Filtered by vendor Apache
Subscribe
Total
2421 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-1925 | 1 Apache | 1 Olingo | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Apache Olingo versions 4.0.0 to 4.7.0 provide the AsyncRequestWrapperImpl class which reads a URL from the Location header, and then sends a GET or DELETE request to this URL. It may allow to implement a SSRF attack. If an attacker tricks a client to connect to a malicious server, the server can make the client call any URL including internal resources which are not directly accessible by the attacker. | |||||
| CVE-2020-17534 | 1 Apache | 1 Html\/java Api | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
| There exists a race condition between the deletion of the temporary file and the creation of the temporary directory in `webkit` subproject of HTML/Java API version 1.7. A similar vulnerability has recently been disclosed in other Java projects and the fix in HTML/Java API version 1.7.1 follows theirs: To avoid local privilege escalation version 1.7.1 creates the temporary directory atomically without dealing with the temporary file: https://github.com/apache/netbeans-html4j/commit/fa70e507e5555e1adb4f6518479fc408a7abd0e6 | |||||
| CVE-2020-17533 | 1 Apache | 1 Accumulo | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the 'canFlush' and 'canPerformSystemActions' security functions are not checked in some instances, therefore allowing an authenticated user with insufficient permissions to perform the following actions: flushing a table, shutting down Accumulo or an individual tablet server, and setting or removing system-wide Accumulo configuration properties. | |||||
| CVE-2020-17532 | 1 Apache | 1 Java Chassis | 2024-11-21 | 6.0 MEDIUM | 8.8 HIGH |
| When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. The problem happens in versions between 2.0.0 ~ 2.1.3 and fixed in Apache ServiceComb-Java-Chassis 2.1.5 | |||||
| CVE-2020-17531 | 1 Apache | 1 Tapestry | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A Java Serialization vulnerability was found in Apache Tapestry 4. Apache Tapestry 4 will attempt to deserialize the "sp" parameter even before invoking the page's validate method, leading to deserialization without authentication. Apache Tapestry 4 reached end of life in 2008 and no update to address this issue will be released. Apache Tapestry 5 versions are not vulnerable to this issue. Users of Apache Tapestry 4 should upgrade to the latest Apache Tapestry 5 version. | |||||
| CVE-2020-17529 | 1 Apache | 1 Nuttx | 2024-11-21 | 6.8 MEDIUM | 9.8 CRITICAL |
| Out-of-bounds Write vulnerability in TCP Stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying and invalid fragmentation offset value specified in the IP header. This is only impacts builds with both CONFIG_EXPERIMENTAL and CONFIG_NET_TCP_REASSEMBLY build flags enabled. | |||||
| CVE-2020-17528 | 1 Apache | 1 Nuttx | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| Out-of-bounds Write vulnerability in TCP stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying arbitrary urgent data pointer offsets within TCP packets including beyond the length of the packet. | |||||
| CVE-2020-17527 | 4 Apache, Debian, Netapp and 1 more | 12 Tomcat, Debian Linux, Element Plug-in and 9 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this would most likely lead to an error and the closure of the HTTP/2 connection, it is possible that information could leak between requests. | |||||
| CVE-2020-17526 | 1 Apache | 1 Airflow | 2024-11-21 | 3.5 LOW | 7.7 HIGH |
| Incorrect Session Validation in Apache Airflow Webserver versions prior to 1.10.14 with default config allows a malicious airflow user on site A where they log in normally, to access unauthorized Airflow Webserver on Site B through the session from Site A. This does not affect users who have changed the default value for `[webserver] secret_key` config. | |||||
| CVE-2020-17525 | 2 Apache, Debian | 2 Subversion, Debian Linux | 2024-11-21 | 4.3 MEDIUM | 7.5 HIGH |
| Subversion's mod_authz_svn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. This can lead to disruption for users of the service. This issue was fixed in mod_dav_svn+mod_authz_svn servers 1.14.1 and mod_dav_svn+mod_authz_svn servers 1.10.7 | |||||
| CVE-2020-17523 | 1 Apache | 1 Shiro | 2024-11-21 | 9.0 HIGH | 9.8 CRITICAL |
| Apache Shiro before 1.7.1, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass. | |||||
| CVE-2020-17522 | 1 Apache | 1 Traffic Control | 2024-11-21 | 5.0 MEDIUM | 5.8 MEDIUM |
| When ORT (now via atstccfg) generates ip_allow.config files in Apache Traffic Control 3.0.0 to 3.1.0 and 4.0.0 to 4.1.0, those files include permissions that allow bad actors to push arbitrary content into and remove arbitrary content from CDN cache servers. Additionally, these permissions are potentially extended to IP addresses outside the desired range, resulting in them being granted to clients possibly outside the CDN arcitechture. | |||||
| CVE-2020-17521 | 3 Apache, Netapp, Oracle | 21 Atlas, Groovy, Snapcenter and 18 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was using a now superseded Java JDK method call that is potentially not secure on some operating systems in some contexts. Users not using the extension methods mentioned in the advisory are not affected, but may wish to read the advisory for further details. Versions Affected: 2.0 to 2.4.20, 2.5.0 to 2.5.13, 3.0.0 to 3.0.6, and 4.0.0-alpha-1. Fixed in versions 2.4.21, 2.5.14, 3.0.7, 4.0.0-alpha-2. | |||||
| CVE-2020-17520 | 1 Apache | 1 Pulsar Manager | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| In the Pulsar manager 0.1.0 version, malicious users will be able to bypass pulsar-manager's admin, permission verification mechanism by constructing special URLs, thereby accessing any HTTP API. | |||||
| CVE-2020-17518 | 1 Apache | 1 Flink | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system, through a maliciously modified HTTP HEADER. The files can be written to any location accessible by Flink 1.5.1. All users should upgrade to Flink 1.11.3 or 1.12.0 if their Flink instance(s) are exposed. The issue was fixed in commit a5264a6f41524afe8ceadf1d8ddc8c80f323ebc4 from apache/flink:master. | |||||
| CVE-2020-17517 | 1 Apache | 1 Ozone | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The S3 buckets and keys in a secure Apache Ozone Cluster must be inaccessible to anonymous access by default. The current security vulnerability allows access to keys and buckets through a curl command or an unauthenticated HTTP request. This enables unauthorized access to buckets and keys thereby exposing data to anonymous clients or users. This affected Apache Ozone prior to the 1.1.0 release. | |||||
| CVE-2020-17516 | 1 Apache | 1 Cassandra | 2024-11-21 | 4.3 MEDIUM | 7.5 HIGH |
| Apache Cassandra versions 2.1.0 to 2.1.22, 2.2.0 to 2.2.19, 3.0.0 to 3.0.23, and 3.11.0 to 3.11.9, when using 'dc' or 'rack' internode_encryption setting, allows both encrypted and unencrypted internode connections. A misconfigured node or a malicious user can use the unencrypted connection despite not being in the same rack or dc, and bypass mutual TLS requirement. | |||||
| CVE-2020-17515 | 1 Apache | 1 Airflow | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit. This issue affects Apache Airflow versions prior to 1.10.13. This is same as CVE-2020-13944 but the implemented fix in Airflow 1.10.13 did not fix the issue completely. | |||||
| CVE-2020-17514 | 1 Apache | 1 Fineract | 2024-11-21 | 5.8 MEDIUM | 7.4 HIGH |
| Apache Fineract prior to 1.5.0 disables HTTPS hostname verification in ProcessorHelper in the configureClient method. Under typical deployments, a man in the middle attack could be successful. | |||||
| CVE-2020-17513 | 1 Apache | 1 Airflow | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Apache Airflow versions prior to 1.10.13, the Charts and Query View of the old (Flask-admin based) UI were vulnerable for SSRF attack. | |||||