An information leak vulnerability was found in Undertow. If all headers are not written out in the first write() call then the code that handles flushing the buffer will always write out the full contents of the writevBuffer buffer, which may contain d…
[com.ning:async-http-client] Insufficient Verification of Data Authenticity in Async Http Client
main/java/com/ning/http/client/AsyncHttpClientConfig.java in Async Http Client (aka AHC or async-http-client) before 1.9.0 does not require a hostname match during verification of X.509 certificates, which allows man-in-the-middle attackers to spoof HT…
[com.ning:async-http-client] Insufficient Verification of Data Authenticity in Async Http Client
Async Http Client (aka AHC or async-http-client) before 1.9.0 skips X.509 certificate verification unless both a keyStore location and a trustStore location are explicitly set, which allows man-in-the-middle attackers to spoof HTTPS servers by presenti…
[org.springframework.amqp:spring-amqp] Improper Authentication in Pivotal Spring-LDAP
In Pivotal Spring-LDAP versions 1.3.0 – 2.3.1, when connected to some LDAP servers, when no additional attributes are bound, and when using LDAP BindAuthenticator with org.springframework.ldap.core.support.DefaultTlsDirContextAuthenticationStrategy as …
[pip] Improper Input Validation in pip
pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a “pip install” operation.
R…
[pip] Improper Link Resolution Before File Access in pip
pip before 1.3 allows local users to overwrite arbitrary files via a symlink attack on a file in the /tmp/pip-build temporary directory.
References
https://nvd.nist.gov/vuln/detail/CVE-2013-1888
https://github.com/pypa/pip/issues/725
https://github.co…
[urllib3] Improper Neutralization of CRLF Sequences in urllib3 library for Python
In the urllib3 library through 1.24.2 for Python, CRLF injection is possible if the attacker controls the request parameter.
References
https://nvd.nist.gov/vuln/detail/CVE-2019-11236
https://github.com/urllib3/urllib3/issues/1553
https://access.redha…
[org.apache.cxf:cxf] Improper Authentication in Apache CXF
Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before 2.6.1, does not properly enforce child policies of a WS-SecurityPolicy 1.1 SupportingToken policy on the client side, which allows remote attackers to bypass the (1) AlgorithmSuite, …
[org.apache.cxf:cxf] Improper Authentication in Apache CXF
The WS-SP UsernameToken policy in Apache CXF 2.4.5 and 2.5.1 allows remote attackers to bypass authentication by sending an empty UsernameToken as part of a SOAP request.
References
https://nvd.nist.gov/vuln/detail/CVE-2012-0803
https://lists.apache.o…
[org.apache.cxf:cxf] XML Signature/Encryption Not Validated in Apache CXF
Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element is signed or encrypted, which has unspecified impact …