VARIoT IoT vulnerabilities database

Affected products: vendor, model and version
CWE format is 'CWE-number'. Threat type can be: remote or local
Look up free text in title and description

VAR-202004-1654 CVE-2018-21208 plural NETGEAR Injection vulnerabilities in devices CVSS V2: 5.8
CVSS V3: 8.8
Severity: HIGH
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects D6100 before 1.0.0.57, R6100 before 1.0.1.20, R7500v2 before 1.0.3.24, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50. plural NETGEAR A device contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R7500, etc. are all products of NETGEAR. NETGEAR R7500 is a wireless router. NETGEAR D6100 is a wireless modem. NETGEAR R6100 is a wireless router. Injection vulnerabilities exist in many NETGEAR products. The vulnerability stems from the fact that the network system or product lacks the correct verification of the user input data during the operation process of the user inputting the construction command, data structure or record, and the special elements are not filtered or correctly filtered, resulting in the analysis or analysis of the system or product. The explanation is wrong. No detailed vulnerability details are currently provided. This affects D6100 prior to 1.0.0.57, R6100 prior to 1.0.1.20, R7500v2 prior to 1.0.3.24, WNDR4300v2 prior to 1.0.0.50, and WNDR4500v3 prior to 1.0.0.50
VAR-202004-2166 CVE-2020-8487 ABB System 800xA Base Vulnerability in CVSS V2: 4.6
CVSS V3: 7.8
Severity: HIGH
Insufficient protection of the inter-process communication functions in ABB System 800xA Base (all published versions) enables an attacker authenticated on the local system to inject data, affect node redundancy handling. ABB System 800xA Base There is an unspecified vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. ABB System 800xA Base is a set of distributed control system for industrial control industry of Swiss ABB company. ABB System 800xA Base (all versions) has a vulnerability in permissions and access control issues
VAR-202004-1663 CVE-2018-21217 plural NETGEAR Classic buffer overflow vulnerability in the product CVSS V2: 5.8
CVSS V3: 8.8
Severity: HIGH
Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, and R6100 before 1.0.1.20. plural NETGEAR The product contains a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D3600, etc. are all products of NETGEAR. NETGEAR D3600 is a wireless modem. NETGEAR D6100 is a wireless modem. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. This affects D3600 prior to 1.0.0.67, D6000 prior to 1.0.0.67, D6100 prior to 1.0.0.56, and R6100 prior to 1.0.1.20
VAR-202004-1710 CVE-2018-21199 plural NETGEAR Out-of-bounds write vulnerabilities in devices CVSS V2: 5.2
CVSS V3: 6.8
Severity: MEDIUM
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.30, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, and WNDR4300 before 1.0.2.98. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D7800 prior to 1.0.1.30, R6100 prior to 1.0.1.22, R7500 prior to 1.0.0.122, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, and WNDR4300 prior to 1.0.2.98
VAR-202004-1692 CVE-2018-21181 plural NETGEAR Out-of-bounds write vulnerabilities in devices CVSS V2: 6.5
CVSS V3: 7.2
Severity: HIGH
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.28, EX2700 before 1.0.1.32, EX6200v2 before 1.0.1.56, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.3.6, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.52, WN3100RPv2 before 1.0.0.42, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R7800, etc. are all products of NETGEAR. NETGEAR R7800 is a wireless router. NETGEAR D7800 is a wireless modem. NETGEAR EX2700 is a wireless network signal extender. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects D7800 prior to 1.0.1.28, EX2700 prior to 1.0.1.32, EX6200v2 prior to 1.0.1.56, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.3.6, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.52, WN3100RPv2 prior to 1.0.0.42, WNDR3700v4 prior to 1.0.2.92, WNDR4300 prior to 1.0.2.94, WNDR4300v2 prior to 1.0.0.50, WNDR4500v3 prior to 1.0.0.50, and WNR2000v5 prior to 1.0.0.62
VAR-202004-1717 CVE-2018-21206 plural NETGEAR Out-of-bounds write vulnerabilities in devices CVSS V2: 5.8
CVSS V3: 8.8
Severity: HIGH
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D7800 before 1.0.1.30, EX2700 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, WN3100RPv2 before 1.0.0.56, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR WNDR3700 is a wireless router. NETGEAR R6100 is a wireless router. The vulnerability stems from the fact that when the network system or product performs operations on the memory, the data boundary is not correctly verified, resulting in incorrect read and write operations to other associated memory locations. Attackers can use this vulnerability to cause buffer overflow or heap overflow. This affects D7800 prior to 1.0.1.30, EX2700 prior to 1.0.1.28, R6100 prior to 1.0.1.20, R7500 prior to 1.0.0.118, R7500v2 prior to 1.0.3.24, R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WN2000RPTv3 prior to 1.0.1.20, WN3000RPv3 prior to 1.0.2.50, WN3100RPv2 prior to 1.0.0.56, WNDR3700v4 prior to 1.0.2.96, WNDR4300 prior to 1.0.2.98, WNDR4300v2 prior to 1.0.0.50, and WNDR4500v3 prior to 1.0.0.50
VAR-202004-1693 CVE-2018-21182 plural NETGEAR Out-of-bounds write vulnerabilities in devices CVSS V2: 5.2
CVSS V3: 6.8
Severity: MEDIUM
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, and WNDR4300 before 1.0.2.94. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R9000 is a wireless router of NETGEAR. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. The attacker The vulnerability can be exploited to cause buffer overflow or heap overflow. This affects R7800 prior to 1.0.2.40, R9000 prior to 1.0.2.52, WNDR3700v4 prior to 1.0.2.92, and WNDR4300 prior to 1.0.2.94
VAR-202004-2170 CVE-2020-8471 plural ABB Inappropriate default permissions in the product CVSS V2: 4.6
CVSS V3: 7.8
Severity: HIGH
For the Central Licensing Server component used in ABB products ABB Ability™ System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability™ System 800xA/ Advant® OCS Control Builder A 1.3 and 1.4, Advant® OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, weak file permissions allow an authenticated attacker to block the license handling, escalate his/her privileges and execute arbitrary code. plural ABB The product contains a vulnerability related to improper default permissions.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. ABB Ability System 800xA and so on are the products of Swiss ABB (ABB) company. ABB Ability System 800xA is a distributed control system for industrial control industry. ABB Compact HMI is a monitoring and data acquisition system. ABB Control Builder Safe is an engineering tool for configuring and downloading the AC 800M High Integrity safety application. Central Licensing Server is one of the license servers. An input validation error vulnerability exists in the Central Licensing Server component of several ABB products. An attacker could exploit this vulnerability to block license processing, escalate privileges, and execute arbitrary code
VAR-202004-0530 CVE-2020-12243 OpenLDAP Resource Management Error Vulnerability CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). The filter.c file of slapd in versions earlier than OpenLDAP 2.4.50 has a security vulnerability. For the oldstable distribution (stretch), this problem has been fixed in version 2.4.44+dfsg-5+deb9u4. For the stable distribution (buster), this problem has been fixed in version 2.4.47+dfsg-3+deb10u2. We recommend that you upgrade your openldap packages. For the detailed security status of openldap please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openldap Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl6ofsxfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Qx4Q//dOnPiP6bKHrFUFtyv59tV5Zpa1jJ6BmIr3/5ueODnBu8MHLJw8503zLJ I43LDTzvGkXrxy0Y28YC5Qpv1oHW3gvPzFsTrn2DObeUnHlKOOUsyzz3saHXyyzQ ki+2UGsUXydSazDMeJzcoMfRdVpCtjc+GNTb/y7nxgwoKrz/WJplGstp2ibd8ftv Ju4uT8VJZcC3IEGhkYXJ7TENlegOK2FCewYMZARrNT/tjIDyAqfKi2muCg7oadx/ 5WZGLW7Pdw25jFknVy/Y7fEyJDWQdPH7NchK5tZy6D1lWQh67GcvJFSo5HICwb+n FilP29mIBbS96JQq6u5jWWMpAD6RPCtIltak4QdYptjdrQnTDFy3RJSTdZeis8ty HKwYJgNzVG6SCy04t3D+zeMbgEZOvj6GWrURQUqZJQmc4V9l89E0/D7zV3AX9Q9v 0hKEtpc//bZrS71QVqJvkWvrgfutB72Vnqfull+DBxvt33ma5W2il6kxGMwJK3S9 0lk60dzEDCdYp8TE61y8N4z+2IB/Otg9Ni2I8pmaE5s1/ZUva+8GhSjbmGyIhbpk p55kTiZUgpmu6EK2Kvjkh9rMlaa1IHXL8tdrbo8pRVtQHlA8/HUgoGiUHuX1h+Kw LZVjIV/L4qOFQ54uMbSscZgMEvhfW00fe3o2zI8WQZ9IPCQ3oRg= =K3JD -----END PGP SIGNATURE----- . ========================================================================= Ubuntu Security Notice USN-4352-2 May 06, 2020 openldap vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 ESM - Ubuntu 12.04 ESM Summary: OpenLDAP could be made to crash if it received specially crafted network traffic. Software Description: - openldap: Lightweight Directory Access Protocol Details: USN-4352-1 fixed a vulnerability in OpenLDAP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that OpenLDAP incorrectly handled certain queries. A remote attacker could possibly use this issue to cause OpenLDAP to consume resources, resulting in a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: slapd 2.4.31-1+nmu2ubuntu8.5+esm2 Ubuntu 12.04 ESM: slapd 2.4.28-1.1ubuntu4.10 In general, a standard system update will make all the necessary changes. Bug Fix(es): * Gather image registry config (backport to 4.3) (BZ#1836815) * Builds fail after running postCommit script if OCP cluster is configured with a container registry whitelist (BZ#1849176) * Login with OpenShift not working after cluster upgrade (BZ#1852429) * Limit the size of gathered federated metrics from alerts in Insights Operator (BZ#1874018) * [4.3] Storage operator stops reconciling when going Upgradeable=False on v1alpha1 CRDs (BZ#1879110) * [release 4.3] OpenShift APIs become unavailable for more than 15 minutes after one of master nodes went down(OAuth) (BZ#1880293) You may download the oc tool and use it to inspect release image metadata as follows: (For x86_64 architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.3.40-x86_64 The image digest is sha256:9ff90174a170379e90a9ead6e0d8cf6f439004191f80762764a5ca3dbaab01dc (For s390x architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.3.40-s390x The image digest is sha256:605ddde0442e604cfe2d6bd1541ce48df5956fe626edf9cc95b1fca75d231b64 (For ppc64le architecture) $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.3.40-ppc64le The image digest is sha256:d3c9e391c145338eae3feb7f6a4e487dadc8139a353117d642fe686d277bcccc 3. Solution: For OpenShift Container Platform 4.3 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-rel ease-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.3/updating/updating-cluster - -cli.html. Bugs fixed (https://bugzilla.redhat.com/): 1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic 1836815 - Gather image registry config (backport to 4.3) 1849176 - Builds fail after running postCommit script if OCP cluster is configured with a container registry whitelist 1874018 - Limit the size of gathered federated metrics from alerts in Insights Operator 1874399 - [DR] etcd-member-recover.sh fails to pull image with unauthorized 1879110 - [4.3] Storage operator stops reconciling when going Upgradeable=False on v1alpha1 CRDs 5. Solution: For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/ index.html 4. Bugs fixed (https://bugzilla.redhat.com/): 1790277 - CVE-2019-20372 nginx: HTTP request smuggling in configurations with URL redirect used as error_page 1828406 - CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method 1850004 - CVE-2020-11023 jquery: Passing HTML containing <option> elements to manipulation methods could result in untrusted code execution 1911314 - CVE-2020-35678 python-autobahn: allows redirect header injection 1928847 - CVE-2021-20253 ansible-tower: Privilege escalation via job isolation escape 5. Ansible Automation Platform manages Ansible Platform jobs and workflows that can interface with any infrastructure on a Red Hat OpenShift Container Platform cluster, or on a traditional infrastructure that is running off-cluster. Bugs fixed (https://bugzilla.redhat.com/): 1914774 - CVE-2021-20178 ansible: user data leak in snmp_facts module 1915808 - CVE-2021-20180 ansible module: bitbucket_pipeline_variable exposes secured values 1916813 - CVE-2021-20191 ansible: multiple modules expose secured values 1925002 - CVE-2021-20228 ansible: basic.py no_log with fallback option 1939349 - CVE-2021-3447 ansible: multiple modules expose secured values 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat 3scale API Management 2.10.0 security update and release Advisory ID: RHSA-2021:1129-01 Product: 3scale API Management Advisory URL: https://access.redhat.com/errata/RHSA-2021:1129 Issue date: 2021-04-07 CVE Names: CVE-2018-20843 CVE-2019-5094 CVE-2019-5188 CVE-2019-11719 CVE-2019-11727 CVE-2019-11756 CVE-2019-12749 CVE-2019-14866 CVE-2019-15903 CVE-2019-17006 CVE-2019-17023 CVE-2019-17498 CVE-2019-19126 CVE-2019-19532 CVE-2019-19956 CVE-2019-20388 CVE-2019-20907 CVE-2020-0427 CVE-2020-1971 CVE-2020-6829 CVE-2020-7053 CVE-2020-7595 CVE-2020-8177 CVE-2020-9283 CVE-2020-12243 CVE-2020-12400 CVE-2020-12401 CVE-2020-12402 CVE-2020-12403 CVE-2020-12723 CVE-2020-14040 CVE-2020-14351 CVE-2020-25211 CVE-2020-25645 CVE-2020-25656 CVE-2020-25705 CVE-2020-28374 CVE-2020-29661 CVE-2021-20265 ===================================================================== 1. Summary: A security update for Red Hat 3scale API Management Platform is now available from the Red Hat Container Catalog. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat 3scale API Management delivers centralized API management features through a distributed, cloud-hosted layer. It includes built-in features to help in building a more successful API program, including access control, rate limits, payment gateway integration, and developer experience tools. This advisory is intended to use with container images for Red Hat 3scale API Management 2.10.0. Security Fix(es): * golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283) * golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 3. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/documentation/en-us/red_hat_3scale_api_management /2.10/html-single/installing_3scale/index 4. Bugs fixed (https://bugzilla.redhat.com/): 1804533 - CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic 1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash 5. References: https://access.redhat.com/security/cve/CVE-2018-20843 https://access.redhat.com/security/cve/CVE-2019-5094 https://access.redhat.com/security/cve/CVE-2019-5188 https://access.redhat.com/security/cve/CVE-2019-11719 https://access.redhat.com/security/cve/CVE-2019-11727 https://access.redhat.com/security/cve/CVE-2019-11756 https://access.redhat.com/security/cve/CVE-2019-12749 https://access.redhat.com/security/cve/CVE-2019-14866 https://access.redhat.com/security/cve/CVE-2019-15903 https://access.redhat.com/security/cve/CVE-2019-17006 https://access.redhat.com/security/cve/CVE-2019-17023 https://access.redhat.com/security/cve/CVE-2019-17498 https://access.redhat.com/security/cve/CVE-2019-19126 https://access.redhat.com/security/cve/CVE-2019-19532 https://access.redhat.com/security/cve/CVE-2019-19956 https://access.redhat.com/security/cve/CVE-2019-20388 https://access.redhat.com/security/cve/CVE-2019-20907 https://access.redhat.com/security/cve/CVE-2020-0427 https://access.redhat.com/security/cve/CVE-2020-1971 https://access.redhat.com/security/cve/CVE-2020-6829 https://access.redhat.com/security/cve/CVE-2020-7053 https://access.redhat.com/security/cve/CVE-2020-7595 https://access.redhat.com/security/cve/CVE-2020-8177 https://access.redhat.com/security/cve/CVE-2020-9283 https://access.redhat.com/security/cve/CVE-2020-12243 https://access.redhat.com/security/cve/CVE-2020-12400 https://access.redhat.com/security/cve/CVE-2020-12401 https://access.redhat.com/security/cve/CVE-2020-12402 https://access.redhat.com/security/cve/CVE-2020-12403 https://access.redhat.com/security/cve/CVE-2020-12723 https://access.redhat.com/security/cve/CVE-2020-14040 https://access.redhat.com/security/cve/CVE-2020-14351 https://access.redhat.com/security/cve/CVE-2020-25211 https://access.redhat.com/security/cve/CVE-2020-25645 https://access.redhat.com/security/cve/CVE-2020-25656 https://access.redhat.com/security/cve/CVE-2020-25705 https://access.redhat.com/security/cve/CVE-2020-28374 https://access.redhat.com/security/cve/CVE-2020-29661 https://access.redhat.com/security/cve/CVE-2021-20265 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_3scale_api_management/2.10/html-single/installing_3scale/index 6. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYG71etzjgjWX9erEAQjNixAAhj8zh6eSiTxd4KgsaKl8WPwqE4xxDh1f 0UZ8n0GcAAedgOaSxFFc81Khc40Ki/AgUBNscwdLKVrlqDcBHStpQIAhThzIqtfq OAirtdRE/HOC9TjcR4OV5TTdjGt8A9oZh34OHidQQQEsxHF26BPJ9IdGDV6BGdVi EQZFcZUFYLgLqca1AcFTC46+SqK1J4Gn6cp7fQ5GOTc6umUQqzU4xk9WFcAcjNWg v1Fo1ZYiil3BMJC3hQmwXm2HCpoq+Ckri3BrRHsCk2CwxJgAZcgDqxUXkD/4B5OE j9wswGPziSY0DE+vqR5CK393ZT0WrLj+xUgVnn5cd8XyAroybSVgjJ4lKXyyzCQY TS3an5vcxZJZK9DfLV/xWt+aOuQ1JIz3FIFQgSHgWqlfszptg2bn4GW2D05VmEV7 NwEma9bjWG6Tr2eyUqNmddVFIlEN+VoGZMBgiKLj5pUFe+Zlp5T76jIXntPdOVgX nKsil2BMrponU2iIMi7Lkp0yRUKPv8uTTZvfYqtM56U6PXygzC6y+80kfHm6YwRI NHS7zFxxmsi3Vqo2iN4SfOM75oekIsEjt0s+AD/G+/Jc/2MLa8lMUKpWuutrDzrE s0gqHMQek8Oj/F1PFoQsSg5K5vwjwqM7NCY6VOQ14YtZeFcfasOemSehzotlOm2e ifeFFW4W/6s= =Uuda -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Description: Red Hat OpenShift Do (odo) is a simple CLI tool for developers to create, build, and deploy applications on OpenShift. The odo tool is completely client-based and requires no server within the OpenShift cluster for deployment. It detects changes to local code and deploys it to the cluster automatically, giving instant feedback to validate changes in real-time. It supports multiple programming languages and frameworks. The advisory addresses the following issues: * Re-release of odo-init-image 1.1.3 for security updates 3. Solution: Download and install a new CLI binary by following the instructions linked from the References section. Bugs fixed (https://bugzilla.redhat.com/): 1832983 - Release of 1.1.3 odo-init-image 5
VAR-202005-0617 CVE-2020-1631 Juniper Networks Junos OS Past Traversal Vulnerability in CVSS V2: 6.8
CVSS V3: 9.8
Severity: CRITICAL
A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning (ZTP) allows an unauthenticated attacker to perform local file inclusion (LFI) or path traversal. Using this vulnerability, an attacker may be able to inject commands into the httpd.log, read files with 'world' readable permission file or obtain J-Web session tokens. In the case of command injection, as the HTTP service runs as user 'nobody', the impact of this command injection is limited. (CVSS score 5.3, vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) In the case of reading files with 'world' readable permission, in Junos OS 19.3R1 and above, the unauthenticated attacker would be able to read the configuration file. (CVSS score 5.9, vector CVSS:3.1/ AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) If J-Web is enabled, the attacker could gain the same level of access of anyone actively logged into J-Web. If an administrator is logged in, the attacker could gain administrator access to J-Web. (CVSS score 8.8, vector CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) This issue only affects Juniper Networks Junos OS devices with HTTP/HTTPS services enabled. Junos OS devices with HTTP/HTTPS services disabled are not affected. If HTTP/HTTPS services are enabled, the following command will show the httpd processes: user@device> show system processes | match http 5260 - S 0:00.13 /usr/sbin/httpd-gk -N 5797 - I 0:00.10 /usr/sbin/httpd --config /jail/var/etc/httpd.conf To summarize: If HTTP/HTTPS services are disabled, there is no impact from this vulnerability. If HTTP/HTTPS services are enabled and J-Web is not in use, this vulnerability has a CVSS score of 5.9 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N). If J-Web is enabled, this vulnerability has a CVSS score of 8.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). Juniper SIRT has received a single report of this vulnerability being exploited in the wild. Out of an abundance of caution, we are notifying customers so they can take appropriate actions. Indicators of Compromise: The /var/log/httpd.log may have indicators that commands have injected or files being accessed. The device administrator can look for these indicators by searching for the string patterns "=*;*&" or "*%3b*&" in /var/log/httpd.log, using the following command: user@device> show log httpd.log | match "=*;*&|=*%3b*&" If this command returns any output, it might be an indication of malicious attempts or simply scanning activities. Rotated logs should also be reviewed, using the following command: user@device> show log httpd.log.0.gz | match "=*;*&|=*%3b*&" user@device> show log httpd.log.1.gz | match "=*;*&|=*%3b*&" Note that a skilled attacker would likely remove these entries from the local log file, thus effectively eliminating any reliable signature that the device had been attacked. This issue affects Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S16; 12.3X48 versions prior to 12.3X48-D101, 12.3X48-D105; 14.1X53 versions prior to 14.1X53-D54; 15.1 versions prior to 15.1R7-S7; 15.1X49 versions prior to 15.1X49-D211, 15.1X49-D220; 16.1 versions prior to 16.1R7-S8; 17.2 versions prior to 17.2R3-S4; 17.3 versions prior to 17.3R3-S8; 17.4 versions prior to 17.4R2-S11, 17.4R3-S2; 18.1 versions prior to 18.1R3-S10; 18.2 versions prior to 18.2R2-S7, 18.2R3-S4; 18.3 versions prior to 18.3R2-S4, 18.3R3-S2; 18.4 versions prior to 18.4R1-S7, 18.4R3-S2 ; 18.4 version 18.4R2 and later versions; 19.1 versions prior to 19.1R1-S5, 19.1R3-S1; 19.1 version 19.1R2 and later versions; 19.2 versions prior to 19.2R2; 19.3 versions prior to 19.3R2-S3, 19.3R3; 19.4 versions prior to 19.4R1-S2, 19.4R2; 20.1 versions prior to 20.1R1-S1, 20.1R2. Juniper Networks Junos OS Exists in a past traversal vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Juniper Networks Junos OS is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company's hardware equipment. The operating system provides a secure programming interface and Junos SDK. The following products and versions are affected: Junos OS Release 12.3, Release 12.3X48, Release 14.1X53, Release 15.1, Release 15.1X49, Release 17.2, Release 17.3, Release 17.4, Release 18.1, Release 18.2, Release 18.3, Release 18.4, Release 19.1 , Version 19.2, Version 19.3, Version 19.4, Version 20.1
VAR-202004-1329 CVE-2017-18857 Android and iOS for NETGEAR Insight Vulnerability in requesting weak passwords in applications CVSS V2: 7.5
CVSS V3: 9.8
Severity: CRITICAL
The NETGEAR Insight application before 2.42 for Android and iOS is affected by password mismanagement. (DoS) It may be put into a state. NETGEAR Insight is a cloud-based management platform from NETGEAR. The platform supports setup and configuration of NETGEAR Insight managed access points, switches and ReadyNAS devices, among others. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements
VAR-202004-0061 CVE-2020-10663 Debian Security Advisory 4721-1 CVSS V2: 5.0
CVSS V3: 7.5
Severity: HIGH
The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent. An attacker could exploit this vulnerability to forcibly create arbitrary objects on the target system. When parsing certain JSON documents, the json gem can be coerced into creating arbitrary objects in the target system. CVE-2020-10933 Samuel Williams reported a flaw in the socket library which may lead to exposure of possibly sensitive data from the interpreter. For the stable distribution (buster), these problems have been fixed in version 2.5.5-3+deb10u2. We recommend that you upgrade your ruby2.5 packages. For the detailed security status of ruby2.5 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/ruby2.5 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl8F5jVfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0RT1Q/9EmtF3l9EwsTqV0RaU0CvycnypEEHk0vahqwtDKe5m1j13RlbhU5PfeNm n8E4pzw30+zROL8vxrCBQbAkBLACJOD9GwnA1G5mUnga1m49+5TyHEfPTFDsZHZ7 XqWuIJiQpOaPAi9xlywyqxji8OHPND2NNtCF1xk3Mpfk/7Y5JNJjFPnQnprfB4Hf c8AMjgmjV4ElJ60ALpXQzP7snVs4S+LA+Qb2O7V05u8zW0ytiEGTJNKrdG/+Rkrm XKUrEwPJLOU9DlR1JDXD491tOSYGiQdS/vWNQsyGKArpdDbhAUOybWZinD6ZG0KR L7atC327+eNDhpIKcmS4jMRnoQwjmlgPK6m0YwF4mKmyL4lWKwqCddDnIfr7jRSq bW3esnLJatEJiUbcSLpuBn0qO5f6HYb1iRhXJDQlPsuySIjObkn+rim9Bvo0NOQZ SZx74Rv1KX/kYpU4KcZyoygRuuWzl3pPYRj5BYJOViDGIcSKay4w7oypLjSWg7b3 BQfKQ7MbIVIXLk27fS/mOKpG0uXM5cer7LGnZSovl+KQmgp4gBdtCpuzat7Jz3YI tJDwDSjfhUQu8Uew+6bnvDUJ+zFEp/fEly2ueZFSYkkPmWPMcaI3OIk/Q2dLt5ZX gC+Vad6gT/C2UBYZCxxcBTHOcAlImTQ/JPCQMOGrvZM6t7QouuA= =rTdk -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: rh-ruby25-ruby security, bug fix, and enhancement update Advisory ID: RHSA-2021:2104-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2021:2104 Issue date: 2021-05-25 CVE Names: CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 CVE-2020-10663 CVE-2020-10933 CVE-2020-25613 CVE-2021-28965 ===================================================================== 1. Summary: An update for rh-ruby25-ruby is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7) - noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 3. Description: Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby25-ruby (2.5.9). (BZ#1952998) Security Fix(es): * ruby: NUL injection vulnerability of File.fnmatch and File.fnmatch? (CVE-2019-15845) * ruby: Regular expression denial of service vulnerability of WEBrick's Digest authentication (CVE-2019-16201) * ruby: Code injection via command argument of Shell#test / Shell#[] (CVE-2019-16255) * rubygem-json: Unsafe object creation vulnerability in JSON (CVE-2020-10663) * ruby: BasicSocket#read_nonblock method leads to information disclosure (CVE-2020-10933) * ruby: Potential HTTP request smuggling in WEBrick (CVE-2020-25613) * ruby: XML round-trip vulnerability in REXML (CVE-2021-28965) * ruby: HTTP response splitting in WEBrick (CVE-2019-16254) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * rh-ruby25-ruby: Resolv::DNS: timeouts if multiple IPv6 name servers are given and address contains leading zero [rhscl-3] (BZ#1953001) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-ruby25-ruby-2.5.9-9.el7.src.rpm noarch: rh-ruby25-ruby-doc-2.5.9-9.el7.noarch.rpm rh-ruby25-ruby-irb-2.5.9-9.el7.noarch.rpm rh-ruby25-rubygem-did_you_mean-1.2.0-9.el7.noarch.rpm rh-ruby25-rubygem-minitest-5.10.3-9.el7.noarch.rpm rh-ruby25-rubygem-net-telnet-0.1.1-9.el7.noarch.rpm rh-ruby25-rubygem-power_assert-1.1.1-9.el7.noarch.rpm rh-ruby25-rubygem-rake-12.3.3-9.el7.noarch.rpm rh-ruby25-rubygem-rdoc-6.0.1.1-9.el7.noarch.rpm rh-ruby25-rubygem-test-unit-3.2.7-9.el7.noarch.rpm rh-ruby25-rubygem-xmlrpc-0.3.0-9.el7.noarch.rpm rh-ruby25-rubygems-2.7.6.3-9.el7.noarch.rpm rh-ruby25-rubygems-devel-2.7.6.3-9.el7.noarch.rpm ppc64le: rh-ruby25-ruby-2.5.9-9.el7.ppc64le.rpm rh-ruby25-ruby-debuginfo-2.5.9-9.el7.ppc64le.rpm rh-ruby25-ruby-devel-2.5.9-9.el7.ppc64le.rpm rh-ruby25-ruby-libs-2.5.9-9.el7.ppc64le.rpm rh-ruby25-rubygem-bigdecimal-1.3.4-9.el7.ppc64le.rpm rh-ruby25-rubygem-io-console-0.4.6-9.el7.ppc64le.rpm rh-ruby25-rubygem-json-2.1.0-9.el7.ppc64le.rpm rh-ruby25-rubygem-openssl-2.1.2-9.el7.ppc64le.rpm rh-ruby25-rubygem-psych-3.0.2-9.el7.ppc64le.rpm s390x: rh-ruby25-ruby-2.5.9-9.el7.s390x.rpm rh-ruby25-ruby-debuginfo-2.5.9-9.el7.s390x.rpm rh-ruby25-ruby-devel-2.5.9-9.el7.s390x.rpm rh-ruby25-ruby-libs-2.5.9-9.el7.s390x.rpm rh-ruby25-rubygem-bigdecimal-1.3.4-9.el7.s390x.rpm rh-ruby25-rubygem-io-console-0.4.6-9.el7.s390x.rpm rh-ruby25-rubygem-json-2.1.0-9.el7.s390x.rpm rh-ruby25-rubygem-openssl-2.1.2-9.el7.s390x.rpm rh-ruby25-rubygem-psych-3.0.2-9.el7.s390x.rpm x86_64: rh-ruby25-ruby-2.5.9-9.el7.x86_64.rpm rh-ruby25-ruby-debuginfo-2.5.9-9.el7.x86_64.rpm rh-ruby25-ruby-devel-2.5.9-9.el7.x86_64.rpm rh-ruby25-ruby-libs-2.5.9-9.el7.x86_64.rpm rh-ruby25-rubygem-bigdecimal-1.3.4-9.el7.x86_64.rpm rh-ruby25-rubygem-io-console-0.4.6-9.el7.x86_64.rpm rh-ruby25-rubygem-json-2.1.0-9.el7.x86_64.rpm rh-ruby25-rubygem-openssl-2.1.2-9.el7.x86_64.rpm rh-ruby25-rubygem-psych-3.0.2-9.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6): Source: rh-ruby25-ruby-2.5.9-9.el7.src.rpm noarch: rh-ruby25-ruby-doc-2.5.9-9.el7.noarch.rpm rh-ruby25-ruby-irb-2.5.9-9.el7.noarch.rpm rh-ruby25-rubygem-did_you_mean-1.2.0-9.el7.noarch.rpm rh-ruby25-rubygem-minitest-5.10.3-9.el7.noarch.rpm rh-ruby25-rubygem-net-telnet-0.1.1-9.el7.noarch.rpm rh-ruby25-rubygem-power_assert-1.1.1-9.el7.noarch.rpm rh-ruby25-rubygem-rake-12.3.3-9.el7.noarch.rpm rh-ruby25-rubygem-rdoc-6.0.1.1-9.el7.noarch.rpm rh-ruby25-rubygem-test-unit-3.2.7-9.el7.noarch.rpm rh-ruby25-rubygem-xmlrpc-0.3.0-9.el7.noarch.rpm rh-ruby25-rubygems-2.7.6.3-9.el7.noarch.rpm rh-ruby25-rubygems-devel-2.7.6.3-9.el7.noarch.rpm ppc64le: rh-ruby25-ruby-2.5.9-9.el7.ppc64le.rpm rh-ruby25-ruby-debuginfo-2.5.9-9.el7.ppc64le.rpm rh-ruby25-ruby-devel-2.5.9-9.el7.ppc64le.rpm rh-ruby25-ruby-libs-2.5.9-9.el7.ppc64le.rpm rh-ruby25-rubygem-bigdecimal-1.3.4-9.el7.ppc64le.rpm rh-ruby25-rubygem-io-console-0.4.6-9.el7.ppc64le.rpm rh-ruby25-rubygem-json-2.1.0-9.el7.ppc64le.rpm rh-ruby25-rubygem-openssl-2.1.2-9.el7.ppc64le.rpm rh-ruby25-rubygem-psych-3.0.2-9.el7.ppc64le.rpm s390x: rh-ruby25-ruby-2.5.9-9.el7.s390x.rpm rh-ruby25-ruby-debuginfo-2.5.9-9.el7.s390x.rpm rh-ruby25-ruby-devel-2.5.9-9.el7.s390x.rpm rh-ruby25-ruby-libs-2.5.9-9.el7.s390x.rpm rh-ruby25-rubygem-bigdecimal-1.3.4-9.el7.s390x.rpm rh-ruby25-rubygem-io-console-0.4.6-9.el7.s390x.rpm rh-ruby25-rubygem-json-2.1.0-9.el7.s390x.rpm rh-ruby25-rubygem-openssl-2.1.2-9.el7.s390x.rpm rh-ruby25-rubygem-psych-3.0.2-9.el7.s390x.rpm x86_64: rh-ruby25-ruby-2.5.9-9.el7.x86_64.rpm rh-ruby25-ruby-debuginfo-2.5.9-9.el7.x86_64.rpm rh-ruby25-ruby-devel-2.5.9-9.el7.x86_64.rpm rh-ruby25-ruby-libs-2.5.9-9.el7.x86_64.rpm rh-ruby25-rubygem-bigdecimal-1.3.4-9.el7.x86_64.rpm rh-ruby25-rubygem-io-console-0.4.6-9.el7.x86_64.rpm rh-ruby25-rubygem-json-2.1.0-9.el7.x86_64.rpm rh-ruby25-rubygem-openssl-2.1.2-9.el7.x86_64.rpm rh-ruby25-rubygem-psych-3.0.2-9.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.7): Source: rh-ruby25-ruby-2.5.9-9.el7.src.rpm noarch: rh-ruby25-ruby-doc-2.5.9-9.el7.noarch.rpm rh-ruby25-ruby-irb-2.5.9-9.el7.noarch.rpm rh-ruby25-rubygem-did_you_mean-1.2.0-9.el7.noarch.rpm rh-ruby25-rubygem-minitest-5.10.3-9.el7.noarch.rpm rh-ruby25-rubygem-net-telnet-0.1.1-9.el7.noarch.rpm rh-ruby25-rubygem-power_assert-1.1.1-9.el7.noarch.rpm rh-ruby25-rubygem-rake-12.3.3-9.el7.noarch.rpm rh-ruby25-rubygem-rdoc-6.0.1.1-9.el7.noarch.rpm rh-ruby25-rubygem-test-unit-3.2.7-9.el7.noarch.rpm rh-ruby25-rubygem-xmlrpc-0.3.0-9.el7.noarch.rpm rh-ruby25-rubygems-2.7.6.3-9.el7.noarch.rpm rh-ruby25-rubygems-devel-2.7.6.3-9.el7.noarch.rpm ppc64le: rh-ruby25-ruby-2.5.9-9.el7.ppc64le.rpm rh-ruby25-ruby-debuginfo-2.5.9-9.el7.ppc64le.rpm rh-ruby25-ruby-devel-2.5.9-9.el7.ppc64le.rpm rh-ruby25-ruby-libs-2.5.9-9.el7.ppc64le.rpm rh-ruby25-rubygem-bigdecimal-1.3.4-9.el7.ppc64le.rpm rh-ruby25-rubygem-io-console-0.4.6-9.el7.ppc64le.rpm rh-ruby25-rubygem-json-2.1.0-9.el7.ppc64le.rpm rh-ruby25-rubygem-openssl-2.1.2-9.el7.ppc64le.rpm rh-ruby25-rubygem-psych-3.0.2-9.el7.ppc64le.rpm s390x: rh-ruby25-ruby-2.5.9-9.el7.s390x.rpm rh-ruby25-ruby-debuginfo-2.5.9-9.el7.s390x.rpm rh-ruby25-ruby-devel-2.5.9-9.el7.s390x.rpm rh-ruby25-ruby-libs-2.5.9-9.el7.s390x.rpm rh-ruby25-rubygem-bigdecimal-1.3.4-9.el7.s390x.rpm rh-ruby25-rubygem-io-console-0.4.6-9.el7.s390x.rpm rh-ruby25-rubygem-json-2.1.0-9.el7.s390x.rpm rh-ruby25-rubygem-openssl-2.1.2-9.el7.s390x.rpm rh-ruby25-rubygem-psych-3.0.2-9.el7.s390x.rpm x86_64: rh-ruby25-ruby-2.5.9-9.el7.x86_64.rpm rh-ruby25-ruby-debuginfo-2.5.9-9.el7.x86_64.rpm rh-ruby25-ruby-devel-2.5.9-9.el7.x86_64.rpm rh-ruby25-ruby-libs-2.5.9-9.el7.x86_64.rpm rh-ruby25-rubygem-bigdecimal-1.3.4-9.el7.x86_64.rpm rh-ruby25-rubygem-io-console-0.4.6-9.el7.x86_64.rpm rh-ruby25-rubygem-json-2.1.0-9.el7.x86_64.rpm rh-ruby25-rubygem-openssl-2.1.2-9.el7.x86_64.rpm rh-ruby25-rubygem-psych-3.0.2-9.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-ruby25-ruby-2.5.9-9.el7.src.rpm noarch: rh-ruby25-ruby-doc-2.5.9-9.el7.noarch.rpm rh-ruby25-ruby-irb-2.5.9-9.el7.noarch.rpm rh-ruby25-rubygem-did_you_mean-1.2.0-9.el7.noarch.rpm rh-ruby25-rubygem-minitest-5.10.3-9.el7.noarch.rpm rh-ruby25-rubygem-net-telnet-0.1.1-9.el7.noarch.rpm rh-ruby25-rubygem-power_assert-1.1.1-9.el7.noarch.rpm rh-ruby25-rubygem-rake-12.3.3-9.el7.noarch.rpm rh-ruby25-rubygem-rdoc-6.0.1.1-9.el7.noarch.rpm rh-ruby25-rubygem-test-unit-3.2.7-9.el7.noarch.rpm rh-ruby25-rubygem-xmlrpc-0.3.0-9.el7.noarch.rpm rh-ruby25-rubygems-2.7.6.3-9.el7.noarch.rpm rh-ruby25-rubygems-devel-2.7.6.3-9.el7.noarch.rpm x86_64: rh-ruby25-ruby-2.5.9-9.el7.x86_64.rpm rh-ruby25-ruby-debuginfo-2.5.9-9.el7.x86_64.rpm rh-ruby25-ruby-devel-2.5.9-9.el7.x86_64.rpm rh-ruby25-ruby-libs-2.5.9-9.el7.x86_64.rpm rh-ruby25-rubygem-bigdecimal-1.3.4-9.el7.x86_64.rpm rh-ruby25-rubygem-io-console-0.4.6-9.el7.x86_64.rpm rh-ruby25-rubygem-json-2.1.0-9.el7.x86_64.rpm rh-ruby25-rubygem-openssl-2.1.2-9.el7.x86_64.rpm rh-ruby25-rubygem-psych-3.0.2-9.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-15845 https://access.redhat.com/security/cve/CVE-2019-16201 https://access.redhat.com/security/cve/CVE-2019-16254 https://access.redhat.com/security/cve/CVE-2019-16255 https://access.redhat.com/security/cve/CVE-2020-10663 https://access.redhat.com/security/cve/CVE-2020-10933 https://access.redhat.com/security/cve/CVE-2020-25613 https://access.redhat.com/security/cve/CVE-2021-28965 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYKz4Z9zjgjWX9erEAQiSGhAAolhk0URp2zYTGrVhSmNdAVBtSoAd6btc ddv/r5SiXmDuIVM9yUYeLkG62c0cLJOEKENN5ejBg0okwi4sEyd0qOQOEEGB0hSb qGtsePb5k8qDrS8jadaYBldgEhzE9wOKpZHet5+P+NPVTlLmbwNs7feeP5pTjoiv tacVQgkEsyNyQk1EtOm7IZpdoYwc2oQcA490c3ydG+LKBC/Sw6y3UeugEc1uhQl4 Da0VzGlK3wBd33hT5Sr/8hYZsjUUGKTUmmyuWomN3oJJzxCO3JEj0MY1P9O5ADmN 3KQ8jOe4eYW9XK51JqUoKuSLViTNiZLYUiNJmG7jEh1/aRcbPSm4wns467vb9xzC zaAhS4vXnLSTJw7sUrAqudN+pvmH9qcHJ3/RtSaYOQNU01uyy6r2XTSXcOXKmkYa qBv3WmxnPgRR9H2jczj9Qvnqt7TjhiTE1sceAPDEmUY00TFC4hmcons3vleqxI1s nJi5oKmns3+POTiurLDkoiK5wVY2Uexos8D5sA7PsKIuve3UNeOOzm6OVRp60eqF MusHiyR0SG+C2cICx1zog5Z2k1FSI0s/yGprY61qxZAsA+znaJeAFCjlDJPoeoTK lfBP2x/L7KD40pq2LmuE8Y3oEHeF4D5K5yCXJIFxKHrCUFafD++U8GzXd2vjWTxu VVreNcSVN/E= =m8n+ -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Bug Fix(es): * [GUI] Colocation constraint can't be added (BZ#1840157) 4. 8) - ppc64le, s390x, x86_64 3. Description: The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Bug Fix(es): * pcs status on remotes is not working on rhel8.2 any longer (BZ#1832914) * pcs cluster stop --all throws errors and doesn't seem to honor the request-timeout option (BZ#1838084) * [GUI] Colocation constraint can't be added (BZ#1840158) 4. Bugs fixed (https://bugzilla.redhat.com/): 1827500 - CVE-2020-10663 rubygem-json: Unsafe Object Creation Vulnerability in JSON 1832914 - pcs status on remotes is not working on rhel8.2 any longer [rhel-8.2.0.z] 1838084 - pcs cluster stop --all throws errors and doesn't seem to honor the request-timeout option [rhel-8.2.0.z] 1840158 - [GUI] Colocation constraint can't be added [rhel-8.2.0.z] 6
VAR-202004-2273 No CVE Unauthorized access vulnerability exists in JD.com's smart service platform CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
Jingdong Xiaojingyu Intelligent Service Platform is a platform for the intelligent industry, empowering smart hardware, smart home, smart car and other fields, providing a "technology + service + channel" one-stop intelligent solution. An unauthorized access vulnerability exists in the Jingdong Xiaojingyu Intelligent Service Platform, which can be used by attackers to obtain sensitive information.
VAR-202004-2270 No CVE Kodak video surveillance equipment has unauthorized access vulnerability CVSS V2: 5.0
CVSS V3: -
Severity: MEDIUM
Suzhou Keda Technology Co., Ltd. (hereinafter referred to as Keda) is a provider of videoconferencing and security products and solutions. It is committed to helping various government and corporate customers with visual communication and video solutions through video conferencing, video surveillance, and rich video application solutions. Management problems. Unauthorized access vulnerability exists in Kodak video surveillance equipment. The attacker can use the SDK programming communication port to obtain the system username and password by sending fixed special protocol packets.
VAR-202004-2256 No CVE Alibaba Intelligent IoT platform has unauthorized access vulnerability CVSS V2: 6.4
CVSS V3: -
Severity: MEDIUM
Alibaba is a global business-to-business (B2B) e-commerce company. It is currently the world's largest online trading market and business communication community. An unauthorized access vulnerability exists in the Alibaba Intelligent Internet of Things platform, which can be exploited by attackers to obtain sensitive website information.
VAR-202004-2255 No CVE There is a SQL injection vulnerability in the or***.php file of Jinwei Mobile Store CVSS V2: 4.9
CVSS V3: -
Severity: MEDIUM
The Jinwei mobile shopping mall system is suitable for Wechat customers with a public account. It imitates the layout of the page and supports embedded video playback. Support custom model specifications, main specifications support accompanying pictures, each subdivision model supports inventory control, subdivision models can set different prices. There is a SQL injection vulnerability in the or***.php file of the Jinwei mobile shopping mall system. Attackers can use vulnerabilities to obtain sensitive database information.
VAR-202004-1529 CVE-2018-21093 plural NETGEAR Out-of-bounds write vulnerabilities in devices CVSS V2: 5.8
CVSS V3: 8.8
Severity: HIGH
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D8500 before 1.0.3.42, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300-2CXNAS before 1.0.3.60, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R7000P before 1.3.1.44, R6900P before 1.3.1.44, R7100LG before 1.0.0.46, R7300 before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.18, R8000P before 1.3.0.10, R7900P before 1.3.0.10, R8500 before 1.0.2.122, R8300 before 1.0.2.122, RBW30 before 2.1.2.6, WN2500RPv2 before 1.0.0.54, and WNR3500Lv2 before 1.2.0.56. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D8500, etc. are all products of NETGEAR. NETGEAR D8500 is a wireless modem. WNR3500L is a wireless router. NETGEAR EX3700 is a wireless network signal extender. The vulnerability stems from the fact that the network system or product performs an operation on the memory, and the data boundary is not correctly verified, resulting in an incorrect read and write operation to other associated memory locations. This affects D8500 prior to 1.0.3.42, EX3700 prior to 1.0.0.70, EX3800 prior to 1.0.0.70, EX6000 prior to 1.0.0.30, EX6100 prior to 1.0.2.24, EX6120 prior to 1.0.0.40, EX6130 prior to 1.0.0.22, EX6150 prior to 1.0.0.42, EX6200 prior to 1.0.3.88, EX7000 prior to 1.0.0.66, R6250 prior to 1.0.4.26, R6300-2CXNAS prior to 1.0.3.60, R6300v2 prior to 1.0.4.28, R6400 prior to 1.0.1.36, R6400v2 prior to 1.0.2.52, R6700 prior to 1.0.1.46, R6900 prior to 1.0.1.46, R7000 prior to 1.0.9.28, R7000P prior to 1.3.1.44, R6900P prior to 1.3.1.44, R7100LG prior to 1.0.0.46, R7300 prior to 1.0.0.68, R7900 prior to 1.0.2.10, R8000 prior to 1.0.4.18, R8000P prior to 1.3.0.10, R7900P prior to 1.3.0.10, R8500 prior to 1.0.2.122, R8300 prior to 1.0.2.122, RBW30 prior to 2.1.2.6, WN2500RPv2 prior to 1.0.0.54, and WNR3500Lv2 prior to 1.2.0.56
VAR-202004-1639 CVE-2018-21152 plural NETGEAR On the device OS Command injection vulnerabilities CVSS V2: 5.2
CVSS V3: 6.8
Severity: MEDIUM
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7800 before 1.0.1.34, R7500v2 before 1.0.3.26, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WNDR4300v2 before 1.0.0.54, and WNDR4500v3 before 1.0.0.54. plural NETGEAR On the device OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR D7800, etc. are all products of NETGEAR. NETGEAR D7800 is a wireless modem. NETGEAR R7500 is a wireless router. NETGEAR WNDR4300 is a wireless router. The vulnerability stems from the process of constructing operating system executable commands from external input data. The network system or product does not properly filter the special characters and commands. The attacker can use this vulnerability to execute Illegal operating system command. This affects D7800 prior to 1.0.1.34, R7500v2 prior to 1.0.3.26, R7800 prior to 1.0.2.42, R8900 prior to 1.0.3.10, R9000 prior to 1.0.3.10, WNDR4300v2 prior to 1.0.0.54, and WNDR4500v3 prior to 1.0.0.54
VAR-202004-1533 CVE-2018-21097 plural NETGEAR Out-of-bounds write vulnerabilities in devices CVSS V2: 7.5
CVSS V3: 9.8
Severity: CRITICAL
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects WAC505 before 5.0.5.4, WAC510 before 5.0.5.4, WAC120 before 2.1.7, WN604 before 3.3.10, WNAP320 before 3.7.11.4, WNAP210v2 before 3.7.11.4, WNDAP350 before 3.7.11.4, WNDAP360 before 3.7.11.4, WNDAP660 before 3.7.11.4, WNDAP620 before 2.1.7, and WND930 before 2.1.5. plural NETGEAR The device is vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR WAC505, etc. are all wireless access points (AP) of NETGEAR. There are buffer overflow vulnerabilities in many NETGEAR products, and remote attackers can use this vulnerability to execute arbitrary code by sending specially crafted requests. This affects WAC505 prior to 5.0.5.4, WAC510 prior to 5.0.5.4, WAC120 prior to 2.1.7, WN604 prior to 3.3.10, WNAP320 prior to 3.7.11.4, WNAP210v2 prior to 3.7.11.4, WNDAP350 prior to 3.7.11.4, WNDAP360 prior to 3.7.11.4, WNDAP660 prior to 3.7.11.4, WNDAP620 prior to 2.1.7, and WND930 prior to 2.1.5
VAR-202004-1535 CVE-2018-21099 NETGEAR R7800 On the device OS Command injection vulnerabilities CVSS V2: 5.2
CVSS V3: 8.0
Severity: HIGH
NETGEAR R7800 devices before 1.0.2.60 are affected by command injection by an authenticated user. NETGEAR R7800 On the device OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. NETGEAR R7800 is a router of NETGEAR