The RPC protocol implementation in Apache Hadoop 2.x before 2.0.6-alpha, 0.23.x before 0.23.9, and 1.x before 1.2.1, when the Kerberos security features are enabled, allows man-in-the-middle attackers to disable bidirectional authentication and obtain …
[cryptography] Improper input validation in cryptography
HKDF in cryptography before 1.5.3 returns an empty byte-string if used with a length less than algorithm.digest_size.
References
https://nvd.nist.gov/vuln/detail/CVE-2016-9243
https://github.com/pyca/cryptography/issues/3211
https://github.com/pyca/cr…
[org.jboss.resteasy:resteasy-client] JacksonJsonpInterceptor susceptible to cross-site script inclusion (XSSI) attack
JacksonJsonpInterceptor in RESTEasy might allow remote attackers to conduct a cross-site script inclusion (XSSI) attack.
References
https://nvd.nist.gov/vuln/detail/CVE-2016-6348
https://bugzilla.redhat.com/show_bug.cgi?id=1372129
https://github.com/a…
[org.apache.tomcat:tomcat] Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive reque…
[Pygments] Command Injection in Pygments
The FontManager._get_nix_font_path function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a font name.
References
https://nvd.nist.gov/vuln/detail/CVE-2015-8557
h…
[Nancy] Deserialization of Untrusted Data in NancyFX Nancy
Csrf.cs in NancyFX Nancy before 1.4.4 and 2.x before 2.0-dangermouse has Remote Code Execution via Deserialization of JSON data in a CSRF Cookie.
References
https://nvd.nist.gov/vuln/detail/CVE-2017-9785
https://github.com/NancyFx/Nancy/releases/tag/v…
[org.jenkins-ci.main:jenkins-core] Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
The re-key admin monitor was introduced in Jenkins 1.498 and re-encrypted all secrets in JENKINS_HOME with a new key. It also created a backup directory with all old secrets, and the key used to encrypt them. These backups were world-readable and not r…
[org.apache.commons:commons-email] Improper Input Validation in Apache Commons Email
When a call-site passes a subject for an email that contains line-breaks in Apache Commons Email 1.0 through 1.4, the caller can add arbitrary SMTP headers.
References
https://nvd.nist.gov/vuln/detail/CVE-2017-9801
https://lists.apache.org/thread.html…
[openpgp] OpenPGP 1.2.0 and earlier decrypts arbitrary messages
s2k.js in OpenPGP.js will decrypt arbitrary messages regardless of passphrase for crafted PGP keys which allows remote attackers to bypass authentication if message decryption is used as an authentication mechanism via a crafted symmetrically encrypted…
[com.google.gwt:gwt] Improper Neutralization of Input During Web Page Generation in Google Web Toolkit
Multiple cross-site scripting (XSS) vulnerabilities in the JUnit files in the GWTTestCase in Google Web Toolkit (GWT) before 2.5.1 RC1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
https://nvd.nist.g…