rpm package
suse/spark&distro=SUSE OpenStack Cloud 9
pkg:rpm/suse/spark&distro=SUSE%20OpenStack%20Cloud%209
Vulnerabilities (13)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-3100 | Med | 5.9 | < 2.2.3-5.12.1 | 2.2.3-5.12.1 | Jan 18, 2023 | A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API. | |
| CVE-2022-33891 | Hig | 8.8 | KEV | < 2.2.3-5.12.1 | 2.2.3-5.12.1 | Jul 18, 2022 | The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a code path in HttpSecurityFilter can |
| CVE-2022-23307 | Hig | 8.8 | < 2.2.3-5.9.2 | 2.2.3-5.9.2 | Jan 18, 2022 | CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists. | |
| CVE-2022-23305 | Cri | 9.8 | < 2.2.3-5.9.2 | 2.2.3-5.9.2 | Jan 18, 2022 | By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering | |
| CVE-2022-23302 | Hig | 8.8 | < 2.2.3-5.9.2 | 2.2.3-5.9.2 | Jan 18, 2022 | JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBi | |
| CVE-2021-4104 | Hig | 7.5 | < 2.2.3-5.6.1 | 2.2.3-5.6.1 | Dec 14, 2021 | JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests t | |
| CVE-2019-20933 | Cri | 9.8 | < 2.2.3-5.3.3 | 2.2.3-5.3.3 | Nov 19, 2020 | InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret). | |
| CVE-2020-24303 | Med | 6.1 | < 2.2.3-5.3.3 | 2.2.3-5.3.3 | Oct 28, 2020 | Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource. | |
| CVE-2020-26137 | Med | 6.5 | < 2.2.3-5.3.3 | 2.2.3-5.3.3 | Sep 30, 2020 | urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: this is similar to CVE-2020-26116. | |
| CVE-2020-5390 | Hig | 7.5 | < 2.2.3-5.3.3 | 2.2.3-5.3.3 | Jan 13, 2020 | PySAML2 before 5.0.0 does not check that the signature in a SAML document is enveloped and thus signature wrapping is effective, i.e., it is affected by XML Signature Wrapping (XSW). The signature information and the node/object that is signed can be in different places and thus | |
| CVE-2016-10745 | Hig | 8.6 | < 2.2.3-5.3.3 | 2.2.3-5.3.3 | Apr 8, 2019 | In Pallets Jinja before 2.8.1, str.format allows a sandbox escape. | |
| CVE-2019-10906 | Hig | 8.6 | < 2.2.3-5.3.3 | 2.2.3-5.3.3 | Apr 7, 2019 | In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape. | |
| CVE-2019-8341 | Cri | 9.8 | < 2.2.3-5.3.3 | 2.2.3-5.3.3 | Feb 15, 2019 | An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as a template object, renders it, and then returns it. The attacker can exploit it with {{INJECTION COMMANDS}} in a URI. NOTE: |
- affected < 2.2.3-5.12.1fixed 2.2.3-5.12.1
A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API.
- affected < 2.2.3-5.12.1fixed 2.2.3-5.12.1
The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a code path in HttpSecurityFilter can
- affected < 2.2.3-5.9.2fixed 2.2.3-5.9.2
CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists.
- affected < 2.2.3-5.9.2fixed 2.2.3-5.9.2
By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering
- affected < 2.2.3-5.9.2fixed 2.2.3-5.9.2
JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBi
- affected < 2.2.3-5.6.1fixed 2.2.3-5.6.1
JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests t
- affected < 2.2.3-5.3.3fixed 2.2.3-5.3.3
InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret).
- affected < 2.2.3-5.3.3fixed 2.2.3-5.3.3
Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.
- affected < 2.2.3-5.3.3fixed 2.2.3-5.3.3
urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: this is similar to CVE-2020-26116.
- affected < 2.2.3-5.3.3fixed 2.2.3-5.3.3
PySAML2 before 5.0.0 does not check that the signature in a SAML document is enveloped and thus signature wrapping is effective, i.e., it is affected by XML Signature Wrapping (XSW). The signature information and the node/object that is signed can be in different places and thus
- affected < 2.2.3-5.3.3fixed 2.2.3-5.3.3
In Pallets Jinja before 2.8.1, str.format allows a sandbox escape.
- affected < 2.2.3-5.3.3fixed 2.2.3-5.3.3
In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape.
- affected < 2.2.3-5.3.3fixed 2.2.3-5.3.3
An issue was discovered in Jinja2 2.10. The from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as a template object, renders it, and then returns it. The attacker can exploit it with {{INJECTION COMMANDS}} in a URI. NOTE: