 12 Apache, Apple, Canonical and 9 more | 21 Traffic Server, Mac Os X, Swiftnio and 18 more | 2022-08-05 | 6.8 MEDIUM | 6.5 MEDIUM |
| Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service. The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater headers. Some implementations allocate memory for these headers and keep the allocation alive until the session dies. This can consume excess memory. | |||||
| CVE-2022-36364 | 1 Apache | 1 Apache Calcite Avatica | 2022-08-03 | N/A | 8.8 HIGH |
| Apache Calcite Avatica JDBC driver creates HTTP client instances based on class names provided via `httpclient_impl` connection property; however, the driver does not verify if the class implements the expected interface before instantiating it, which can lead to code execution loaded via arbitrary classes and in rare cases remote code execution. To exploit the vulnerability: 1) the attacker needs to have privileges to control JDBC connection parameters; 2) and there should be a vulnerable class (constructor with URL parameter and ability to execute code) in the classpath. From Apache Calcite Avatica 1.22.0 onwards, it will be verified that the class implements the expected interface before invoking its constructor. | |||||
| CVE-2021-26697 | 1 Apache | 1 Airflow | 2022-08-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| The lineage endpoint of the deprecated Experimental API was not protected by authentication in Airflow 2.0.0. This allowed unauthenticated users to hit that endpoint. This is low-severity issue as the attacker needs to be aware of certain parameters to pass to that endpoint and even after can just get some metadata about a DAG and a Task. This issue affects Apache Airflow 2.0.0. | |||||
| CVE-2022-24294 | 1 Apache | 1 Mxnet | 2022-08-01 | N/A | 7.5 HIGH |
| A regular expression used in Apache MXNet (incubating) is vulnerable to a potential denial-of-service by excessive resource consumption. The bug could be exploited when loading a model in Apache MXNet that has a specially crafted operator name that would cause the regular expression evaluation to use excessive resources to attempt a match. This issue affects Apache MXNet versions prior to 1.9.1. | |||||
| CVE-2021-26118 | 2 Apache, Netapp | 2 Activemq Artemis, Oncommand Workflow Automation | 2022-08-01 | 5.0 MEDIUM | 7.5 HIGH |
| While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in error. | |||||
| CVE-2021-28131 | 1 Apache | 1 Impala | 2022-07-30 | 6.0 MEDIUM | 7.5 HIGH |
| Impala sessions use a 16 byte secret to verify that the session is not being hijacked by another user. However, these secrets appear in the Impala logs, therefore Impala users with access to the logs can use another authenticated user's sessions with specially constructed requests. This means the attacker is able to execute statements for which they don't have the necessary privileges otherwise. Impala deployments with Apache Sentry or Apache Ranger authorization enabled may be vulnerable to privilege escalation if an authenticated attacker is able to hijack a session or query from another authenticated user with privileges not assigned to the attacker. Impala deployments with audit logging enabled may be vulnerable to incorrect audit logging as a user could undertake actions that were logged under the name of a different authenticated user. Constructing an attack requires a high degree of technical sophistication and access to the Impala system as an authenticated user. Mitigation: If an Impala deployment uses Apache Sentry, Apache Ranger or audit logging, then users should upgrade to a version of Impala with the fix for IMPALA-10600. The Impala 4.0 release includes this fix. This hides session secrets from the logs to eliminate the risk of any attack using this mechanism. In lieu of an upgrade, restricting access to logs that expose secrets will reduce the risk of an attack. Restricting access to the Impala deployment to trusted users will also reduce the risk of an attack. Log redaction techniques can be used to redact secrets from the logs. | |||||
| CVE-2020-1946 | 3 Apache, Debian, Fedoraproject | 3 Spamassassin, Debian Linux, Fedora | 2022-07-29 | 10.0 HIGH | 9.8 CRITICAL |
| In Apache SpamAssassin before 3.4.5, malicious rule configuration (.cf) files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA version 3.4.5, users should only use update channels or 3rd party .cf files from trusted places. | |||||
| CVE-2021-28129 | 1 Apache | 1 Openoffice | 2022-07-29 | 4.6 MEDIUM | 7.8 HIGH |
| While working on Apache OpenOffice 4.1.8 a developer discovered that the DEB package did not install using root, but instead used a userid and groupid of 500. This both caused issues with desktop integration and could allow a crafted attack on files owned by that user or group if they exist. Users who installed the Apache OpenOffice 4.1.8 DEB packaging should upgrade to the latest version of Apache OpenOffice. | |||||
| CVE-2019-0219 | 2 Apache, Oracle | 3 Cordova Inappbrowser, Instantis Enterprisetrack, Retail Xstore Point Of Service | 2022-07-25 | 7.5 HIGH | 9.8 CRITICAL |
| A website running in the InAppBrowser webview on Android could execute arbitrary JavaScript in the main application's webview using a specially crafted gap-iab: URI. | |||||
| CVE-2018-1273 | 2 Apache, Pivotal Software | 3 Ignite, Spring Data Commons, Spring Data Rest | 2022-07-25 | 7.5 HIGH | 9.8 CRITICAL |
| Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack. | |||||
| CVE-2021-26291 | 3 Apache, Oracle, Quarkus | 4 Maven, Financial Services Analytical Applications Infrastructure, Goldengate Big Data And Application Adapters and 1 more | 2022-07-25 | 6.4 MEDIUM | 9.1 CRITICAL |
| Apache Maven will follow repositories that are defined in a dependency’s Project Object Model (pom) which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend to be that repository. Maven is changing the default behavior in 3.8.1+ to no longer follow http (non-SSL) repository references by default. More details available in the referenced urls. If you are currently using a repository manager to govern the repositories used by your builds, you are unaffected by the risks present in the legacy behavior, and are unaffected by this vulnerability and change to default behavior. See this link for more information about repository management: https://maven.apache.org/repository-management.html | |||||
| CVE-2020-17521 | 3 Apache, Netapp, Oracle | 20 Atlas, Groovy, Snapcenter and 17 more | 2022-07-25 | 2.1 LOW | 5.5 MEDIUM |
| Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was using a now superseded Java JDK method call that is potentially not secure on some operating systems in some contexts. Users not using the extension methods mentioned in the advisory are not affected, but may wish to read the advisory for further details. Versions Affected: 2.0 to 2.4.20, 2.5.0 to 2.5.13, 3.0.0 to 3.0.6, and 4.0.0-alpha-1. Fixed in versions 2.4.21, 2.5.14, 3.0.7, 4.0.0-alpha-2. | |||||
| CVE-2021-31805 | 1 Apache | 1 Struts | 2022-07-25 | 7.5 HIGH | 9.8 CRITICAL |
| The fix issued for CVE-2020-17530 was incomplete. So from Apache Struts 2.0.0 to 2.5.29, still some of the tag’s attributes could perform a double evaluation if a developer applied forced OGNL evaluation by using the %{...} syntax. Using forced OGNL evaluation on untrusted user input can lead to a Remote Code Execution and security degradation. | |||||
| CVE-2021-30129 | 2 Apache, Oracle | 9 Sshd, Banking Payments, Banking Trade Finance and 6 more | 2022-07-25 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed in Apache Mina SSHD 2.7.0 | |||||
| CVE-2021-31811 | 3 Apache, Fedoraproject, Oracle | 12 Pdfbox, Fedora, Banking Corporate Lending Process Management and 9 more | 2022-07-25 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions. | |||||
| CVE-2019-10082 | 2 Apache, Oracle | 6 Http Server, Communications Element Manager, Enterprise Manager Ops Center and 3 more | 2022-07-25 | 6.4 MEDIUM | 9.1 CRITICAL |
| In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown. | |||||
| CVE-2019-0220 | 5 Apache, Canonical, Debian and 2 more | 5 Http Server, Ubuntu Linux, Debian Linux and 2 more | 2022-07-25 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationMatch and RewriteRule must account for duplicates in regular expressions while other aspects of the servers processing will implicitly collapse them. | |||||
| CVE-2020-11987 | 3 Apache, Fedoraproject, Oracle | 18 Batik, Fedora, Banking Apis and 15 more | 2022-07-25 | 6.4 MEDIUM | 8.2 HIGH |
| Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests. | |||||
| CVE-2018-8032 | 3 Apache, Debian, Oracle | 38 Axis, Debian Linux, Agile Engineering Data Management and 35 more | 2022-07-25 | 4.3 MEDIUM | 6.1 MEDIUM |
| Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services. | |||||